Prosím o kontrolu logu - zpomaleny notebook, aktualizace win 10 hlásí chyby
Napsal: 30 srp 2022 19:59
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 30-08-2022
Ran by PC1 (administrator) on PC (Acer Aspire ES1-512) (30-08-2022 20:46:37)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Microsoft Windows 10 Home Version 2004 19041.508 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Run: [MicrosoftEdgeAutoLaunch_3ED1524B1F1362DAB86361CACD0A8016] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E5967DC-6B89-46A5-8CCE-DB77EA166233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {2B4D6C29-1EBC-4A3C-B37E-846464788DFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30A1BAAF-29FE-4F7A-A761-BC65F74C1EB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {325E65FC-C889-4174-B70A-1BA61E32C33A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {38EBBFC8-74EA-4C3E-8FF8-884708ED8642} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4721EDF4-40C2-4D4F-BDDC-4B84BEEA0473} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53C0C257-7B3C-43E3-91BD-72835627AF7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
Task: {65BF8E0F-95BA-4FF4-8DC7-A1A5DE7A0658} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A2CFE04-EACF-4B3E-97A7-0240555EBACE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (No File)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70F38D9C-851C-4337-A093-9101F931AE67} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
Task: {86BB18D0-8E2A-4B8A-94FB-650491D63458} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {F00C49B7-77D6-426B-A90B-EE919FC52420} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{112a3ec0-ef5e-446f-89a2-54e2798b749d}: [DhcpNameServer] 84.16.120.1 84.16.96.2
Tcpip\..\Interfaces\{f2bfa094-9f8f-4b44-8357-107c4699269f}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-30]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Session Restore: Default -> is enabled.
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2022-08-30]
CHR Notifications: Default -> hxxps://general2news4youtoday.com; hxxps://goldwinawards.com; hxxps://www.dedoles.cz; hxxps://www.multibotanica100.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Vyhledávání Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-27]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-24]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DoSvc; C:\WINDOWS\system32\dosvc.dll [1492480 2020-09-11] (Microsoft Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [566272 2020-09-11] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [3384832 2020-09-11] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-30 20:46 - 2022-08-30 20:49 - 000012600 _____ C:\Users\PC1\Downloads\FRST.txt
2022-08-30 20:45 - 2022-08-30 20:45 - 002371072 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2022-08-29 20:58 - 2022-08-29 20:58 - 012759288 _____ (AVAST Software) C:\Users\PC1\Downloads\avastclear.exe
2022-08-15 09:18 - 2022-08-15 09:18 - 000000000 ___HD C:\$WinREAgent
2022-08-04 23:24 - 2022-08-04 23:24 - 000240066 _____ C:\Users\PC1\Downloads\faktura9220920143.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-30 20:50 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-30 20:48 - 2021-01-22 23:41 - 000000000 ____D C:\FRST
2022-08-30 20:37 - 2016-02-24 20:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-30 20:31 - 2020-09-01 18:14 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 20:31 - 2020-09-01 18:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-30 20:29 - 2020-09-01 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-29 21:13 - 2016-01-28 06:13 - 000000000 ____D C:\Users\PC1\AppData\Local\CrashDumps
2022-08-29 21:10 - 2020-09-01 18:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-29 21:10 - 2020-09-01 17:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-29 21:10 - 2018-04-05 17:15 - 000000000 ____D C:\Users\PC1\AppData\Local\AVAST Software
2022-08-29 21:10 - 2016-02-24 20:28 - 000000000 ____D C:\ProgramData\AVAST Software
2022-08-29 21:10 - 2016-01-28 06:07 - 000000000 __SHD C:\Users\PC1\IntelGraphicsProfiles
2022-08-29 21:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-29 21:03 - 2020-09-01 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-08-29 20:42 - 2020-09-01 17:55 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-29 20:42 - 2019-12-07 16:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-29 20:42 - 2019-12-07 16:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-29 20:42 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-28 11:41 - 2020-06-06 21:47 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-28 11:41 - 2020-06-06 21:47 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-28 11:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-28 11:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-28 11:40 - 2022-06-02 11:39 - 000002379 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-28 11:40 - 2021-12-12 21:04 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3621340843-3382866814-1888067393-1001
2022-08-28 11:40 - 2020-09-01 18:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3621340843-3382866814-1888067393-1001
