Additional scan result of Farbar Recovery Scan Tool (x64) Version: 21-01-2025
Ran by katyb (27-01-2025 22:34:44)
Running from C:\Users\katyb\Downloads
Microsoft Windows 11 Home Version 23H2 22631.4751 (X64) (2025-01-27 12:55:00)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2314623388-72350180-1146119525-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2314623388-72350180-1146119525-503 - Limited - Disabled)
Guest (S-1-5-21-2314623388-72350180-1146119525-501 - Limited - Disabled)
katyb (S-1-5-21-2314623388-72350180-1146119525-1001 - Administrator - Enabled) => C:\Users\katyb
WDAGUtilityAccount (S-1-5-21-2314623388-72350180-1146119525-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: McAfee (Enabled - Up to date) {0BE13B34-492A-21C0-AE43-C1742279CCB6}
AV: ESET Security (Enabled - Up to date) {26E0861C-6FB9-CEF9-E4F0-531986211ACE}
FW: McAfee (Enabled) {33DABA11-0345-2098-851C-6841DCAA8BCD}
FW: ESET Firewall (Enabled) {1EDB0739-25D6-CFA1-CFAF-FA2C78F25DB5}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

ESET Security (HKLM\...\{2AE41595-0CB6-45AD-A2FA-E20798D8842F}) (Version: 18.0.12.0 - ESET, spol. s r.o.)
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.20.0 - HP Inc)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
McAfee (HKLM\...\McAfee.WPS) (Version: 1.25.208.1 - McAfee, LLC)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.127 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-2314623388-72350180-1146119525-1001\...\OneDriveSetup.exe) (Version: 24.244.1204.0003 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft OneNote - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.18324.20194 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18324.20194 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18324.20168 - Microsoft Corporation) Hidden
WebAdvisor od společnosti McAfee (HKLM-x32\...\{35ED3F83-4BDC-4c44-8EC6-6A8301C7413A}) (Version: 4.1.1.999 - McAfee, LLC)

Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.22.20073.0_x64__0a9344xs7nr4m [2025-01-27] (Advanced Micro Devices Inc.) [Startup Task]
Dropbox promotion -> C:\Program Files\WindowsApps\C27EB4BA.DropboxOEM_23.4.27.0_x64__xbfy0k16fey96 [2025-01-27] (Dropbox Inc.)
Energy Star -> C:\Program Files\WindowsApps\AD2F1837.HPInc.EnergyStar_1.2.0.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
ESET Context Menu -> C:\Program Files\ESET\ESET Security [2025-01-27] (Sparse Package)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.47.308.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\ad2f1837.hppchardwarediagnosticswindows_2.6.4.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
HP Smart -> C:\Program Files\WindowsApps\AD2F1837.HPPrinterControl_157.1.1186.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.41.29.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
HP System Event Utility -> C:\Program Files\WindowsApps\ad2f1837.hpsystemeventutility_3.1.4.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.)
McAfee -> C:\Program Files\McAfee\wps\1.25.208.1 [2025-01-27] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2412.12002.0_x64__8wekyb3d8bbwe [2025-01-27] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2025-01-27] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2025-01-27] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.235.0_x64__8wekyb3d8bbwe [2025-01-27] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6 [2025-01-27] (HP Inc.) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-2314623388-72350180-1146119525-1001_Classes\CLSID\{7d043d4e-4259-f459-3630-7b434fd7752c}\localserver32 -> C:\Program Files\HP\HP Media Network\HPMediaNetwork.exe (HP Inc. -> HP Inc.)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers1: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.25.208.1\mc-ctxmnu.dll [2025-01-27] (McAfee, LLC -> McAfee, LLC)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} =>  -> No File
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll [2024-10-28] (ESET, spol. s r.o. -> ESET)
ContextMenuHandlers6: [McCtxMenu] -> {4ADAAC88-E1BD-424F-816D-15E059007938} => C:\Program Files\McAfee\wps\1.25.208.1\mc-ctxmnu.dll [2025-01-27] (McAfee, LLC -> McAfee, LLC)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/redirectHome?tagbase=hpga1-ubpl&ref=aagateway-taskbar-hp

==================== Loaded Modules (Whitelisted) =============

2025-01-27 14:16 - 2025-01-27 14:16 - 000869376 _____ (.NET Foundation) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Microsoft.T417b639d#\544d34a5f71f40529dbb658553db8f9a\Microsoft.Toolkit.Uwp.Notifications.ni.dll
2025-01-27 14:16 - 2025-01-27 14:16 - 000432128 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\LauncherSDK\5dfa3daa8a6749a11f0f5a487763bae6\LauncherSDK.ni.dll
2025-01-27 14:16 - 2025-01-27 14:16 - 000037888 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Logging\f83258b406f7e0011032448137b9e628\Logging.ni.dll
2025-01-27 14:16 - 2025-01-27 14:16 - 000153088 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\RpcClient\4a6b1adc04dc4061c28f65e3c7a587e7\RpcClient.ni.dll
2025-01-27 14:16 - 2025-01-27 14:16 - 000118272 _____ (HP Inc.) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\WMISDK\d49e3e748bf8439a8b13f5af10cd6caa\WMISDK.ni.dll
2025-01-27 14:16 - 2025-01-27 14:16 - 003884544 _____ (Newtonsoft) [File not signed] C:\WINDOWS\assembly\NativeImages_v4.0.30319_64\Newtonsoft.Json\ee10bc4e78e9ccd4dd117ff08dbaee77\Newtonsoft.Json.ni.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-12-17] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-12-17] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2025-01-27] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2314623388-72350180-1146119525-1001\Control Panel\Desktop\\Wallpaper -> C:\WINDOWS\Web\Wallpaper\HP Backgrounds\backgroundDefault.jpg
DNS Servers: 10.0.1.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: Realtek RTL8822CE 802.11ac PCIe Adapter -> rtwlane.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys

vms_vsf: Hyper-V Virtual Switch Extension Filter
vms_vsp: Hyper-V Virtual Switch Extension Protocol

