FRSIT log z Windows 10 (2 posty)
Napsal: 10 úno 2023 22:07
Zdravím,
ďakujem za pozretie, ADWCleaner nenašiel nič.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by igorv (administrator) on DESKTOP-PB3B57S (TOSHIBA Satellite L650) (10-02-2023 21:58:24)
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.2546 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4252008 2023-01-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.121\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {5FAD471F-3397-45A2-B287-345CB7DE5E54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7ACEDB39-AB4B-430F-B549-01D1792DD499} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A04D2FF-1A11-428D-B9FA-AA379E4A25A1} - System32\Tasks\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {8B621601-AE74-4D4A-9EAC-3C7835A0C1BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B} - System32\Tasks\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {DAFB6C4A-564B-45FE-92CA-A848A593EA33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{1b830fbc-5f0e-4a85-a095-15d1aeb2d45b}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{2835ed5a-0fac-45c6-bfda-73ae710e5958}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{7ae0656c-d38d-4fa0-9319-481e1e5b4555}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Edge:
=======
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2023-02-10]
Edge HomePage: Profile 4 -> hxxp://www.google.sk/
Chrome:
=======
CHR Profile: C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default [2023-02-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-03]
CHR Extension: (Spúšťač aplikácie pre Disk (od Googlu)) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-02-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-03]
CHR HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe [714864 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDTabSysSvc.exe [301192 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe [451248 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe [44797568 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52360 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [29328 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\Windows\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-10 21:58 - 2023-02-10 22:00 - 000012390 _____ C:\Users\igorv\Downloads\FRST.txt
2023-02-10 21:57 - 2023-02-10 21:59 - 000000000 ____D C:\FRST
2023-02-10 21:56 - 2023-02-10 21:57 - 002378240 _____ (Farbar) C:\Users\igorv\Downloads\FRST64.exe
2023-02-04 10:21 - 2023-02-04 10:25 - 000000000 ___HD C:\$WinREAgent
2023-02-03 08:58 - 2023-02-09 14:35 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-31 17:39 - 2023-02-02 14:45 - 000000000 ____D C:\Users\igorv\AppData\Roaming\vlc
2023-01-22 16:26 - 2023-01-22 16:26 - 000000000 ____D C:\Program Files (x86)\aida64extreme_build_6323_fgv5q3cdyb
2023-01-22 16:18 - 2023-02-08 18:36 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-01-18 10:07 - 2023-01-18 10:08 - 001201396 _____ C:\Windows\Minidump\011823-42046-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-10 22:01 - 2022-03-09 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-10 21:54 - 2022-12-25 18:56 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-10 21:53 - 2022-03-09 10:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-02-10 20:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-10 19:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-10 19:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-02-10 16:12 - 2022-03-09 10:22 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-09 16:11 - 2022-03-09 10:52 - 000000000 ____D C:\Users\igorv
2023-02-09 10:37 - 2022-03-09 10:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-09 10:37 - 2020-02-21 11:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-08 19:36 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-08 19:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-08 19:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-07 17:31 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2023-02-07 17:14 - 2022-03-09 10:55 - 000000000 ____D C:\Users\igorv\AppData\Local\Packages
2023-02-07 14:14 - 2022-10-07 19:11 - 000000000 ____D C:\Users\igorv\AppData\Local\CrashDumps
2023-02-06 09:22 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-02-04 12:35 - 2022-03-09 10:49 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-04 12:27 - 2022-03-09 10:17 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-04 12:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-04 10:57 - 2022-03-09 10:21 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-03 08:58 - 2022-03-09 15:06 - 000000000 ____D C:\Users\igorv\AppData\Local\Google
2023-02-03 08:08 - 2022-03-09 10:20 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-03 08:08 - 2022-03-09 10:20 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-28 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2023-01-28 22:04 - 2022-10-23 08:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-28 22:04 - 2022-03-24 16:14 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2023-01-18 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-18 10:09 - 2022-07-04 14:36 - 000000000 ____D C:\Windows\Minidump
2023-01-18 10:07 - 2022-07-04 14:36 - 637648792 _____ C:\Windows\MEMORY.DMP
2023-01-11 18:51 - 2022-03-09 13:02 - 000000000 ____D C:\Windows\system32\MRT
2023-01-11 18:46 - 2022-03-09 13:02 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2022-03-09 11:38 - 2022-03-09 11:38 - 000007602 _____ () C:\Users\igorv\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ďakujem za pozretie, ADWCleaner nenašiel nič.
