VIRY.CZ

Pomáháme v boji s počítačovou havěti!
https://forum.viry.cz:443/

Notebook HP6560B systém error

https://forum.viry.cz:443/viewtopic.php?t=158381

Stránka 1 z 1

Notebook HP6560B systém error

Napsal: 24 lis 2021 17:52
od samsungs6edge
Dobrý den mám problém v notebooku zapnout ovládací panely a systém zobrazovala se chyba SystemSettings.exe Systém zjistil přetečení vyrovnávací paměti založené na zásobníku v této aplikaci. Toto přetečení by mohlo umožnit kyberzločinci získat kontrolu nad touto aplikací. Když jsem restartoval notebook a znovu zapnul ovládací panely a systém tak se vždy aplikace ukončí. Můžete mě prosím poradit kde je problém? Děkuji za pomoc

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-11-2021
Ran by Administrator (administrator) on DESKTOP-N5JUU7F (Hewlett-Packard HP ProBook 6560b) (24-11-2021 17:42:09)
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator
Platform: Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.112\GoogleCrashHandler64.exe
(IDT, Inc.) [File not signed] C:\Program Files\IDT\WDM\stacsv64.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel Corporation -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [3944136 2015-07-03] (Synaptics Incorporated -> Synaptics Incorporated)
HKLM\...\Run: [HotKeysCmds] => "C:\Windows\system32\hkcmd.exe" (No File)
HKLM\...\Run: [SysTrayApp] => C:\Program Files\IDT\WDM\sttray64.exe [1664000 2012-10-24] (IDT, Inc.) [File not signed]
HKLM\...\Run: [iTunesHelper] => C:\Program Files\iTunes\iTunesHelper.exe [303928 2018-08-27] (Apple Inc. -> Apple Inc.)
HKLM-x32\...\Run: [ExpressVPNNotificationService] => C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe [377256 2021-11-08] (EXPRSVPN LLC -> ExpressVPN)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-3464758744-2813740192-88780715-500\...\Policies\Explorer: [NoAutoTrayNotify] 1
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\96.0.4664.45\Installer\chrmstp.exe [2021-11-22] (Google LLC -> Google LLC)
IFEO\MusNotification.exe: [Debugger] cmd.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0B08BAD5-37E1-4231-815E-17412E033AD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-15] (Google LLC -> Google LLC)
Task: {1A194A9A-D043-4B77-A2A1-9E129815C40B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {2BDE264B-BFA5-4962-8FDD-8BDEE62F9549} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {479F63BC-65ED-42C0-B859-FC67867F64DD} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {5CDE24F1-7D17-4C7D-AA93-A5547F18C89D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3464758744-2813740192-88780715-1001 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
Task: {9AB7406B-1EB2-4CD3-B449-AB98F935CFD7} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {A984BC07-3B57-46D3-8E19-B62BC39D1330} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-15] (Google LLC -> Google LLC)
Task: {C4B29BF0-4ABD-41D8-A648-EFCF8FB951CB} - System32\Tasks\CCleanerSkipUAC - Administrator => C:\Program Files\CCleaner\CCleaner.exe [29200512 2021-10-19] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {DC1D3C84-93A1-40F7-82D9-0BE9119F54BA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MpCmdRun.exe [901056 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FA7BD1B0-784B-47DE-9C73-57DF747EF36F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-10-19] (Piriform Software Ltd -> Piriform)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Winsock: Catalog5 08 C:\Program Files (x86)\Bonjour\mdnsNSP.dll [122128 2015-08-12] (Apple Inc. -> Apple Inc.)
Winsock: Catalog5-x64 08 C:\Program Files\Bonjour\mdnsNSP.dll [133392 2015-08-12] (Apple Inc. -> Apple Inc.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d77d26c1-d207-4aaf-9b82-47bda4240f74}: [NameServer] 10.161.0.1
Tcpip\..\Interfaces\{df98ced1-52d1-4635-917e-113c40c12098}: [DhcpNameServer] 192.168.0.1
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION

Edge:
=======
Edge Profile: C:\Users\Administrator\AppData\Local\Microsoft\Edge\User Data\Default [2021-11-03]

FireFox:
========
FF DefaultProfile: ubd4zy7r.default
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\ubd4zy7r.default [2021-10-06]
FF ProfilePath: C:\Users\Administrator\AppData\Roaming\Mozilla\Firefox\Profiles\p9adgor2.default-release [2021-11-15]
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\itms.js [2018-08-27]

