kontrola logu po otevreni prilohy podvodneho mailu

[cakajik]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 14-01-2025
Ran by Mamka (administrator) on MAMKY (Dell Inc. Latitude 7490) (18-01-2025 11:43:36)
Running from C:\Users\Mamka\Downloads\FRST64.exe
Loaded Profiles: Mamka
Platform: Microsoft Windows 11 Home Version 23H2 22631.4751 (X64) Language: Čeština (Česko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApntEx.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe <2>
(C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe <6>
(DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE CO., LTD.) C:\Windows\System32\DellTPad\ApMsgFwd.exe
(DellTPad\Apoint.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\hidfind.exe
(DellTPad\Apoint.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\ApRemote.exe
(DellTPad\HidMonitorSvc.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\Apoint.exe
(DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxEM.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.) C:\Windows\System32\DellTPad\HidMonitorSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\cui_dch.inf_amd64_f47cef52ac4d1535\igfxCUIService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\dptf_cpu.inf_amd64_c2c5b0e17a28a48f\esif_uf.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igcc_dch.inf_amd64_bee333b3fb02dacb\OneApp.IGCC.WinService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9437e46374342218\IntelCpHDCPSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iigd_dch.inf_amd64_9437e46374342218\IntelCpHeciSvc.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\mewmiprov.inf_amd64_d51901c26227fb29\WMIRegistrationService.exe
(services.exe ->) (Intel Corporation -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\piecomponent.inf_amd64_6e21242a0a001415\Intel_PIE_Service.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(services.exe ->) (Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Windows\System32\jhi_service.exe
(services.exe ->) (Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iastorac.inf_amd64_9c788f1d162b1224\RstMwService.exe
(services.exe ->) (Malwarebytes Inc. -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe
(services.exe ->) (Sierra Wireless, Inc -> Sierra Wireless, Inc.) C:\Windows\Sierra Wireless Inc\bin\SwiService.exe
(services.exe ->) (Waves Inc -> Waves Audio Ltd.) C:\Program Files\Waves\MaxxAudio\WavesSysSvc64.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24121.37.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.220.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe <2>
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teamsupdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.34401.20.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <4>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\LocationNotificationWindows.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [11102816 2021-01-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_PushButton] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3618096 2021-01-20] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [WavesSvc] => C:\Program Files\Waves\MaxxAudio\WavesSvc64.exe [1236688 2020-12-04] (Waves Inc -> Waves Audio Ltd.)
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiSpyware] Restriction <==== ATTENTION
HKLM\SOFTWARE\Microsoft\Windows Defender: [DisableAntiVirus] Restriction <==== ATTENTION
HKU\S-1-5-21-2028045230-3821785687-2854252981-1004\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2028045230-3821785687-2854252981-1004\...\Run: [MicrosoftEdgeAutoLaunch_FE2372F1310B1E39EB26F3F016DDD2DE] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911208 2025-01-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\Run: [MicrosoftEdgeAutoLaunch_9DE7CFF5C2B7918534D2171312054169] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911208 2025-01-09] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45381424 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\MountPoints2: {e3509181-705c-11ef-ba3d-144f8ab904aa} - "D:\LaunchU3.exe" -a

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {AADA008D-FE01-4252-B013-B23A84402050} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {58351358-DDDE-46F3-8D27-88A730A24C3E} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-12-04] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "44748d38-f45e-485a-8e73-866a3d92cea8" --version "6.31.11415" --silent
Task: {A55831D4-3AF8-4EE8-BB65-EE3AAB40B7D6} - System32\Tasks\CCleanerSkipUAC - jenda => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {AFC932C2-2046-45E5-B6F8-8EE6D5ECDD6C} - System32\Tasks\CCleanerSkipUAC - Mamka => C:\Program Files\CCleaner\CCleaner.exe [39151920 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{1af37731-3701-4a50-9ff0-c2ace9ae7a17}: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{1af37731-3701-4a50-9ff0-c2ace9ae7a17}\0516472796B602D202960586F6E656: [DhcpNameServer] 172.20.10.1
Tcpip\..\Interfaces\{1af37731-3701-4a50-9ff0-c2ace9ae7a17}\3414E495F4E4: [DhcpNameServer] 10.100.0.100 10.10.10.10
Tcpip\..\Interfaces\{1af37731-3701-4a50-9ff0-c2ace9ae7a17}\3416E697F6E613: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{3eea4ed0-200f-4fef-8a8d-ce64e98663e6}: [DhcpNameServer] 10.100.0.100 10.10.10.10