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 09-02-2023 01
Ran by igorv (administrator) on DESKTOP-PB3B57S (TOSHIBA Satellite L650) (10-02-2023 21:58:24)
Running from C:\Users\igorv\Downloads
Loaded Profiles: igorv
Platform: Microsoft Windows 10 Home Version 22H2 19045.2546 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe ->) (Advanced Micro Devices, Inc. -> Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(C:\Program Files (x86)\Steam\steam.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe <8>
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCopyAccelerator.exe
(explorer.exe ->) (Google LLC -> ) C:\Program Files\Google\Drive File Stream\70.0.2.0\crashpad_handler.exe <4>
(explorer.exe ->) (Google LLC -> Google, Inc.) C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe <7>
(explorer.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Steam\steam.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.152\GoogleCrashHandler64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <7>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe <2>
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe
(services.exe ->) (Dynabook Inc. -> Dynabook Inc.) C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe
(services.exe ->) (Valve Corp. -> Valve Corporation) C:\Program Files (x86)\Common Files\Steam\steamservice.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2204.13303.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsCalculator_11.2210.0.0_x64__8wekyb3d8bbwe\CalculatorApp.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.22122.94.0_x64__8wekyb3d8bbwe\PhoneExperienceHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.2300_none_7e14edbc7c88b7d5\TiWorker.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767176 2015-11-04] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start /prefetch:5 [4243360 2023-02-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [4252008 2023-01-31] (Valve Corp. -> Valve Corporation)
HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\70.0.2.0\GoogleDriveFS.exe [51889432 2023-02-08] (Google LLC -> Google, Inc.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\109.0.5414.121\Installer\chrmstp.exe [2023-02-09] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {5FAD471F-3397-45A2-B287-345CB7DE5E54} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7ACEDB39-AB4B-430F-B549-01D1792DD499} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {8A04D2FF-1A11-428D-B9FA-AA379E4A25A1} - System32\Tasks\GoogleUpdateTaskMachineUA{A5FF526E-0839-42BD-8196-FCE1D6C6D732} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {8B621601-AE74-4D4A-9EAC-3C7835A0C1BB} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {ACA11C1B-FC37-4AD6-83E9-E1D06F6B018B} - System32\Tasks\GoogleUpdateTaskMachineCore{8F5C90FE-E2FF-4C5D-B1F6-73990ACFA8C9} => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [171480 2022-10-19] (Google LLC -> Google LLC)
Task: {DAFB6C4A-564B-45FE-92CA-A848A593EA33} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MpCmdRun.exe [1592184 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{1b830fbc-5f0e-4a85-a095-15d1aeb2d45b}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{2835ed5a-0fac-45c6-bfda-73ae710e5958}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Tcpip\..\Interfaces\{7ae0656c-d38d-4fa0-9319-481e1e5b4555}: [DhcpNameServer] 192.168.1.1 195.146.128.62
Edge:
=======
Edge DefaultProfile: Profile 4
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Profile 4 [2023-02-10]
Edge HomePage: Profile 4 -> hxxp://www.google.sk/
Chrome:
=======
CHR Profile: C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default [2023-02-06]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2023-02-03]
CHR Extension: (Spúšťač aplikácie pre Disk (od Googlu)) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\lmjegmlicamnimmfhcmpkclmigmmcbeh [2023-02-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\igorv\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-02-03]
CHR HKU\S-1-5-21-2415662125-1334251306-1017844622-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [lmjegmlicamnimmfhcmpkclmigmmcbeh]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 DSDFunctionKeyCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDFunctionKeyCtlService.exe [714864 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
S2 DSDTabletControlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\DSDTabSysSvc.exe [301192 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R2 DSDWirelessLEDCtlService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\RMService.exe [451248 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R2 dynabookSettingService; C:\Windows\System32\DriverStore\FileRepository\dsrvctldrv.inf_amd64_6c2a100d8d6221dc\dynabookSystemService.exe [44797568 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\NisSrv.exe [3191264 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2211.5-0\MsMpEng.exe [133592 2022-12-09] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R3 dhotkey; C:\Windows\System32\drivers\dhotkey.sys [52360 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R1 dsrvctldrv; C:\Windows\System32\drivers\dsrvctldrv.sys [29328 2022-08-25] (Dynabook Inc. -> Dynabook Inc.)
R0 DVALZ_O; C:\Windows\System32\drivers\DVALZ_O.SYS [47464 2022-07-17] (Dynabook Inc. -> Dynabook Inc.)
R1 googledrivefs31092; C:\Windows\System32\DRIVERS\googledrivefs31092.sys [384600 2023-02-08] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
S3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [49120 2021-11-17] (Dynabook Inc. -> Dynabook Inc.)
R1 TosSrvCtlDrv; C:\Windows\System32\DriverStore\FileRepository\tossrvctl.inf_amd64_5be63eebe47f1577\TosSrvCtlDrv.sys [26816 2022-02-15] (Dynabook Inc. -> Dynabook Inc.)