Chrome:
=======
CHR Profile: C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default [2021-11-24]
CHR DownloadDir: E:\Downloads
CHR Notifications: Default -> hxxps://www.facebook.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Extension: (Prezentace) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-09-15]
CHR Extension: (Dokumenty) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2021-09-15]
CHR Extension: (Disk Google) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-09-15]
CHR Extension: (YouTube) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-09-15]
CHR Extension: (Tabulky) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-09-15]
CHR Extension: (Dokumenty Google offline) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-10-18]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-09-15]
CHR Extension: (Gmail) - C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-09-15]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AESTFilters; C:\Program Files\IDT\WDM\AESTSr64.exe [89600 2009-03-03] (Andrea Electronics Corporation) [File not signed]
S4 Apple Mobile Device Service; C:\Program Files\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe [99104 2021-08-20] (Apple Inc. -> Apple Inc.)
S4 ExpressVPNService; C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe [437160 2021-11-08] (EXPRSVPN LLC -> ExpressVPN)
S3 hpqwmiex; C:\Users\Administrator\AppData\Roaming\Hewlett-Packard\hpqwmiex.exe [794112 2021-09-20] (Hewlett-Packard Company) [File not signed]
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6103464 2021-11-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 ss_conn_service; C:\Program Files\Samsung\USB Drivers\27_ssconn\conn\ss_conn_service.exe [752224 2020-11-26] (Samsung Electronics CO., LTD. -> DEVGURU Co., LTD.)
S4 ss_conn_service2; C:\Program Files\Samsung\USB Drivers\28_ssconn2\conn\ss_conn_service2.exe [919992 2020-11-26] (Samsung Electronics Co., Ltd. -> DEVGURU Co., LTD.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV64.exe [327680 2012-10-24] (IDT, Inc.) [File not signed]
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\NisSrv.exe [2872024 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2110.6-0\MsMpEng.exe [128376 2021-11-02] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AppleKmdfFilter; C:\Windows\System32\drivers\AppleKmdfFilter.sys [20032 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 AppleLowerFilter; C:\Windows\System32\drivers\AppleLowerFilter.sys [35976 2020-10-09] (WDKTestCert build,132303256403278908 -> Apple Inc.)
S3 dg_ssudbus; C:\Windows\system32\DRIVERS\ssudbus2.sys [161288 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
S3 expressvpnsplittunnel; C:\Program Files (x86)\ExpressVPN\splittunnel\expressvpnsplittunnel.sys [45640 2021-11-08] (ExprsVPN LLC -> ExpressVPN)
R3 expressvpntun; C:\Windows\System32\drivers\expressvpn-tun.sys [46896 2021-11-08] (Express VPN International Ltd. -> ExpressVPN)
R3 johci; C:\Windows\System32\drivers\johci.sys [26208 2012-07-16] (JMicron Technology Corp. -> JMicron Technology Corp.)
S3 MagicMouse; C:\Windows\System32\drivers\MagicMouse.sys [3120104 2021-09-17] (Magic Utilities Pty Ltd -> Magic Utilities Pty Ltd)
S3 ssudmdm; C:\Windows\system32\DRIVERS\ssudmdm.sys [168968 2020-12-09] (Samsung Electronics Co., Ltd. -> Samsung Electronics Co., Ltd.)
R3 STHDA; C:\Windows\system32\DRIVERS\stwrt64.sys [543744 2012-10-24] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R3 tapexpressvpn; C:\Windows\System32\drivers\tapexpressvpn.sys [61496 2021-11-08] (ExprsVPN LLC -> The OpenVPN Project)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [48520 2021-11-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [435424 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [86240 2021-11-02] (Microsoft Windows -> Microsoft Corporation)
S3 semav6msr64; \??\C:\Windows\system32\drivers\semav6msr64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-24 17:42 - 2021-11-24 17:42 - 000012858 _____ C:\Users\Administrator\Desktop\FRST.txt
2021-11-24 17:27 - 2021-11-24 17:27 - 000001734 _____ C:\Users\Administrator\Documents\backup.reg
2021-11-24 11:25 - 2021-11-24 11:35 - 000000000 ____D C:\ProgramData\MagicUtilities
2021-11-24 11:25 - 2021-11-24 11:34 - 000000012 _____ C:\ProgramData\qycqrqkn.gha