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Mamka\AppData\Local\Microsoft\Edge\User Data\Default [2025-01-18]
Edge Notifications: Default -> hxxps://www.facebook.com
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\Mamka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2025-01-17]
Edge Extension: (Dokumenty Google offline) - C:\Users\Mamka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-12-21]
Edge Extension: (Edge relevant text changes) - C:\Users\Mamka\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ApHidMonitorService; C:\WINDOWS\system32\DellTPad\HidMonitorSvc.exe [894880 2021-05-24] (ALPS ALPINE CO., LTD. -> ALPSALPINE Co., Ltd.)
S3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-12-04] (Gen Digital Inc. -> Piriform Software Ltd)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9441760 2025-01-17] (Malwarebytes Inc. -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-01-17] (Malwarebytes Inc. -> Malwarebytes)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 SmrtService; C:\ProgramData\SmartGuard\lineage2\smrt3d\release\Data\f0a5126dc37baf89cc77dc8d887e163de0368ab9\smrtsvc64.exe [14997768 2024-11-05] (LAB RIVAS SL -> )
R2 SwiService; C:\WINDOWS\Sierra Wireless Inc\bin\SwiService.exe [1630184 2018-01-30] (Sierra Wireless, Inc -> Sierra Wireless, Inc.)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-31] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 ApHidfiltrService; C:\WINDOWS\System32\drivers\ApHidfiltrSW.sys [362512 2021-05-24] (WDKTestCert CHT1HTSH3180,132475688214743128 -> ALPSALPINE Co., Ltd.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [532480 2023-02-03] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [184320 2023-02-03] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\WINDOWS\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
R3 e1dexpress; C:\WINDOWS\System32\DriverStore\FileRepository\e1d.inf_amd64_a9790eceb25abaff\e1d.sys [622160 2024-05-22] (Intel Corporation -> Intel Corporation)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2025-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [232024 2025-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [21480 2025-01-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [234168 2025-01-18] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [80448 2025-01-18] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-01-17] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-01-18] (Malwarebytes Inc. -> Malwarebytes)
S3 smrtkrnl64; C:\WINDOWS\System32\Drivers\smrtkrnl64.sys [1095344 2025-01-06] (Microsoft Windows Hardware Compatibility Publisher -> )
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [22104 2024-10-31] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [606624 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-31] (Microsoft Windows -> Microsoft Corporation)
S1 WinSetupMon; system32\DRIVERS\WinSetupMon.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-18 11:43 - 2025-01-18 11:44 - 000015343 _____ C:\Users\Mamka\Downloads\FRST.txt
2025-01-18 11:39 - 2025-01-18 11:43 - 000000000 ____D C:\FRST
2025-01-18 11:37 - 2025-01-18 11:39 - 002403328 _____ (Farbar) C:\Users\Mamka\Downloads\FRST64.exe
2025-01-18 10:54 - 2025-01-18 10:54 - 000234168 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-01-18 10:54 - 2025-01-18 10:54 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-01-18 08:04 - 2025-01-18 08:04 - 000693828 _____ C:\WINDOWS\system32\perfh005.dat
2025-01-18 08:04 - 2025-01-18 08:04 - 000143682 _____ C:\WINDOWS\system32\perfc005.dat
2025-01-17 18:07 - 2025-01-18 11:40 - 000000000 ____D C:\Users\Mamka\AppData\Local\Malwarebytes
2025-01-17 18:07 - 2025-01-17 18:07 - 000002093 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-01-17 18:07 - 2025-01-17 18:07 - 000002081 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2025-01-17 18:06 - 2025-01-17 18:06 - 002833136 _____ (Malwarebytes) C:\Users\Mamka\Downloads\MBSetup.exe
2025-01-17 18:06 - 2025-01-17 18:06 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-01-17 18:06 - 2025-01-17 18:06 - 000000000 ____D C:\Program Files\Malwarebytes
2025-01-17 17:01 - 2025-01-17 17:01 - 000000000 ____D C:\Users\Mamka\AppData\LocalLow\Temp