S0 TVALZ_O; C:\Windows\System32\drivers\TVALZ_O.SYS [46656 2021-11-18] (Dynabook Inc. -> Dynabook Inc.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [49568 2022-12-09] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [473376 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [99616 2022-12-09] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-10 21:58 - 2023-02-10 22:00 - 000012390 _____ C:\Users\igorv\Downloads\FRST.txt
2023-02-10 21:57 - 2023-02-10 21:59 - 000000000 ____D C:\FRST
2023-02-10 21:56 - 2023-02-10 21:57 - 002378240 _____ (Farbar) C:\Users\igorv\Downloads\FRST64.exe
2023-02-04 10:21 - 2023-02-04 10:25 - 000000000 ___HD C:\$WinREAgent
2023-02-03 08:58 - 2023-02-09 14:35 - 000002266 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2023-01-31 17:39 - 2023-02-02 14:45 - 000000000 ____D C:\Users\igorv\AppData\Roaming\vlc
2023-01-22 16:26 - 2023-01-22 16:26 - 000000000 ____D C:\Program Files (x86)\aida64extreme_build_6323_fgv5q3cdyb
2023-01-22 16:18 - 2023-02-08 18:36 - 000002064 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2023-01-18 10:07 - 2023-01-18 10:08 - 001201396 _____ C:\Windows\Minidump\011823-42046-01.dmp
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2023-02-10 22:01 - 2022-03-09 15:05 - 000000000 ____D C:\Program Files (x86)\Google
2023-02-10 21:54 - 2022-12-25 18:56 - 000000000 ____D C:\Program Files (x86)\Steam
2023-02-10 21:53 - 2022-03-09 10:17 - 000000000 ____D C:\Windows\system32\SleepStudy
2023-02-10 20:17 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2023-02-10 19:23 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2023-02-10 19:23 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\AppReadiness
2023-02-10 16:12 - 2022-03-09 10:22 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2023-02-09 16:11 - 2022-03-09 10:52 - 000000000 ____D C:\Users\igorv
2023-02-09 10:37 - 2022-03-09 10:18 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2023-02-09 10:37 - 2020-02-21 11:41 - 000008192 ___SH C:\DumpStack.log.tmp
2023-02-08 19:36 - 2019-12-07 10:03 - 000000000 ____D C:\Windows\CbsTemp
2023-02-08 19:34 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SystemResources
2023-02-08 19:30 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\PolicyDefinitions
2023-02-07 17:31 - 2019-12-07 10:03 - 000262144 _____ C:\Windows\system32\config\BBI
2023-02-07 17:14 - 2022-03-09 10:55 - 000000000 ____D C:\Users\igorv\AppData\Local\Packages
2023-02-07 14:14 - 2022-10-07 19:11 - 000000000 ____D C:\Users\igorv\AppData\Local\CrashDumps
2023-02-06 09:22 - 2019-12-07 10:13 - 000000000 ____D C:\Windows\INF
2023-02-04 12:35 - 2022-03-09 10:49 - 000795738 _____ C:\Windows\system32\PerfStringBackup.INI
2023-02-04 12:27 - 2022-03-09 10:17 - 000258088 _____ C:\Windows\system32\FNTCACHE.DAT
2023-02-04 12:25 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\SysWOW64\oobe
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\oobe
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\DDFs
2023-02-04 12:24 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\bcastdvr
2023-02-04 10:57 - 2022-03-09 10:21 - 003015680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\PrintConfig.dll
2023-02-03 08:58 - 2022-03-09 15:06 - 000000000 ____D C:\Users\igorv\AppData\Local\Google
2023-02-03 08:08 - 2022-03-09 10:20 - 000003632 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2023-02-03 08:08 - 2022-03-09 10:20 - 000003508 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2023-01-28 22:14 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\NDF
2023-01-28 22:04 - 2022-10-23 08:35 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2023-01-28 22:04 - 2022-03-24 16:14 - 000000000 ____D C:\Program Files (x86)\InstallShield Installation Information
2023-01-18 18:12 - 2019-12-07 10:14 - 000000000 ____D C:\Windows\system32\migwiz
2023-01-18 10:09 - 2022-07-04 14:36 - 000000000 ____D C:\Windows\Minidump
2023-01-18 10:07 - 2022-07-04 14:36 - 637648792 _____ C:\Windows\MEMORY.DMP
2023-01-11 18:51 - 2022-03-09 13:02 - 000000000 ____D C:\Windows\system32\MRT
2023-01-11 18:46 - 2022-03-09 13:02 - 150199536 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
==================== Files in the root of some directories ========
2022-03-09 11:38 - 2022-03-09 11:38 - 000007602 _____ () C:\Users\igorv\AppData\Local\Resmon.ResmonCfg
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