2021-11-24 11:25 - 2021-11-24 11:34 - 000000012 _____ C:\ProgramData\fnebeqbh.fxh
2021-11-24 11:25 - 2021-11-24 11:31 - 000000012 _____ C:\ProgramData\likpikle.yvo
2021-11-24 11:25 - 2021-11-24 11:31 - 000000012 _____ C:\ProgramData\bpacxjrj.hvq
2021-11-24 11:25 - 2021-11-24 11:25 - 000000016 _____ C:\ProgramData\mntemp
2021-11-24 11:25 - 2021-11-24 11:25 - 000000012 _____ C:\ProgramData\udmjoyld.fho
2021-11-24 11:25 - 2021-11-24 11:25 - 000000012 _____ C:\ProgramData\rupsvhrr.teq
2021-11-24 11:25 - 2021-11-24 11:25 - 000000008 _____ C:\ProgramData\vakrrker.mhy
2021-11-24 11:25 - 2021-11-24 11:25 - 000000008 _____ C:\ProgramData\ulteygua.lrd
2021-11-24 11:25 - 2021-09-17 21:39 - 003120104 _____ (Magic Utilities Pty Ltd) C:\Windows\system32\Drivers\MagicMouse.sys
2021-11-23 14:05 - 2021-11-24 10:27 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-11-22 16:08 - 2021-11-22 16:08 - 000070768 ____H C:\Windows\system32\mlfcache.dat
2021-11-21 10:35 - 2021-11-21 10:37 - 000000000 ____D C:\Users\Administrator\AppData\Local\ExpressVPN
2021-11-21 10:35 - 2021-11-21 10:35 - 000002341 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ExpressVPN.lnk
2021-11-21 10:35 - 2021-11-21 10:35 - 000002171 _____ C:\Users\Public\Desktop\ExpressVPN.lnk
2021-11-21 10:35 - 2021-11-21 10:35 - 000000000 ____D C:\ProgramData\ExpressVPN
2021-11-21 10:35 - 2021-11-21 10:35 - 000000000 ____D C:\Program Files (x86)\ExpressVPN
2021-11-19 13:07 - 2021-11-19 13:07 - 000001833 _____ C:\Users\Public\Desktop\iTunes.lnk
2021-11-19 13:07 - 2021-11-19 13:07 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
2021-11-19 13:07 - 2021-11-19 13:07 - 000000000 ____D C:\Program Files\iTunes
2021-11-19 13:07 - 2021-11-19 13:07 - 000000000 ____D C:\Program Files\iPod
2021-11-16 15:50 - 2021-11-16 15:50 - 000000000 ____D C:\Program Files\Samsung
2021-11-16 15:50 - 2020-12-09 09:06 - 000168968 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudmdm.sys
2021-11-16 15:50 - 2020-12-09 09:06 - 000161288 _____ (Samsung Electronics Co., Ltd.) C:\Windows\system32\Drivers\ssudbus2.sys
2021-11-16 15:49 - 2021-11-16 15:50 - 000000000 ____D C:\ProgramData\Samsung
2021-11-12 17:09 - 2021-11-13 16:05 - 000000000 ____D C:\Program Files (x86)\Rimassoft IPTV m3u editor
2021-11-12 17:09 - 2021-11-12 17:09 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Rimassoft IPTV m3u editor
2021-11-12 13:43 - 2021-11-12 13:43 - 000223744 _____ C:\Windows\SysWOW64\TpmTool.exe
2021-11-12 13:43 - 2021-11-12 13:43 - 000060928 _____ C:\Windows\system32\runexehelper.exe
2021-11-12 13:43 - 2021-11-12 13:43 - 000011363 _____ C:\Windows\system32\DrtmAuthTxt.wim
2021-11-12 13:42 - 2021-11-12 13:42 - 000272384 _____ C:\Windows\system32\TpmTool.exe
2021-11-12 13:34 - 2021-11-12 13:34 - 000000000 ___HD C:\$WinREAgent
2021-11-10 14:04 - 2021-11-10 14:04 - 000031581 _____ C:\Users\Administrator\Downloads\365_EPG_Generator_Py3_Linux_Win_v2.6.0.zip
2021-11-08 05:34 - 2021-11-08 05:34 - 000061496 _____ (The OpenVPN Project) C:\Windows\system32\Drivers\tapexpressvpn.sys
2021-11-08 05:34 - 2021-11-08 05:34 - 000046896 _____ (ExpressVPN) C:\Windows\system32\Drivers\expressvpn-tun.sys
2021-11-05 13:52 - 2021-11-05 13:52 - 000001605 _____ C:\Users\Administrator\Desktop\m3u_Editor.exe.lnk
2021-11-01 11:42 - 2021-11-01 15:25 - 000000000 ____D C:\Users\Administrator\Desktop\Nová složka (3)
2021-11-01 11:34 - 2021-11-01 11:34 - 000000000 ____D C:\Users\Administrator\Desktop\mediaportal-cz-logos-master
2021-10-31 18:12 - 2021-10-31 18:12 - 000031347 _____ C:\Users\Administrator\Downloads\365_EPG_Generator_Py3_Linux_v2.5.0.zip
2021-10-31 18:11 - 2021-10-31 18:11 - 000000000 ____D C:\Users\Administrator\.idlerc
2021-10-31 11:39 - 2021-10-31 11:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\WebGrab+Plus
2021-10-29 15:12 - 2021-10-29 15:12 - 000000000 ____D C:\Program Files\Bonjour
2021-10-29 15:12 - 2021-10-29 15:12 - 000000000 ____D C:\Program Files (x86)\Bonjour
2021-10-29 15:04 - 2021-11-12 09:50 - 000000000 ____D C:\Program Files\Common Files\Apple
2021-10-29 15:04 - 2021-10-29 15:04 - 000002535 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2021-10-29 15:04 - 2021-10-29 15:04 - 000000000 ____D C:\Program Files (x86)\Apple Software Update