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2025-01-18 11:43 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-01-18 10:55 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-01-18 10:53 - 2024-09-11 22:33 - 000001591 _____ C:\WINDOWS\system32\config\VSMIDK
2025-01-18 10:53 - 2023-02-03 14:06 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-01-18 10:53 - 2023-02-03 14:01 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-01-18 10:53 - 2023-02-03 11:55 - 000000000 __SHD C:\Users\Mamka\IntelGraphicsProfiles
2025-01-18 10:53 - 2022-07-04 07:12 - 000000000 ____D C:\Intel
2025-01-18 10:53 - 2022-07-04 05:52 - 000012288 ___SH C:\DumpStack.log.tmp
2025-01-18 10:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\ServiceState
2025-01-18 08:28 - 2022-05-07 06:17 - 001310720 _____ C:\WINDOWS\system32\config\BBI
2025-01-18 08:04 - 2023-02-03 14:11 - 001629494 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-01-18 08:04 - 2022-05-07 06:22 - 000000000 ____D C:\WINDOWS\INF
2025-01-17 18:20 - 2023-02-03 14:03 - 000000000 ____D C:\Users\Mamka
2025-01-17 18:07 - 2022-05-07 06:24 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-01-17 18:07 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2025-01-17 17:53 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-01-17 17:51 - 2023-02-03 14:01 - 000304280 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-01-17 17:50 - 2023-10-12 07:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-01-17 17:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\SystemResources
2025-01-17 17:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-01-17 17:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-01-17 17:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-01-17 17:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\DiagTrack
2025-01-17 17:50 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-01-17 17:49 - 2024-09-11 17:32 - 000000000 ____D C:\WINDOWS\Minidump
2025-01-17 17:49 - 2022-07-04 05:52 - 002071290 ____N C:\WINDOWS\Minidump\011725-11234-01.dmp
2025-01-17 16:58 - 2024-09-12 15:23 - 000000000 ____D C:\Program Files\CCleaner
2025-01-17 14:50 - 2023-02-03 11:55 - 000000000 ____D C:\Users\Mamka\AppData\Local\Packages
2025-01-17 14:50 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2025-01-17 14:49 - 2023-02-03 11:56 - 000000000 ____D C:\Users\Mamka\AppData\Local\PlaceholderTileLogoFolder
2025-01-17 05:47 - 2024-09-12 15:23 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2025-01-16 07:26 - 2022-07-04 07:02 - 000000000 ____D C:\WINDOWS\SysWOW64\sda
2025-01-15 11:31 - 2022-07-04 07:00 - 000000000 ____D C:\WINDOWS\system32\MRT
2025-01-15 11:30 - 2022-07-04 07:00 - 206927936 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2025-01-15 11:30 - 2022-05-07 06:17 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-01-14 07:09 - 2023-02-03 14:06 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2028045230-3821785687-2854252981-1007
2025-01-14 07:09 - 2023-02-03 14:06 - 000003360 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2028045230-3821785687-2854252981-1007
2025-01-14 07:09 - 2023-02-03 11:57 - 000002381 _____ C:\Users\Mamka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-01-13 07:09 - 2022-07-04 05:53 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-01-13 07:09 - 2022-07-04 05:53 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2025-01-10 01:04 - 2022-05-07 06:24 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-01-06 18:46 - 2024-11-06 10:56 - 000000000 ____D C:\Users\Mamka\AppData\Roaming\Awesomium
2024-12-31 16:51 - 2022-07-04 05:52 - 000142848 ____N C:\WINDOWS\Minidump\123124-11515-01.dmp
2024-12-22 14:42 - 2023-02-03 14:06 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-22 14:42 - 2023-02-03 14:06 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-21 11:00 - 2023-02-03 11:55 - 000000000 ____D C:\Users\Mamka\AppData\Local\D3DSCache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 14-01-2025
Ran by Mamka (18-01-2025 11:44:35)
Running from C:\Users\Mamka\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4751 (X64) (2023-02-03 13:07:05)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2028045230-3821785687-2854252981-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2028045230-3821785687-2854252981-503 - Limited - Disabled)
Guest (S-1-5-21-2028045230-3821785687-2854252981-501 - Limited - Disabled)
jenda (S-1-5-21-2028045230-3821785687-2854252981-1004 - Administrator - Enabled) => C:\Users\jenda
Mamka (S-1-5-21-2028045230-3821785687-2854252981-1007 - Administrator - Enabled) => C:\Users\Mamka
WDAGUtilityAccount (S-1-5-21-2028045230-3821785687-2854252981-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