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{B56B9AE6-2E23-4D3B-961D-08BA77658A26}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{14E020E3-A935-4FD7-BB07-FAEB96CBFD9B}] => (Allow) C:\Program Files\WindowsApps\microsoftteams_24124.2402.2858.5617_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AC93B45-4677-4C26-AE88-D67264910255}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\109.0.1518.70\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A0E3CBA9-6469-4882-8128-AF254021B687}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:475.87 GB) (Free:419.58 GB) (88%)

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (01/27/2025 10:23:08 PM) (Source: Microsoft Security Client) (EventID: 3002) (User: )
Description: Event-ID 3002

Error: (01/27/2025 10:23:08 PM) (Source: Microsoft Security Client) (EventID: 2002) (User: )
Description: Event-ID 2002

Error: (01/27/2025 10:23:08 PM) (Source: Microsoft Security Client) (EventID: 2003) (User: )
Description: Event-ID 2003

Error: (01/27/2025 06:54:50 PM) (Source: Application Error) (EventID: 1000) (User: ROBINSONKA)
Description: Název chybující aplikace: HP.myHP.exe, verze: 1.0.0.0, časové razítko: 0x673674ad
Název chybujícího modulu: twinapi.appcore.dll, verze: 10.0.22621.4541, časové razítko: 0x323da41e
Kód výjimky: 0xc000027b
Posun chyby: 0x00000000000dee63
ID chybujícího procesu: 0x0x232c
Čas spuštění chybující aplikace: 0x0x1db70e48772fb0f
Cesta k chybující aplikaci: C:\Program Files\WindowsApps\AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6\HP.myHP.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\twinapi.appcore.dll
ID zprávy: 0e734185-4ac8-49d6-91a7-f60e45e23c93
Úplný název chybujícího balíčku: AD2F1837.myHP_39.52446.140.0_x64__v10z8vjag6ke6
ID aplikace související s chybujícím balíčkem: App


System errors:
=============
Error: (01/27/2025 10:17:36 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (22:13:43, ‎27.‎01.‎2025) bylo neočekávané.

Error: (01/27/2025 04:29:06 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80240016): Aktualizace bezpečnostních informací pro Microsoft Defender Antivirus – KB2267602 (verze 1.421.1555.0) – Aktuální kanál (široká distribuce).

Error: (01/27/2025 01:56:39 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby BITS s argumenty Není k dispozici za účelem spuštění serveru: 
{4991D34B-80A1-4291-83B6-3328366B9097}

Error: (01/27/2025 01:56:39 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: Služba DCOM zjistila chybu 1115 při pokusu o spuštění služby dosvc s argumenty Není k dispozici za účelem spuštění serveru: 
{5B99FA76-721C-423C-ADAC-56D03C8A8007}

Error: (01/27/2025 01:54:48 PM) (Source: WinRM) (EventID: 10142) (User: )
Description: Služba WinRM nemůže přenést modul pro naslouchání s IP adresou * a přenosem HTTP. Modul pro naslouchání se stejnou  konfigurací adresy a přenosu již existuje.

Error: (01/27/2025 01:52:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou: 
Zařízení není připraveno.

Error: (01/27/2025 01:52:40 PM) (Source: DCOM) (EventID: 10010) (User: NT AUTHORITY)
Description: Server {A47979D2-C419-11D9-A5B4-001185AD2B89} se v daném časovém limitu neregistroval u služby DCOM.

Error: (01/27/2025 01:50:40 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Služba seznamu sítí byla ukončena s následující chybou: 
Zařízení není připraveno.


CodeIntegrity:
===============
Date: 2025-01-27 22:29:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\ESET\ESET Security\eamsi.dll that did not meet the Windows signing level requirements. 

Date: 2025-01-27 22:29:30
Description: 
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\McAfee\WPS\1.25.208.1\mc-sec-plugin-x64.dll that did not meet the Windows signing level requirements. 


==================== Memory info =========================== 

BIOS: AMI F.34 07/29/2024
Motherboard: HP 887A
Processor: AMD Ryzen 5 5500U with Radeon Graphics 
Percentage of memory in use: 39%
Total physical RAM: 15693.67 MB
Available physical RAM: 9509.69 MB
Total Virtual: 18637.67 MB
Available Virtual: 12024.04 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:475.87 GB) (Free:419.58 GB) (Model: PSEJN512GA87EC0) (Protected) NTFS

\\?\Volume{40c060b0-e0d7-49af-a240-18da4b54044a}\ () (Fixed) (Total:0.8 GB) (Free:0.21 GB) NTFS
\\?\Volume{a73ec1a5-7d1a-451a-9081-f1eb696d4d27}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 05D35E91)

Partition: GPT.

==================== End of Addition.txt =======================