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-11-24 17:42 - 2021-10-16 09:37 - 000000000 ____D C:\FRST
2021-11-24 17:42 - 2021-10-16 09:35 - 002311680 _____ (Farbar) C:\Users\Administrator\Desktop\FRST64.exe
2021-11-24 17:41 - 2021-09-20 11:26 - 000000000 ____D C:\Program Files\CCleaner
2021-11-24 17:41 - 2021-09-15 18:05 - 000000000 ____D C:\Program Files (x86)\Google
2021-11-24 17:39 - 2021-09-15 16:41 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-11-24 17:39 - 2021-09-15 16:40 - 000008192 ___SH C:\DumpStack.log.tmp
2021-11-24 17:38 - 2019-12-07 10:03 - 000524288 _____ C:\Windows\system32\config\BBI
2021-11-24 17:34 - 2021-09-15 16:48 - 001693712 _____ C:\Windows\system32\PerfStringBackup.INI
2021-11-24 17:34 - 2019-12-07 15:43 - 000718160 _____ C:\Windows\system32\perfh005.dat
2021-11-24 17:34 - 2019-12-07 15:43 - 000145302 _____ C:\Windows\system32\perfc005.dat
2021-11-24 17:34 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2021-11-24 17:20 - 2021-09-15 17:11 - 000001740 __RSH C:\ProgramData\ntuser.pol
2021-11-24 17:17 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2021-11-24 17:01 - 2021-09-21 16:38 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\vlc
2021-11-24 15:37 - 2021-09-15 16:40 - 000000000 ____D C:\Windows\system32\SleepStudy
2021-11-24 13:12 - 2021-10-06 11:05 - 000000000 ____D C:\Users\Administrator\AppData\LocalLow\Mozilla
2021-11-24 11:25 - 2021-10-15 11:45 - 000000000 ____D C:\Program Files\DIFX
2021-11-24 10:27 - 2021-10-06 11:05 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-11-24 08:05 - 2021-10-06 11:05 - 000001016 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-11-23 15:07 - 2021-09-20 08:52 - 000000000 ____D C:\Users\Administrator\Desktop\Nová složka
2021-11-22 09:48 - 2021-09-15 18:06 - 000002258 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-11-22 09:48 - 2021-09-15 18:06 - 000002217 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-11-21 10:34 - 2021-09-29 06:41 - 000000000 ____D C:\ProgramData\Package Cache
2021-11-15 16:18 - 2021-09-20 11:26 - 000003936 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-11-15 16:18 - 2021-09-20 11:26 - 000002264 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - Administrator
2021-11-15 16:18 - 2021-09-20 11:26 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-11-15 11:34 - 2021-09-29 06:44 - 000000000 ____D C:\Users\Administrator\AppData\Local\Golden Frog, GmbH
2021-11-15 11:34 - 2021-09-29 06:41 - 000000000 ____D C:\Program Files (x86)\VyprVPN
2021-11-12 17:09 - 2021-10-06 13:38 - 000249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2021-11-12 17:09 - 2021-10-06 13:38 - 000073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2021-11-12 13:48 - 2021-09-15 16:40 - 000258096 _____ C:\Windows\system32\FNTCACHE.DAT
2021-11-12 13:48 - 2019-12-07 15:47 - 000000000 ___SD C:\Windows\system32\AppV
2021-11-12 13:48 - 2019-12-07 15:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ___SD C:\Windows\system32\DiagSvcs
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\setup
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\Dism
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\setup
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\Dism
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ShellExperiences
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2021-11-12 13:48 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2021-11-12 13:48 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\servicing
2021-11-12 13:19 - 2021-09-15 18:36 - 000000000 ____D C:\Windows\system32\MRT
2021-11-12 13:18 - 2021-09-15 18:36 - 141529560 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2021-11-12 11:15 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\ServiceState
2021-11-11 17:45 - 2021-09-25 10:41 - 000000000 ____D C:\Users\Administrator\Desktop\Nová složka (2)
2021-11-10 14:05 - 2021-10-06 11:05 - 000000000 ____D C:\ProgramData\Mozilla
2021-11-03 15:05 - 2021-09-24 11:31 - 000003055 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\AltServer.lnk
2021-11-03 15:05 - 2021-09-24 11:31 - 000000000 ____D C:\Program Files (x86)\AltServer
2021-11-03 14:54 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-11-03 12:26 - 2021-10-06 11:05 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2021-11-02 19:16 - 2021-09-15 16:41 - 000000000 ____D C:\Windows\system32\Drivers\wd
2021-10-31 19:34 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-10-31 19:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2021-10-31 18:11 - 2021-09-15 17:58 - 000000000 ____D C:\Users\Administrator
2021-10-29 15:13 - 2021-09-22 13:54 - 000000000 ____D C:\Users\Administrator\AppData\Local\Apple Inc
2021-10-29 15:03 - 2021-09-22 13:52 - 000000000 ____D C:\ProgramData\Apple