CCleaner (HKLM\...\CCleaner) (Version: 6.31 - Piriform)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 10.3201.101.216 - ALPSALPINE CO., LTD.)
Malwarebytes version 5.2.4.157 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.4.157 - Malwarebytes)
Maxx Audio Installer (x64) (HKLM\...\{307032B2-6AF2-46D7-B933-62438DEB2B9A}) (Version: 2.7.13058.0 - Waves Audio Ltd.) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.146 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.146 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2028045230-3821785687-2854252981-1004\...\OneDriveSetup.exe) (Version: 24.201.1006.0005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\OneDriveSetup.exe) (Version: 24.232.1118.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.31301 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.14.26429 (HKLM-x32\...\{2019b6a0-8533-4a04-ac0e-b2c10bdb9841}) (Version: 14.14.26429.4 - Microsoft Corporation)
Microsoft Visual C++ 2017 x86 Additional Runtime - 14.14.26429 (HKLM-x32\...\{6F0267F3-7467-350D-A8C8-33B72E3658D8}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2017 x86 Minimum Runtime - 14.14.26429 (HKLM-x32\...\{7753EC39-3039-3629-98BE-447C5D869C09}) (Version: 14.14.26429 - Microsoft Corporation) Hidden
Realtek Audio COM Components (HKLM-x32\...\{2355B503-9B11-4449-861D-1C1748B26320}) (Version: 1.0.2 - Realtek Semiconductor Corp.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9107.1 - Realtek Semiconductor Corp.)
Reborn Application (HKLM-x32\...\{17A4F85A-1219-4143-A0D6-E9EBC6084064}) (Version: 1.0.0.1 - l2reborn.org)
SmartGuard Anti-Cheat (HKLM\...\SmartGuardAntiCheat) (Version: - )

Packages:
=========
AppUp.IntelGraphicsExperience -> C:\Program Files\WindowsApps\AppUp.IntelGraphicsExperience_1.100.5688.0_x64__8j3eq9eme6ctt [2024-11-10] (INTEL CORP) [Startup Task]
Messenger -> C:\Program Files\WindowsApps\FACEBOOK.317180B0BB486_2250.0.0.0_x64__8xx8rvfyw5nnt [2025-01-17] (Meta)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-09-11] (Microsoft Corp.)
TikTok -> C:\Program Files\WindowsApps\BytedancePte.Ltd.TikTok_1.0.5.0_neutral__6yccndn6064se [2024-11-06] (Bytedance Pte. Ltd.)
TikTok -> C:\Program Files\WindowsApps\www.tiktok.com-4C63E479_1.0.5.1_neutral__s5gx0acfdhdxa [2024-11-06] (www.tiktok.com)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2028045230-3821785687-2854252981-1007_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\Mamka\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.31301\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-01-17] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-01-17] (Malwarebytes Inc. -> Malwarebytes)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\Mamka\Desktop\TikTok.lnk -> C:\Program Files (x86)\Microsoft\Edge\Application\msedge_proxy.exe (Microsoft Corporation) -> --profile-directory=Default --app-id=nlalbmkafgmoifbeooblidblkmlhhpnc --app-url=hxxps://www.tiktok.com/foryou --app-launch-source=4