2022-08-28 10:36 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-24 07:01 - 2016-02-24 20:36 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-24 07:01 - 2016-02-24 20:36 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-18 12:37 - 2020-09-01 18:14 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-18 12:37 - 2020-09-01 18:14 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-15 13:56 - 2020-09-01 17:37 - 000000000 ____D C:\Users\PC1
2022-08-07 11:48 - 2020-09-01 18:14 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-08-07 11:48 - 2020-09-01 18:14 - 000002750 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3621340843-3382866814-1888067393-500
2022-08-07 11:48 - 2020-09-01 18:14 - 000002390 _____ C:\WINDOWS\system32\Tasks\BacKGroundAgent
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by PC1 (30-08-2022 20:52:00)
Running from C:\Users\PC1\Downloads
Microsoft Windows 10 Home Version 2004 19041.508 (X64) (2020-09-01 16:15:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3621340843-3382866814-1888067393-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621340843-3382866814-1888067393-503 - Limited - Disabled)
Guest (S-1-5-21-3621340843-3382866814-1888067393-501 - Limited - Disabled)
PC1 (S-1-5-21-3621340843-3382866814-1888067393-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3621340843-3382866814-1888067393-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CyberLink PowerDirector 10 (HKLM-x32\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.) Hidden
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.102 - Google LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{2D6248C0-4693-4CAB-9922-F05E4015F62A}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{6307E820-0317-4DCE-AAE0-7B6CAD867055}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\OneDriveSetup.exe) (Version: 22.161.0731.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Teams) (Version: 1.4.00.35564 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.44.2.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-25] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Star Wars: Commander -> C:\Program Files\WindowsApps\Disney.StarWarsCommander_4.9.0.3_x86__6rarf9sa4v8jt [2017-05-10] (Disney)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21328.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-09-11 14:42 - 2020-09-11 14:42 - 000566272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\usosvc.dll
2020-09-11 14:43 - 2020-09-11 14:43 - 003384832 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng.dll
2020-09-11 14:17 - 2020-09-05 20:21 - 001711104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_faefa4f37613d18e\gdiplus.dll
2020-09-11 14:17 - 2020-09-05 20:00 - 001449472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94\gdiplus.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2018-07-09 19:20 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2016-03-11 10:38 - 2016-10-02 22:50 - 000000429 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 pc.mshome.net # 2021 3 3 10 8 38 25 315
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\Pictures\2007-04\DSCF4542.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B993B544-30AC-424F-9A75-3614403D2F5C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B0F928F-4367-46C4-8501-FA952ED8E9A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{468C6B7A-C61D-4688-BADA-AD246073885D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE5D1FA6-1F12-4AB9-B120-8C601104D56F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA4DC3C4-CCDE-4E26-87E8-7C01EB39ADF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7DE17A79-9F82-4B8F-B397-3C5383740A5E}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{13ADECF8-4BBF-4C06-9C6F-2FEAD3E1FE9F}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B068B252-AEA2-4D4F-BE37-E16550DE47CE}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3CAB61E2-2E2E-4CC8-AE3D-A8B636C4B332}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19543CBA-6E99-467A-A98C-D60504E0A489}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1F04BDA8-48D4-4C40-9768-E7C101DA1A3E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
19-06-2022 22:06:07 Naplánovaný kontrolní bod
15-08-2022 10:19:17 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/29/2022 09:13:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FacebookGameroom.exe, verze: 1.23.7426.18586, časové razítko: 0x5eac5a24
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x979ddb1d
Kód výjimky: 0xe0434352
Posun chyby: 0x00129ab2
ID chybujícího procesu: 0x660
Čas spuštění chybující aplikace: 0x01d8bbdb2870ebb4
Cesta k chybující aplikaci: C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fb37c15b-0090-4a28-a7e2-827cae28fc52
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/29/2022 09:13:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FacebookGameroom.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.WebException
na System.Net.WebClient.DownloadDataInternal(System.Uri, System.Net.WebRequest ByRef)
na System.Net.WebClient.DownloadString(System.Uri)