==================== Files in the root of some directories ========

2021-09-21 16:54 - 2021-09-21 16:54 - 000007601 _____ () C:\Users\Administrator\AppData\Local\Resmon.ResmonCfg
2021-09-22 16:02 - 2021-09-22 16:04 - 000017408 _____ () C:\Users\Administrator\AppData\Local\WebpageIcons.db

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-11-2021
Ran by Administrator (24-11-2021 17:43:31)
Running from C:\Users\Administrator\Desktop
Microsoft Windows 10 Pro Version 21H1 19043.1348 (X64) (2021-09-15 15:44:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3464758744-2813740192-88780715-500 - Administrator - Enabled) => C:\Users\Administrator
DefaultAccount (S-1-5-21-3464758744-2813740192-88780715-503 - Limited - Disabled)
Guest (S-1-5-21-3464758744-2813740192-88780715-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3464758744-2813740192-88780715-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 3.1.3.26837 - emc, uTorrent.CZ)
AltServer (HKLM-x32\...\{02C6BC9F-DB8B-4D6B-B991-B965D4193107}) (Version: 1.4.7 - Riley Testut)
Apple Mobile Device Support (HKLM\...\{527DD209-8A66-482F-8779-C7B3BACCA8F1}) (Version: 15.0.0.16 - Apple Inc.)
Apple Software Update (HKLM-x32\...\{A3985C05-7386-411F-A4BF-32A73F37EB44}) (Version: 2.6.3.1 - Apple Inc.)
Bonjour (HKLM\...\{56DDDFB8-7F79-4480-89D5-25E1F52AB28F}) (Version: 3.1.0.1 - Apple Inc.)
Broadcom 802.11 Wireless LAN Adapter (HKLM\...\Broadcom 802.11 Wireless LAN Adapter) (Version: 6.30.223.267 - Broadcom Corporation)
CCleaner (HKLM\...\CCleaner) (Version: 5.86 - Piriform)
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.) Hidden
Cisco LEAP Module (HKLM-x32\...\{51C7AD07-C3F6-4635-8E8A-231306D810FE}) (Version: 1.0.19 - Cisco Systems, Inc.) Hidden
Cisco PEAP Module (HKLM-x32\...\{ED5776D5-59B4-46B7-AF81-5F2D94D7C640}) (Version: 1.1.6 - Cisco Systems, Inc.) Hidden
ExpressVPN (HKLM-x32\...\{367236cf-79aa-49c6-9982-8bd5637442ac}) (Version: 10.11.0.13 - ExpressVPN)
ExpressVPN (HKLM-x32\...\{E5B9C3E5-889C-4F22-A959-F4B8767D783E}) (Version: 10.11.0.13 - ExpressVPN) Hidden
FutureRestore GUI (HKLM\...\{C1EDC482-ECA7-3F5B-99AE-E65E4AE140DD}) (Version: 1.91 - CoocooFroggy)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 96.0.4664.45 - Google LLC)
IDT Audio (HKLM-x32\...\{E3A5A8AB-58F6-45FF-AFCB-C9AE18C05001}) (Version: 1.0.6433.0 - IDT)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.1.40.1161 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 19.2 - Intel)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
iTunes (HKLM\...\{51E78C79-92F0-48B2-8A9A-3A5C0A7DD3F2}) (Version: 12.6.5.3 - Apple Inc.)
JMicron 1394 Filter Driver (HKLM-x32\...\{13C96625-28E4-4c58-ADE0-CDAFC64752EB}) (Version: 1.00.25.03 - JMicron Technology Corp.)
JMicron Flash Media Controller Driver (HKLM-x32\...\{26604C7E-A313-4D12-867F-7C6E7820BE4C}) (Version: 1.0.72.4 - JMicron Technology Corp.)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.28.29325 (HKLM-x32\...\{d7a6435f-ac9a-4af6-8fdc-ca130d13fac9}) (Version: 14.28.29325.2 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x64 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 93.0 - Mozilla)
NVIDIA PhysX (HKLM-x32\...\{B9DB4C76-01A4-46D5-8910-F7AA6376DBAF}) (Version: 9.10.0514 - NVIDIA Corporation)
Podpora aplikací Apple (32bitová) (HKLM-x32\...\{6CF0CAEE-54B6-4D84-A055-3AF110F189D3}) (Version: 8.4 - Apple Inc.)
Podpora aplikací Apple (64bitová) (HKLM\...\{8B127943-89E7-4691-A7A4-D05807920A84}) (Version: 8.4 - Apple Inc.)
Rimassoft IPTV m3u editor (HKLM-x32\...\ST6UNST #1) (Version: - )
Samsung USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.7.43.0 - Samsung Electronics Co., Ltd.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 19.0.12.0 - Synaptics Incorporated)
Tenorshare ReiBoot 8.1.0.7 (HKLM-x32\...\{Tenorshare ReiBoot}_is1) (Version: 8.1.0.7 - Tenorshare, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.16 - VideoLAN)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2021-09-19 12:15 - 2012-03-29 21:48 - 000074336 _____ (Andrea Electronics -> Andrea Electronics Corporation) [File not signed] C:\Windows\system32\AESTAR64.dll
2021-09-16 17:22 - 2012-01-19 11:41 - 001892352 _____ (Apache Software Foundation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\xerces-c_2_7.dll
2021-09-16 17:22 - 2012-01-19 11:37 - 000069632 _____ (Intel Corporation) [File not signed] C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\StatusStrings.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2021-11-15 16:11 - 000000856 ____R C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x86;C:\Program Files (x86)\Intel\OpenCL SDK\2.0\bin\x64
HKU\S-1-5-21-3464758744-2813740192-88780715-500\Control Panel\Desktop\\Wallpaper -> C:\494096.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "HotKeysCmds"
HKLM\...\StartupApproved\Run: => "IgfxTray"
HKLM\...\StartupApproved\Run: => "Persistence"
HKLM\...\StartupApproved\Run: => "SysTrayApp"
HKLM\...\StartupApproved\Run: => "iTunesHelper"
HKLM\...\StartupApproved\Run32: => "SecurityHealth"
HKLM\...\StartupApproved\Run32: => "ExpressVPNNotificationService"
HKU\S-1-5-21-3464758744-2813740192-88780715-500\...\StartupApproved\Run: => "DAEMON Tools Lite Automount"
HKU\S-1-5-21-3464758744-2813740192-88780715-500\...\StartupApproved\Run: => "iCloudServices"
HKU\S-1-5-21-3464758744-2813740192-88780715-500\...\StartupApproved\Run: => "Plex Media Server"
HKU\S-1-5-21-3464758744-2813740192-88780715-500\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{E8F2D4F8-1A61-4B78-BBF6-58265E1ECFB2}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{F5B584FC-4368-41CF-BFB5-ACD832DCB23D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{04B0D9A3-3432-49FA-9E9A-5B31B3B7C198}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{9917CF01-F215-444D-A876-09F33176E587}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{A36AAA9F-3AEB-4D6E-945D-B637298121D9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{63AEDFCA-3FDF-462D-8976-C17E87F86021}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{AC99E11D-E9F0-4640-9F96-323578CCE6A9}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{47AF8CCB-EE68-4C82-BF17-4748EE698976}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.167.586.0_x86__zpdnekdrzrea0\Spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{2690FD5C-943C-4C32-B2BD-F23DF5146DCB}] => (Allow) LPort=80
FirewallRules: [TCP Query User{DAB76946-3545-4F04-9345-CEBFF5309574}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [UDP Query User{45B132A5-7168-4A56-B5D7-79AA196DE496}C:\program files (x86)\altserver\altserver.exe] => (Allow) C:\program files (x86)\altserver\altserver.exe (AltStore LLC) [File not signed]
FirewallRules: [{88F54D3A-AB98-4F50-8517-20B15FFC7DD1}] => (Allow) C:\Users\Administrator\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{997F2970-C6F7-4CB7-BD0A-D0FD1D11426F}] => (Allow) C:\Users\Administrator\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{0735416A-847D-443C-A7C5-2A2D8C7FCAA4}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FE5CA622-D1E9-42A8-8A4D-8B1E555052F9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{9A0EC3F4-501F-4155-92B7-ED4E4A171D75}] => (Allow) C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C1B149E3-72F7-40A1-A153-B817CB29DF8B}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C21FD3C7-5754-4BD5-ADDC-B73411E8F89C}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F4E57802-3288-4A2D-94CE-00369AA75A11}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{CEB03756-3C56-4F51-ACBB-DFC2309FD3E0}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{C8CA1309-2455-432F-9BA7-B8B70CB16CC9}] => (Allow) C:\Program Files\iTunes\iTunes.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{6351CB88-7632-4F66-84C3-6DA69882BB7C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:118.63 GB) (Free:75.95 GB) (64%)