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\Mamka\Downloads\FRST64.exe:MBAM.Zone.Identifier [225]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============


==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2021-06-05 13:08 - 2021-06-05 13:08 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2028045230-3821785687-2854252981-1004\Control Panel\Desktop\\Wallpaper -> C:\Users\jenda\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\Control Panel\Desktop\\Wallpaper -> C:\Users\Mamka\AppData\Local\Packages\Microsoft.Windows.Photos_8wekyb3d8bbwe\LocalState\PhotosAppBackground\6.jpg
DNS Servers: 10.100.0.100 - 10.10.10.10
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Mobilní síť 12: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 13: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 3: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 17: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 2: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 5: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 16: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 7: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 9: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 11: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 6: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 8: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Ethernet: Intel(R) Ethernet Connection (4) I219-LM -> e1d.sys
Mobilní síť 10: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 15: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Wi-Fi: Intel(R) Dual Band Wireless-AC 8265 -> Netwtw06.sys
Mobilní síť 14: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys
Mobilní síť 4: DW5811e Snapdragon™ X7 LTE -> cxwmbclass.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKLM\...\StartupApproved\Run: => "RTHDVCPL"
HKLM\...\StartupApproved\Run: => "RtHDVBg_PushButton"
HKLM\...\StartupApproved\Run: => "WavesSvc"
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_9DE7CFF5C2B7918534D2171312054169"
HKU\S-1-5-21-2028045230-3821785687-2854252981-1007\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{522997EF-EF90-49EC-BD5E-9080211E775C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E11A06-088A-4B4F-B71E-B6205DDDAE30}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24295.401.3195.9406_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{7ECED758-02F4-40CE-B877-43B077435E5B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{78F88D48-7509-467C-8375-8FE79F8CB02C}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{17B97432-1948-4D6A-8E2C-3CA7F9100421}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D0143B26-BF41-48E2-ACF5-37FD340D06C1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{78B21D53-F792-4423-B13A-6C11F96E6F42}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{777823D6-7ED4-4854-9D26-594AB85F26B6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{F35D21CD-5CF8-4B1B-A15F-6AEE22854868}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A24DDBF1-5D59-4807-91F8-FB7AB52A4479}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{A2D911E8-7162-46B1-AED4-80B42F575495}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{74DDFB4F-9791-497C-AC00-905DAEE4F01B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.249.439.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{20260967-6E47-4955-B4B1-E035587E7E32}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4B2137F0-814F-4C2D-B1A8-7DC1B36FFBBA}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24335.208.3315.1951_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0F1A258D-810A-42D5-A909-03A144D65558}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.146\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-01-2025 14:50:09 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/17/2025 06:20:33 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/17/2025 06:20:33 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/17/2025 02:47:48 PM) (Source: Windows Search Service) (EventID: 7042) (User: )
Description: Služba Windows Search byla zastavena, protože došlo k problému s indexovacím modulem Nezdařila se fáze obnovení..

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
0x%08x (0x80040d23 - Vypínání indexovacího modulu (HRESULT : 0x80040d23))

Error: (01/17/2025 02:47:48 PM) (Source: Windows Search Service) (EventID: 3602) (User: )
Description: Ve fázi obnovování služby Windows Search došlo k chybě s ID 1. Restartujte službu. Pokud tato chyba potrvá, vytvořte index znovu.

Kontext: aplikace , katalog SystemIndex

Podrobnosti:
0x%08x (0x80040d23 - Vypínání indexovacího modulu (HRESULT : 0x80040d23))

Error: (01/17/2025 07:17:12 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/17/2025 07:17:12 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]

Error: (01/16/2025 01:02:01 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému..

Error: (01/16/2025 01:02:01 PM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.]


System errors:
=============
Error: (01/18/2025 10:53:57 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_7377a byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/18/2025 08:00:27 AM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_70142 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/17/2025 05:53:07 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba zasílání zpráv_7cd55 byla ukončena s následující chybou:
Zařízení není připraveno.