na System.Net.WebClient.DownloadString(System.String)
na FacebookGames.WebRequest.<DownloadStringWithRetries>b__29_0(System.String[])
na FacebookGames.WebRequest.RetryableTask[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`2<System.String[],System.__Canon>, System.String[])
na FacebookGames.WebRequest.DownloadStringWithRetries(System.String)
na FacebookGames.Program.CheckOutdatedVersion()
na FacebookGames.Program+<>c.<Main>b__0_0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (08/29/2022 08:51:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.20091.84.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2c50
Čas spuštění: 01d8bbd801f9bee2
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe
ID hlášení: 4e51cae3-20ce-4a67-86a7-3f7b2132f609
Úplný název balíčku s chybou: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (08/29/2022 08:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FacebookGameroom.exe, verze: 1.23.7426.18586, časové razítko: 0x5eac5a24
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x979ddb1d
Kód výjimky: 0xe0434352
Posun chyby: 0x00129ab2
ID chybujícího procesu: 0x22b4
Čas spuštění chybující aplikace: 0x01d8bbd6990ab07b
Cesta k chybující aplikaci: C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 5ae01818-dd4b-48f7-a3fb-3e8922549a6b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/29/2022 08:41:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FacebookGameroom.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.WebException
na System.Net.WebClient.DownloadDataInternal(System.Uri, System.Net.WebRequest ByRef)
na System.Net.WebClient.DownloadString(System.Uri)
na System.Net.WebClient.DownloadString(System.String)
na FacebookGames.WebRequest.<DownloadStringWithRetries>b__29_0(System.String[])
na FacebookGames.WebRequest.RetryableTask[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`2<System.String[],System.__Canon>, System.String[])
na FacebookGames.WebRequest.DownloadStringWithRetries(System.String)
na FacebookGames.Program.CheckOutdatedVersion()
na FacebookGames.Program+<>c.<Main>b__0_0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (08/29/2022 07:20:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FacebookGameroom.exe, verze: 1.23.7426.18586, časové razítko: 0x5eac5a24
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x979ddb1d
Kód výjimky: 0xe0434352
Posun chyby: 0x00129ab2
ID chybujícího procesu: 0x15c8
Čas spuštění chybující aplikace: 0x01d8bbcb15042a32
Cesta k chybující aplikaci: C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3a257653-b7db-4e2e-8186-7bad68326e84
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/29/2022 07:20:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FacebookGameroom.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.WebException
na System.Net.WebClient.DownloadDataInternal(System.Uri, System.Net.WebRequest ByRef)
na System.Net.WebClient.DownloadString(System.Uri)
na System.Net.WebClient.DownloadString(System.String)
na FacebookGames.WebRequest.<DownloadStringWithRetries>b__29_0(System.String[])
na FacebookGames.WebRequest.RetryableTask[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`2<System.String[],System.__Canon>, System.String[])
na FacebookGames.WebRequest.DownloadStringWithRetries(System.String)
na FacebookGames.Program.CheckOutdatedVersion()
na FacebookGames.Program+<>c.<Main>b__0_0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (08/28/2022 09:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mmc.exe, verze: 10.0.19041.329, časové razítko: 0x2ede9d07
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.546, časové razítko: 0x5b56177b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fed29
ID chybujícího procesu: 0xbc8
Čas spuštění chybující aplikace: 0x01d8bb09fb25175d
Cesta k chybující aplikaci: C:\WINDOWS\system32\mmc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 55dd2b1c-5e13-43d4-82ff-b2ee68d1bf0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/30/2022 08:33:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace funkcí na Windows 10, verze 21H2.
Error: (08/30/2022 08:33:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-11 Kumulativní aktualizace (Preview) pro .NET Framework 3.5 a 4.8 pro Windows 10 Version 2004 pro platformu x64 (KB5007289).
Error: (08/30/2022 08:33:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace, která odebírá Adobe Flash Player pro Windows 10 Version 2004 ze systémů s architekturou x64 (KB4577586).
Error: (08/30/2022 08:33:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-09 Aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4023057).
Error: (08/30/2022 08:33:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.373.1249.0).
Error: (08/30/2022 08:33:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Nástroj k odstranění škodlivého softwaru v systému Windows, verze pro procesory x64 – v5.104 (KB890830).
Error: (08/30/2022 08:33:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace antimalwarové platformy programu Microsoft Defender Antivirus – KB4052623 (verze 4.18.2205.7).
Error: (08/30/2022 08:31:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.373.1249.0).