==================== Faulty Device Manager Devices ============

Name: Broadcom 2070 Bluetooth
Description: Broadcom 2070 Bluetooth
Class Guid: {e0cbf06c-cd8b-4647-bb8a-263b43f0f974}
Manufacturer: Broadcom
Service: BTHUSB
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (11/24/2021 05:39:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1320, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x19e4
Čas spuštění chybující aplikace: 0x01d7e151db05fd4e
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 0ff39a09-05cc-42a3-abf7-a9137267329e
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (11/24/2021 05:38:01 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1320, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x750
Čas spuštění chybující aplikace: 0x01d7e151a5297018
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 8592e6cd-bee7-4764-b732-c1c142f94510
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (11/24/2021 05:37:00 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1320, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x1444
Čas spuštění chybující aplikace: 0x01d7e1517ee92725
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 925671e7-8680-435f-a089-1a94f92a0c7f
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (11/24/2021 05:36:52 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1320, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0xe30
Čas spuštění chybující aplikace: 0x01d7e1517bac3afc
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: a8b339df-56a2-44bf-81aa-09ab28448a50
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (11/24/2021 05:36:47 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1320, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1348, časové razítko: 0x76fcd692
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000010b302
ID chybujícího procesu: 0x11c0
Čas spuštění chybující aplikace: 0x01d7e15179143cb0
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\Windows\System32\KERNELBASE.dll
ID zprávy: 7629356d-6f11-43b4-a96c-fcfb64daf876
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel

Error: (11/19/2021 03:31:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: usoclient.exe, verze: 10.0.19041.1266, časové razítko: 0x15a970d8
Název chybujícího modulu: ucrtbase.dll, verze: 10.0.19041.789, časové razítko: 0x2bd748bf
Kód výjimky: 0xc0000409
Posun chyby: 0x000000000007286e
ID chybujícího procesu: 0x1c38
Čas spuštění chybující aplikace: 0x01d7dd5216dd4dbe
Cesta k chybující aplikaci: C:\Windows\System32\usoclient.exe
Cesta k chybujícímu modulu: C:\Windows\System32\ucrtbase.dll
ID zprávy: 4898a78b-2d66-4055-b644-cf5473fd90f4
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (11/19/2021 01:42:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Local Hostname DESKTOP-N5JUU7F.local already in use; will try DESKTOP-N5JUU7F-2.local instead

Error: (11/19/2021 01:42:16 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: mDNSCoreReceiveResponse: ProbeCount 2; will deregister 4 DESKTOP-N5JUU7F.local. Addr 192.168.0.106


System errors:
=============
Error: (11/24/2021 10:34:39 AM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-N5JUU7F)
Description: Server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} se v daném časovém limitu neregistroval u služby DCOM.

Error: (11/24/2021 10:29:20 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku G: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.

Error: (11/24/2021 10:29:20 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: G:\Device\HarddiskVolume143

Error: (11/24/2021 10:29:17 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku G: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v offline režimu.

Error: (11/24/2021 10:29:17 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku F: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.