Error: (01/17/2025 05:49:46 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec F2F15280D000. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (01/17/2025 05:49:46 PM) (Source: NetBT) (EventID: 4311) (User: )
Description: Inicializace se nezdařila, protože ovladač zařízení nemohl být vytvořen.
K identifikaci rozhraní, jehož inicializace se nezdařila, lze použít
řetězec F2F15280D000. Je reprezentován adresou MAC tohoto rozhraní nebo globálně
jedinečným identifikátorem (GUID), pokud nemohlo rozhraní NetBT
získat adresu MAC podle identifikátoru GUID. Pokud nebyla k dispozici adresa MAC
ani identifikátor GUID, je řetězec reprezentován názvem zařízení clusteru.

Error: (01/17/2025 05:49:41 PM) (Source: Microsoft-Windows-WER-SystemErrorReporting) (EventID: 1001) (User: NT AUTHORITY)
Description: 0x000000f7 (0x00008beef384b3da, 0x00008beef384b3de, 0xffff74110c7b4c21, 0x0000000000000000)C:\WINDOWS\Minidump\011725-11234-01.dmp275a5e4f-3d05-4a77-a7f4-4cdeb58f3502

Error: (01/17/2025 05:49:33 PM) (Source: volmgr) (EventID: 162) (User: )
Description: Soubor se stavem systému byl úspěšně vygenerován.

Error: (01/17/2025 05:49:42 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (17:44:10, ‎17.‎01.‎2025) bylo neočekávané.


Windows Defender:
================
Date: 2025-01-17 05:56:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {41694D0F-5EAE-4FA7-B159-B5903E9426EB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2025-01-10 22:33:04
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {341C4ABA-F8F4-44F2-BE7A-14E743C00CD6}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-12-11 22:04:14
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {17E2024D-A894-4D94-AA61-70687D56F8A9}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-13 00:16:19
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {62624B11-0D5D-4285-B083-A8D6466E00BB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-09 08:38:48
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {FD797BBE-A415-4B96-BD45-BC10EA7334AA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2025-01-18 08:28:07
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací a pokusí se o obnovení na předchozí verzi.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80501102
Popis chyby: Došlo k neočekávaným potížím. Nainstalujte všechny dostupné aktualizace a potom opakujte spuštění programu. Informace o instalaci aktualizací naleznete v nápovědě a podpoře.
Verze bezpečnostních informací: 1.421.1407.0;1.421.1407.0
Verze modulu: 1.1.24090.11

Date: 2023-05-06 07:07:13
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.389.245.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20300.3
Kód chyby: 0x80240016
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2025-01-18 11:29:29
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. 1.25.0 03/24/2022
Motherboard: Dell Inc. 0KP0FT
Processor: Intel(R) Core(TM) i5-8350U CPU @ 1.70GHz
Percentage of memory in use: 61%
Total physical RAM: 8070.34 MB
Available physical RAM: 3141.47 MB
Total Virtual: 8582.34 MB
Available Virtual: 3871.01 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.47 GB) (Free:166.2 GB) (Model: Micron 1100 SATA 256GB) (Protected) NTFS

\\?\Volume{bc2ebc2a-c210-4bbe-a351-9deff13df76b}\ () (Fixed) (Total:0.89 GB) (Free:0.11 GB) NTFS
\\?\Volume{6078beb8-38e5-4bf9-a751-a91261f0a5c7}\ () (Fixed) (Total:0.09 GB) (Free:0.06 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Protective MBR) (Size: 238.5 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

Ahoj,
prescanuj s NPE https://support.norton.com/sp/static/ex ... s/npe.html
+
preventivne pomen hesla

[cakajik]

Tak jsem to proskenoval tim programem a nic to nenašlo,hesla zmenim,tak mockrát dekuji a hezky den preji

[JaRon]

Po AV stranke je to OK
Ak by sa zopakovali BSOD - daj do prislusnej sekcie obsak minidump https://forum.viry.cz/viewtopic.php?t=120729
Za malo