Windows Defender:
================
Date: 2022-05-10 16:27:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {722BE884-1655-43B0-A9CD-9CCF4C3F0596}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-08 16:32:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {26C1016D-5B86-45C9-801E-EE85EC74992D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-06 18:50:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9E9FA032-D37C-44D6-B83A-3E94C3C7D816}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-05 17:16:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {548364DB-A514-41FF-A508-2FE1DCE608A5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-03 08:51:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {572AD2D6-B711-4067-9E15-A118113ABE58}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2022-08-29 21:22:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.373.1184.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19500.2
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní
Date: 2022-08-29 21:06:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.1782.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.5
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní
Date: 2022-05-11 13:30:46
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.1657.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2022-04-17 12:02:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.323.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2022-01-26 19:32:21
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2459.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní
CodeIntegrity:
===============
Date: 2022-08-29 20:52:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-08-29 20:52:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-08-29 20:41:10
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Temp\asw215cd4bf15d62cb8.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.10 12/15/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 77%
Total physical RAM: 3977.98 MB
Available physical RAM: 892.82 MB
Total Virtual: 6793.98 MB
Available Virtual: 3276.39 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.63 GB) (Free:391.65 GB) (Model: WDC WD5000LPVX-22V0TT0) NTFS
\\?\Volume{414dccc3-71f7-4d72-b174-4e9bcbfbbdb4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{20b6bdd9-f4d3-46ad-8a0e-df9d1f7349ff}\ (Push Button Reset) (Fixed) (Total:15.13 GB) (Free:2.05 GB) NTFS
\\?\Volume{c6fbe306-b887-45be-928c-50c805635f87}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ADAB34DE)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by PC1 (administrator) on PC (Acer Aspire ES1-512) (30-08-2022 20:46:37)
Running from C:\Users\PC1\Downloads
Loaded Profiles: PC1
Platform: Microsoft Windows 10 Home Version 2004 19041.508 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <31>
(explorer.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <5>
(explorer.exe ->) (Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(services.exe ->) (Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(services.exe ->) (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(services.exe ->) (Qualcomm Atheros -> Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(svchost.exe ->) (Google Inc -> Google Inc.) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(svchost.exe ->) (Microsoft Corporation) [File not signed] C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_2.2009.2711.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <3>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Speech_OneCore\common\SpeechRuntime.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13672664 2014-06-30] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Qualcomm Atheros\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Run: [MicrosoftEdgeAutoLaunch_3ED1524B1F1362DAB86361CACD0A8016] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [3827104 2022-08-25] (Microsoft Corporation -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\104.0.5112.102\Installer\chrmstp.exe [2022-08-24] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\Windows\system32\AthCredentialProvider.dll [2014-04-29] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
Startup: C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Facebook Gameroom.lnk [2020-05-06]
ShortcutTarget: Facebook Gameroom.lnk -> C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe (Facebook, Inc. -> Facebook)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0E5967DC-6B89-46A5-8CCE-DB77EA166233} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {2B4D6C29-1EBC-4A3C-B37E-846464788DFA} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {30A1BAAF-29FE-4F7A-A761-BC65F74C1EB6} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154440 2016-02-24] (Google Inc -> Google Inc.)
Task: {325E65FC-C889-4174-B70A-1BA61E32C33A} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe join (No File)
Task: {38EBBFC8-74EA-4C3E-8FF8-884708ED8642} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {4721EDF4-40C2-4D4F-BDDC-4B84BEEA0473} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {53C0C257-7B3C-43E3-91BD-72835627AF7D} - System32\Tasks\AvastUpdateTaskMachineCore => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /c (No File)
Task: {65BF8E0F-95BA-4FF4-8DC7-A1A5DE7A0658} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {6A2CFE04-EACF-4B3E-97A7-0240555EBACE} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe task (No File)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {70F38D9C-851C-4337-A093-9101F931AE67} - System32\Tasks\AvastUpdateTaskMachineUA => C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe /ua /installsource scheduler (No File)
Task: {86BB18D0-8E2A-4B8A-94FB-650491D63458} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-17] (Acer Incorporated -> Acer Incorporated)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {F00C49B7-77D6-426B-A90B-EE919FC52420} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{112a3ec0-ef5e-446f-89a2-54e2798b749d}: [DhcpNameServer] 84.16.120.1 84.16.96.2
Tcpip\..\Interfaces\{f2bfa094-9f8f-4b44-8357-107c4699269f}: [DhcpNameServer] 192.168.0.1
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\PC1\AppData\Local\Microsoft\Edge\User Data\Default [2022-08-30]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Session Restore: Default -> is enabled.
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default [2022-08-30]
CHR Notifications: Default -> hxxps://general2news4youtoday.com; hxxps://goldwinawards.com; hxxps://www.dedoles.cz; hxxps://www.multibotanica100.com
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Session Restore: Default -> is enabled.