Error: (11/24/2021 10:29:17 AM) (Source: Microsoft-Windows-Ntfs) (EventID: 98) (User: NT AUTHORITY)
Description: F:\Device\HarddiskVolume133

Error: (11/24/2021 10:29:16 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku F: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v offline režimu.

Error: (11/24/2021 10:27:28 AM) (Source: Ntfs) (EventID: 55) (User: NT AUTHORITY)
Description: Ve struktuře systému souborů na svazku H: bylo zjištěno poškození.

Přesná povaha poškození není známa. Je potřeba zkontrolovat a opravit struktury systému souborů v online režimu.


Windows Defender:
================
Date: 2021-11-23 13:12:46
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {66CA9E98-BFDB-470A-AC73-9AD4BC04748D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-19 08:12:54
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {3104572F-15C9-4652-A416-17EC84D2BB3A}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-17 09:10:22
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {0875D9FB-5A73-4BB8-9D6D-AE8D1E84C003}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-17 08:46:58
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {BD5CEA88-2C29-4256-82C7-1B9AAE3E9D58}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2021-11-17 08:34:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C68EC7D5-B732-454A-8004-06A69C6B6E42}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:

Date: 2021-11-07 16:54:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.353.584.0
Předchozí verze bezpečnostních informací: 1.353.580.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18700.4
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2021-11-07 16:54:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací: 1.353.584.0
Předchozí verze bezpečnostních informací: 1.353.580.0
Zdroj aktualizace: Uživatel
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Delta
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu: 1.1.18700.4
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80509004
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.

Date: 2021-11-07 16:54:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.353.580.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18700.4
Kód chyby: 0x80240022
Popis chyby: V daném programu nelze zkontrolovat aktualizace definic.

CodeIntegrity:
===============
Date: 2021-11-24 17:39:38
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Google\Chrome\Application\chrome.exe) attempted to load \Device\HarddiskVolume3\Program Files (x86)\Intel\Media SDK\mfx_mft_h264ve_64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-11-24 17:39:18
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Bonjour\mdnsNSP.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Hewlett-Packard 68SCE Ver. F.67 02/13/2018
Motherboard: Hewlett-Packard 1619
Processor: Intel(R) Core(TM) i5-2410M CPU @ 2.30GHz
Percentage of memory in use: 24%
Total physical RAM: 8122.48 MB
Available physical RAM: 6138.93 MB
Total Virtual: 9402.48 MB
Available Virtual: 7553.36 MB

==================== Drives ================================

Drive c: (WINDOWS SSD) (Fixed) (Total:118.63 GB) (Free:75.95 GB) NTFS
Drive d: (SOFTWARE) (Fixed) (Total:97.66 GB) (Free:97.56 GB) NTFS
Drive e: (DOKUMENTY HDD) (Fixed) (Total:833.84 GB) (Free:596.53 GB) NTFS

\\?\Volume{5529ac2b-5361-43d0-b78b-0ce02d320ae1}\ () (Fixed) (Total:0.5 GB) (Free:0.08 GB) NTFS
\\?\Volume{1da9afa1-9b0e-4376-ace9-209b811ff609}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 119.2 GB) (Disk ID: 00000000)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: 998B3713)

Partition: GPT.

==================== End of Addition.txt =======================

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 17:53
od samsungs6edge
Zde je ještě log z AdwCleaner

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-11-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-24-2021
# Duration: 00:00:07
# OS: Windows 10 Pro
# Scanned: 31995
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1477 octets] - [16/10/2021 10:41:10]
AdwCleaner[S01].txt - [1466 octets] - [17/10/2021 10:27:07]
AdwCleaner[S02].txt - [1527 octets] - [24/11/2021 17:45:05]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S03].txt ##########

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 18:02
od Rudy
Zdravím!
Zkontrolujeme systém na přítomnost malware. Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 18:05
od samsungs6edge
Dobrý den zde je log

# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-11-18.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-24-2021
# Duration: 00:00:08
# OS: Windows 10 Pro
# Scanned: 31994
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1477 octets] - [16/10/2021 10:41:10]
AdwCleaner[S01].txt - [1466 octets] - [17/10/2021 10:27:07]
AdwCleaner[S02].txt - [1527 octets] - [24/11/2021 17:45:05]
AdwCleaner[S03].txt - [1588 octets] - [24/11/2021 17:52:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S04].txt ##########