CHR Extension: (Vyhledávání Google) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2016-03-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-08-30]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-29]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-07-27]
CHR Profile: C:\Users\PC1\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-24]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 DoSvc; C:\WINDOWS\system32\dosvc.dll [1492480 2020-09-11] (Microsoft Corporation) [File not signed]
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
R2 UsoSvc; C:\WINDOWS\system32\usosvc.dll [566272 2020-09-11] (Microsoft Corporation) [File not signed]
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 wuauserv; C:\WINDOWS\system32\wuaueng.dll [3384832 2020-09-11] (Microsoft Corporation) [File not signed]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R3 GPIO; C:\WINDOWS\System32\drivers\iaiogpioe.sys [31232 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
R3 iaioi2c; C:\WINDOWS\System32\drivers\iaioi2ce.sys [69632 2014-06-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
S3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [21360 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [14680 2013-07-18] (Acer Incorporated -> Acer Incorporated)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\system32\DRIVERS\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-08] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-30 20:46 - 2022-08-30 20:49 - 000012600 _____ C:\Users\PC1\Downloads\FRST.txt
2022-08-30 20:45 - 2022-08-30 20:45 - 002371072 _____ (Farbar) C:\Users\PC1\Downloads\FRST64.exe
2022-08-29 20:58 - 2022-08-29 20:58 - 012759288 _____ (AVAST Software) C:\Users\PC1\Downloads\avastclear.exe
2022-08-15 09:18 - 2022-08-15 09:18 - 000000000 ___HD C:\$WinREAgent
2022-08-04 23:24 - 2022-08-04 23:24 - 000240066 _____ C:\Users\PC1\Downloads\faktura9220920143.pdf
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-08-30 20:50 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-08-30 20:48 - 2021-01-22 23:41 - 000000000 ____D C:\FRST
2022-08-30 20:37 - 2016-02-24 20:35 - 000000000 ____D C:\Program Files (x86)\Google
2022-08-30 20:31 - 2020-09-01 18:14 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-08-30 20:31 - 2020-09-01 18:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-08-30 20:29 - 2020-09-01 17:33 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-08-29 21:13 - 2016-01-28 06:13 - 000000000 ____D C:\Users\PC1\AppData\Local\CrashDumps
2022-08-29 21:10 - 2020-09-01 18:14 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-08-29 21:10 - 2020-09-01 17:33 - 000008192 ___SH C:\DumpStack.log.tmp
2022-08-29 21:10 - 2018-04-05 17:15 - 000000000 ____D C:\Users\PC1\AppData\Local\AVAST Software
2022-08-29 21:10 - 2016-02-24 20:28 - 000000000 ____D C:\ProgramData\AVAST Software
2022-08-29 21:10 - 2016-01-28 06:07 - 000000000 __SHD C:\Users\PC1\IntelGraphicsProfiles
2022-08-29 21:09 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-08-29 21:03 - 2020-09-01 18:14 - 000000000 ____D C:\WINDOWS\system32\Tasks\AVAST Software
2022-08-29 20:42 - 2020-09-01 17:55 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-08-29 20:42 - 2019-12-07 16:41 - 000717844 _____ C:\WINDOWS\system32\perfh005.dat
2022-08-29 20:42 - 2019-12-07 16:41 - 000144986 _____ C:\WINDOWS\system32\perfc005.dat
2022-08-29 20:42 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-08-28 11:41 - 2020-06-06 21:47 - 000002423 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-08-28 11:41 - 2020-06-06 21:47 - 000002261 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2022-08-28 11:41 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-08-28 11:41 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-08-28 11:40 - 2022-06-02 11:39 - 000002379 _____ C:\Users\PC1\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-08-28 11:40 - 2021-12-12 21:04 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3621340843-3382866814-1888067393-1001
2022-08-28 11:40 - 2020-09-01 18:14 - 000003350 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3621340843-3382866814-1888067393-1001
2022-08-28 10:36 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-08-24 07:01 - 2016-02-24 20:36 - 000002305 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-08-24 07:01 - 2016-02-24 20:36 - 000002264 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-08-18 12:37 - 2020-09-01 18:14 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-08-18 12:37 - 2020-09-01 18:14 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-08-15 13:56 - 2020-09-01 17:37 - 000000000 ____D C:\Users\PC1
2022-08-07 11:48 - 2020-09-01 18:14 - 000004302 _____ C:\WINDOWS\system32\Tasks\Software Update Application
2022-08-07 11:48 - 2020-09-01 18:14 - 000002750 _____ C:\WINDOWS\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3621340843-3382866814-1888067393-500
2022-08-07 11:48 - 2020-09-01 18:14 - 000002390 _____ C:\WINDOWS\system32\Tasks\BacKGroundAgent
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 30-08-2022
Ran by PC1 (30-08-2022 20:52:00)
Running from C:\Users\PC1\Downloads
Microsoft Windows 10 Home Version 2004 19041.508 (X64) (2020-09-01 16:15:56)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3621340843-3382866814-1888067393-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3621340843-3382866814-1888067393-503 - Limited - Disabled)
Guest (S-1-5-21-3621340843-3382866814-1888067393-501 - Limited - Disabled)
PC1 (S-1-5-21-3621340843-3382866814-1888067393-1001 - Administrator - Enabled) => C:\Users\PC1
WDAGUtilityAccount (S-1-5-21-3621340843-3382866814-1888067393-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CyberLink PowerDirector 10 (HKLM-x32\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.4220 - CyberLink Corp.) Hidden
Facebook Gameroom 1.23.7426.18586 (HKLM-x32\...\{58E3FB73-8B88-4807-A803-79B5ADA0136F}) (Version: 1.23.7426.18586 - Facebook)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 104.0.5112.102 - Google LLC)
Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1008 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{2D6248C0-4693-4CAB-9922-F05E4015F62A}) (Version: 1.1.1.1 - Intel Corporation) Hidden
Intel(R) Trusted Execution Engine Driver (HKLM\...\{6307E820-0317-4DCE-AAE0-7B6CAD867055}) (Version: 1.0.0.1064 - Intel Corporation) Hidden
LibreOffice 7.0.4.2 (HKLM\...\{B3171B83-4945-43E0-A101-841638C05506}) (Version: 7.0.4.2 - The Document Foundation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 104.0.1293.70 - Microsoft Corporation)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\OneDriveSetup.exe) (Version: 22.161.0731.0002 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\Teams) (Version: 1.4.00.35564 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{d491dd9d-2eda-4d75-b504-1a201436e7fd}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 x64 Additional Runtime - 11.0.61030 (HKLM\...\{37B8F9C7-03FB-3253-8781-2517C99D7C00}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2012 x64 Minimum Runtime - 11.0.61030 (HKLM\...\{CF2BEA3C-26EA-32F8-AA9B-331F7E34BA97}) (Version: 11.0.61030 - Microsoft Corporation) Hidden
Qualcomm Atheros WLAN and Bluetooth Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 12.33 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10586.31225 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.33.529.2014 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7288 - Realtek Semiconductor Corp.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{32DC821E-4A7D-4878-BEE8-337FA153D7F2}) (Version: 2.63.0.0 - Microsoft Corporation) Hidden
Packages:
=========
Candy Crush Friends -> C:\Program Files\WindowsApps\king.com.CandyCrushFriends_1.44.2.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-25] (Dolby Laboratories)
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2019-11-24] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2017.39121.36610.0_x64__8wekyb3d8bbwe [2018-09-14] (Microsoft Corporation)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-05] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-20] (Microsoft Studios) [MS Ad]
Star Wars: Commander -> C:\Program Files\WindowsApps\Disney.StarWarsCommander_4.9.0.3_x86__6rarf9sa4v8jt [2017-05-10] (Disney)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\PC1\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.21328.1\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3621340843-3382866814-1888067393-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2015-10-07] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-09-11 14:42 - 2020-09-11 14:42 - 000566272 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\usosvc.dll
2020-09-11 14:43 - 2020-09-11 14:43 - 003384832 _____ (Microsoft Corporation) [File not signed] c:\windows\system32\wuaueng.dll
2020-09-11 14:17 - 2020-09-05 20:21 - 001711104 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\amd64_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_faefa4f37613d18e\gdiplus.dll
2020-09-11 14:17 - 2020-09-05 20:00 - 001449472 _____ (Microsoft Corporation) [File not signed] C:\WINDOWS\WinSxS\x86_microsoft.windows.gdiplus_6595b64144ccf1df_1.1.19041.508_none_429cdbca8a8ffa94\gdiplus.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iaioi2ce.sys => ""="Driver"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer13.msn.com/?pc=ACJB
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2013-08-22 15:25 - 2018-07-09 19:20 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2016-03-11 10:38 - 2016-10-02 22:50 - 000000429 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 pc.mshome.net # 2021 3 3 10 8 38 25 315
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Acer\abFiles\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\PC1\Pictures\2007-04\DSCF4542.JPG
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
HKU\S-1-5-21-3621340843-3382866814-1888067393-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{B993B544-30AC-424F-9A75-3614403D2F5C}] => (Allow) C:\WINDOWS\system32\alg.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{8B0F928F-4367-46C4-8501-FA952ED8E9A6}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{468C6B7A-C61D-4688-BADA-AD246073885D}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CE5D1FA6-1F12-4AB9-B120-8C601104D56F}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{CA4DC3C4-CCDE-4E26-87E8-7C01EB39ADF3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.64.80.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [TCP Query User{7DE17A79-9F82-4B8F-B397-3C5383740A5E}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{13ADECF8-4BBF-4C06-9C6F-2FEAD3E1FE9F}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Allow) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{B068B252-AEA2-4D4F-BE37-E16550DE47CE}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [UDP Query User{3CAB61E2-2E2E-4CC8-AE3D-A8B636C4B332}C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe] => (Block) C:\users\pc1\appdata\local\microsoft\teams\current\teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{19543CBA-6E99-467A-A98C-D60504E0A489}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{1F04BDA8-48D4-4C40-9768-E7C101DA1A3E}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\104.0.1293.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
19-06-2022 22:06:07 Naplánovaný kontrolní bod
15-08-2022 10:19:17 Naplánovaný kontrolní bod