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 18:58
od Rudy
Toto je OK. Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
IFEO\MusNotification.exe: [Debugger] cmd.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0B08BAD5-37E1-4231-815E-17412E033AD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-15] (Google LLC -> Google LLC)
Task: {A984BC07-3B57-46D3-8E19-B62BC39D1330} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-15] (Google LLC -> Google LLC)
Task: {5CDE24F1-7D17-4C7D-AA93-A5547F18C89D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3464758744-2813740192-88780715-1001 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\ProgramData\qycqrqkn.gha
C:\ProgramData\fnebeqbh.fxh
C:\ProgramData\likpikle.yvo
C:\ProgramData\bpacxjrj.hvq
C:\ProgramData\mntemp
C:\ProgramData\udmjoyld.fho
C:\ProgramData\rupsvhrr.teq
C:\ProgramData\vakrrker.mhy
C:\ProgramData\ulteygua.lrd
C:\DumpStack.log.tmp
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 20:36
od samsungs6edge
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-11-2021
Ran by Administrator (24-11-2021 20:31:15) Run:1
Running from C:\Users\Administrator\Desktop
Loaded Profiles: Administrator
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
IFEO\MusNotification.exe: [Debugger] cmd.exe
GroupPolicy: Restriction ? <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Task: {0B08BAD5-37E1-4231-815E-17412E033AD5} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-15] (Google LLC -> Google LLC)
Task: {A984BC07-3B57-46D3-8E19-B62BC39D1330} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-09-15] (Google LLC -> Google LLC)
Task: {5CDE24F1-7D17-4C7D-AA93-A5547F18C89D} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3464758744-2813740192-88780715-1001 => C:\Users\Administrator\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe (No File)
C:\ProgramData\qycqrqkn.gha
C:\ProgramData\fnebeqbh.fxh
C:\ProgramData\likpikle.yvo
C:\ProgramData\bpacxjrj.hvq
C:\ProgramData\mntemp
C:\ProgramData\udmjoyld.fho
C:\ProgramData\rupsvhrr.teq
C:\ProgramData\vakrrker.mhy
C:\ProgramData\ulteygua.lrd
C:\DumpStack.log.tmp
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Local Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page =
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => could not remove, key could be protected
HKLM\Software\microsoft\windows nt\currentversion\Image File Execution Options\MusNotification.exe => removed successfully
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => moved successfully
C:\Windows\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{0B08BAD5-37E1-4231-815E-17412E033AD5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0B08BAD5-37E1-4231-815E-17412E033AD5}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{A984BC07-3B57-46D3-8E19-B62BC39D1330}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{A984BC07-3B57-46D3-8E19-B62BC39D1330}" => removed successfully
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5CDE24F1-7D17-4C7D-AA93-A5547F18C89D}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5CDE24F1-7D17-4C7D-AA93-A5547F18C89D}" => removed successfully
C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3464758744-2813740192-88780715-1001 => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OneDrive Standalone Update Task-S-1-5-21-3464758744-2813740192-88780715-1001" => removed successfully
C:\ProgramData\qycqrqkn.gha => moved successfully
C:\ProgramData\fnebeqbh.fxh => moved successfully
C:\ProgramData\likpikle.yvo => moved successfully
C:\ProgramData\bpacxjrj.hvq => moved successfully
C:\ProgramData\mntemp => moved successfully
C:\ProgramData\udmjoyld.fho => moved successfully
C:\ProgramData\rupsvhrr.teq => moved successfully
C:\ProgramData\vakrrker.mhy => moved successfully
C:\ProgramData\ulteygua.lrd => moved successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Default_Search_URL"="http://go.microsoft.com/fwlink/?LinkId=54896" => value restored successfully
HKLM\Software\\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\System32\blank.htm" => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\"Local Page"="C:\Windows\SysWOW64\blank.htm" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 243689384 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 1358459 B
Edge => 0 B
Chrome => 789107428 B
Firefox => 95386543 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 340658 B
HP => 97545323 B
Administrator => 135479295 B

RecycleBin => 0 B
EmptyTemp: => 1.3 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-11-2021 20:34:11)

C:\DumpStack.log.tmp => Could not move

Result of scheduled keys to remove after reboot:

HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully

==== End of Fixlog 20:34:11 ====

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 20:52
od Rudy
Smazáno. Nastala nějaká změna?

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 21:04
od samsungs6edge
Když kliknu na ovladaci panely a system tak se aplikace vypne. To stejné se stane i v aolikaci nastavení položka o aplikaci. Asi bude potřeba přeinstalovat Windows.

Re: Notebook HP6560B systém error

Napsal: 24 lis 2021 22:01
od Rudy
Ještě zkuste ibnovu systému k datu, kdy korektně fungoval.

Re: Notebook HP6560B systém error

Napsal: 25 lis 2021 08:56
od samsungs6edge
Bohužel obnovu mám vypnout takže nemohu obnovit. Zkusím ještě vytvořit nového uživatele. Každopádně děkuji za pomoc.

Re: Notebook HP6560B systém error

Napsal: 25 lis 2021 10:27
od Rudy
Možný je ještě návrat systému do tov. nastavení se zachováním vašich souborů.

Re: Notebook HP6560B systém error

Napsal: 25 lis 2021 10:36
od samsungs6edge
Pokud to dám továrního nastavení tak mě zůstanou i nainstalované programy? Nebo budu muset všechny programy instalovat znovu?

Re: Notebook HP6560B systém error

Napsal: 25 lis 2021 14:28
od Rudy
Poze vaše soubory, tj. fotky, videa, audia a jiné dokumenty. Programy v PC zůstanou jen ty, které tam instaloval výrobce. Zbytek musíte opět instalovat.

Re: Notebook HP6560B systém error

Napsal: 25 lis 2021 17:03
od samsungs6edge
Dobře děkuji a můžete tohle téma uzavřít. Děkuji

Re: Notebook HP6560B systém error

Napsal: 25 lis 2021 18:03
od Rudy
Rádo se stalo! :)
Všechny časy jsou v UTC+01:00
Stránka 1 z 1

Založeno na phpBB® Forum Software © phpBB Limited

Český překlad – phpBB.cz