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (08/29/2022 09:13:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FacebookGameroom.exe, verze: 1.23.7426.18586, časové razítko: 0x5eac5a24
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x979ddb1d
Kód výjimky: 0xe0434352
Posun chyby: 0x00129ab2
ID chybujícího procesu: 0x660
Čas spuštění chybující aplikace: 0x01d8bbdb2870ebb4
Cesta k chybující aplikaci: C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fb37c15b-0090-4a28-a7e2-827cae28fc52
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/29/2022 09:13:30 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FacebookGameroom.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.WebException
na System.Net.WebClient.DownloadDataInternal(System.Uri, System.Net.WebRequest ByRef)
na System.Net.WebClient.DownloadString(System.Uri)
na System.Net.WebClient.DownloadString(System.String)
na FacebookGames.WebRequest.<DownloadStringWithRetries>b__29_0(System.String[])
na FacebookGames.WebRequest.RetryableTask[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`2<System.String[],System.__Canon>, System.String[])
na FacebookGames.WebRequest.DownloadStringWithRetries(System.String)
na FacebookGames.Program.CheckOutdatedVersion()
na FacebookGames.Program+<>c.<Main>b__0_0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (08/29/2022 08:51:16 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program YourPhone.exe verze 1.20091.84.0 přestal spolupracovat s Windows a byl ukončen. Pokud chcete zjistit, jestli je k dispozici více informací o tomto problému, vyhledejte historii problému na ovládacím panelu Zabezpečení a údržba.
ID procesu: 2c50
Čas spuštění: 01d8bbd801f9bee2
Čas ukončení: 4294967295
Cesta k aplikaci: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe\YourPhone.exe
ID hlášení: 4e51cae3-20ce-4a67-86a7-3f7b2132f609
Úplný název balíčku s chybou: Microsoft.YourPhone_1.20091.84.0_x64__8wekyb3d8bbwe
ID aplikace relativní podle balíčku s chybou: App
Typ zablokování: Quiesce
Error: (08/29/2022 08:41:54 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FacebookGameroom.exe, verze: 1.23.7426.18586, časové razítko: 0x5eac5a24
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x979ddb1d
Kód výjimky: 0xe0434352
Posun chyby: 0x00129ab2
ID chybujícího procesu: 0x22b4
Čas spuštění chybující aplikace: 0x01d8bbd6990ab07b
Cesta k chybující aplikaci: C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 5ae01818-dd4b-48f7-a3fb-3e8922549a6b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/29/2022 08:41:43 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FacebookGameroom.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.WebException
na System.Net.WebClient.DownloadDataInternal(System.Uri, System.Net.WebRequest ByRef)
na System.Net.WebClient.DownloadString(System.Uri)
na System.Net.WebClient.DownloadString(System.String)
na FacebookGames.WebRequest.<DownloadStringWithRetries>b__29_0(System.String[])
na FacebookGames.WebRequest.RetryableTask[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`2<System.String[],System.__Canon>, System.String[])
na FacebookGames.WebRequest.DownloadStringWithRetries(System.String)
na FacebookGames.Program.CheckOutdatedVersion()
na FacebookGames.Program+<>c.<Main>b__0_0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (08/29/2022 07:20:46 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: FacebookGameroom.exe, verze: 1.23.7426.18586, časové razítko: 0x5eac5a24
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.572, časové razítko: 0x979ddb1d
Kód výjimky: 0xe0434352
Posun chyby: 0x00129ab2
ID chybujícího procesu: 0x15c8
Čas spuštění chybující aplikace: 0x01d8bbcb15042a32
Cesta k chybující aplikaci: C:\Users\PC1\AppData\Local\Facebook\Games\FacebookGameroom.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 3a257653-b7db-4e2e-8186-7bad68326e84
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (08/29/2022 07:20:42 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: FacebookGameroom.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.Net.WebException
na System.Net.WebClient.DownloadDataInternal(System.Uri, System.Net.WebRequest ByRef)
na System.Net.WebClient.DownloadString(System.Uri)
na System.Net.WebClient.DownloadString(System.String)
na FacebookGames.WebRequest.<DownloadStringWithRetries>b__29_0(System.String[])
na FacebookGames.WebRequest.RetryableTask[[System.__Canon, mscorlib, Version=4.0.0.0, Culture=neutral, PublicKeyToken=b77a5c561934e089]](System.Func`2<System.String[],System.__Canon>, System.String[])
na FacebookGames.WebRequest.DownloadStringWithRetries(System.String)
na FacebookGames.Program.CheckOutdatedVersion()
na FacebookGames.Program+<>c.<Main>b__0_0()
na System.Threading.ThreadHelper.ThreadStart_Context(System.Object)
na System.Threading.ExecutionContext.RunInternal(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object, Boolean)
na System.Threading.ExecutionContext.Run(System.Threading.ExecutionContext, System.Threading.ContextCallback, System.Object)
na System.Threading.ThreadHelper.ThreadStart()
Error: (08/28/2022 09:21:32 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mmc.exe, verze: 10.0.19041.329, časové razítko: 0x2ede9d07
Název chybujícího modulu: ntdll.dll, verze: 10.0.19041.546, časové razítko: 0x5b56177b
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000fed29
ID chybujícího procesu: 0xbc8
Čas spuštění chybující aplikace: 0x01d8bb09fb25175d
Cesta k chybující aplikaci: C:\WINDOWS\system32\mmc.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 55dd2b1c-5e13-43d4-82ff-b2ee68d1bf0b
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (08/30/2022 08:33:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace funkcí na Windows 10, verze 21H2.
Error: (08/30/2022 08:33:19 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-11 Kumulativní aktualizace (Preview) pro .NET Framework 3.5 a 4.8 pro Windows 10 Version 2004 pro platformu x64 (KB5007289).
Error: (08/30/2022 08:33:16 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace, která odebírá Adobe Flash Player pro Windows 10 Version 2004 ze systémů s architekturou x64 (KB4577586).
Error: (08/30/2022 08:33:10 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): 2021-09 Aktualizace pro Windows 10 Version 2004 pro systémy typu x64 (KB4023057).
Error: (08/30/2022 08:33:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.373.1249.0).
Error: (08/30/2022 08:33:03 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Nástroj k odstranění škodlivého softwaru v systému Windows, verze pro procesory x64 – v5.104 (KB890830).
Error: (08/30/2022 08:33:01 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace antimalwarové platformy programu Microsoft Defender Antivirus – KB4052623 (verze 4.18.2205.7).
Error: (08/30/2022 08:31:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80004002): Aktualizace bezpečnostních informací pro produkt Microsoft Defender Antivirus - KB2267602 (verze 1.373.1249.0).
Windows Defender:
================
Date: 2022-05-10 16:27:16
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {722BE884-1655-43B0-A9CD-9CCF4C3F0596}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-08 16:32:47
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {26C1016D-5B86-45C9-801E-EE85EC74992D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-06 18:50:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {9E9FA032-D37C-44D6-B83A-3E94C3C7D816}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-05 17:16:09
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {548364DB-A514-41FF-A508-2FE1DCE608A5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-05-03 08:51:59
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {572AD2D6-B711-4067-9E15-A118113ABE58}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2022-08-29 21:22:12
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.373.1184.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19500.2
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní
Date: 2022-08-29 21:06:26
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.1782.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.5
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní
Date: 2022-05-11 13:30:46
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.1657.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2022-04-17 12:02:11
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.323.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19100.5
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.
Date: 2022-01-26 19:32:21
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.355.2459.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.18800.4
Kód chyby: 0x80004002
Popis chyby: Neznámé rozhraní
CodeIntegrity:
===============
Date: 2022-08-29 20:52:25
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-08-29 20:52:12
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.
Date: 2022-08-29 20:41:10
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\Temp\asw215cd4bf15d62cb8.tmp because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.10 12/15/2014
Motherboard: Acer Aspire ES1-512
Processor: Intel(R) Pentium(R) CPU N3540 @ 2.16GHz
Percentage of memory in use: 77%
Total physical RAM: 3977.98 MB
Available physical RAM: 892.82 MB
Total Virtual: 6793.98 MB
Available Virtual: 3276.39 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:449.63 GB) (Free:391.65 GB) (Model: WDC WD5000LPVX-22V0TT0) NTFS
\\?\Volume{414dccc3-71f7-4d72-b174-4e9bcbfbbdb4}\ (Recovery) (Fixed) (Total:0.59 GB) (Free:0.3 GB) NTFS
\\?\Volume{20b6bdd9-f4d3-46ad-8a0e-df9d1f7349ff}\ (Push Button Reset) (Fixed) (Total:15.13 GB) (Free:2.05 GB) NTFS
\\?\Volume{c6fbe306-b887-45be-928c-50c805635f87}\ (ESP) (Fixed) (Total:0.29 GB) (Free:0.24 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: ADAB34DE)
Partition: GPT.
==================== End of Addition.txt =======================
Spusti znovu program FRST