kontrola nového NB

Zpráva

5manager5 · #1 Příspěvek od **5manager5** » 22 čer 2024 15:09

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19.06.2024
Ran by igorv (administrator) on SAUL (HP HP ProBook 455 15.6 inch G10 Notebook PC) (22-06-2024 16:03:42)
Running from C:\Users\igorv\Desktop\FRST64.exe
Loaded Profiles: igorv
Platform: Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) Language: Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() <==== ATTENTION [zero byte? (Error=3)] C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe#A707A99392B6A6AD
(C:\Users\igorv\Downloads\adwcleaner.exe ->) (Microsoft Corporation -> ) C:\Program Files\WindowsApps\Microsoft.WindowsNotepad_11.2405.13.0_x64__8wekyb3d8bbwe\Notepad\Notepad.exe <2>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\BridgeCommunication.exe
(Malwarebytes Inc. -> Malwarebytes) C:\Users\igorv\Downloads\adwcleaner.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Security Update Service\4.4.12.463\SecurityUpdateService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Agent\LHAgent.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_273967626e857c15\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\SysInfoCap.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_807802da47ae00a3\RtkAudUService64.exe <2>
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP ICS\ICS.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoUsoCoreWorker.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.22621.3662_none_e93555b642ec4d03\TiWorker.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_807802da47ae00a3\RtkAudUService64.exe [1971496 2024-02-26] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPTouchpointManagerTray] => C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Agent\HPTouchpointManagerTray.exe [9544288 2024-05-16] (HP Inc. -> Hewlett-Packard Development Company, L.P.)
HKU\S-1-5-19\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-20\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-21-2384847340-952867437-1279697988-1001\...\Run: [MicrosoftEdgeAutoLaunch_12DCDEA817FD98234F2AB1F8B100D4B7] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3883560 2024-06-20] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-2384847340-952867437-1279697988-1001\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)
HKU\S-1-5-18\...\Run: [GoogleDriveFS] => C:\Program Files\Google\Drive File Stream\92.0.1.0\GoogleDriveFS.exe [61245728 2024-06-18] (Google LLC -> Google, Inc.)

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {2D148F22-59B8-4E83-998E-5A4D1E42C0E0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{0A083088-27BB-4BA5-AFBA-394BA4650294} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {63F9F686-0E6F-47E0-8341-5D149B3E46F5} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {AC70CF3B-3AC0-475D-B90F-22DC329AD2BB} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {E0BE6772-64CD-4EAC-A32F-3650AC09FEA9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {2B064F5A-B560-440C-9C66-C1C4B53287EE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {55FAE072-517B-4643-BA26-1D1999823548} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {67ECA950-491C-4B84-9953-2BA7326C4102} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {6A03296A-2E0F-494B-BE39-9F2938217981} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {834780AF-6E13-41CF-B49D-5F8ECF7D6563} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {A4AA8AD6-B839-439E-B20B-0AA689337C9D} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\windows\system32\cmd.exe [323584 2024-06-16] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {4B815F81-D760-4C6F-975D-FFCC98D9CA98} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [258048 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {8BDAA2F0-25EB-4D55-BAFB-192917B9BC68} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [703536 2024-05-13] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {542BC035-4D85-47F6-ADF9-BE43400AA9ED} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-05-13] (HP Inc. -> HP Inc.)
Task: {BFC52B0A-81AF-4D96-8F05-E912F68A0227} - System32\Tasks\HP\Consent Manager Launcher => C:\windows\system32\sc.exe [98304 2022-05-07] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {A81B04E9-D2FF-4F05-92FD-12AACD84ABA3} - System32\Tasks\HP\HP ICS\ICS => C:\Program Files (x86)\HP\HP ICS\ICS.exe [76870640 2023-08-02] (HP Inc. -> HP)
Task: {850E01A1-85A7-4873-ADBF-3861793B7E89} - System32\Tasks\HP\HP Wolf Security\Launch Console => C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe [264152 2024-01-30] (HP Inc. -> HP Inc.)
Task: {67F09B4E-DBF1-4A32-A14B-10A83D743C8D} - System32\Tasks\HPInsightsUpdater => C:\Program Files (x86)\HP\HP Touchpoint Analytics Client Installer\TAInstaller.exe [2972832 2024-05-27] (HP Inc. -> )
Task: {DB9100AE-1E15-477A-BCCD-283B03DF9CB3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {8BC311F8-F9EC-43FB-9972-9CF2E1EB17AB} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28499424 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {55056D61-752E-4354-807F-0FAAC58F47FF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC262A46-FEDC-4008-BC21-2562F15E73AF} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [309800 2024-06-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {6E10F8D3-E6A6-4571-B035-8C5C2D247F55} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [169648 2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FEE36A9-B8AA-4F5A-B2DC-226E52FE26A0} - System32\Tasks\Microsoft\Windows\Application Experience\PcaWallpaperAppDetect => C:\windows\system32\rundll32.exe [73728 2024-05-19] (Microsoft Windows -> Microsoft Corporation) -> %windir%\system32\PcaSvc.dll,PcaWallpaperAppDetect
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {B1D6A067-6D9F-4CC5-9891-52D656E8B353} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {FC403840-40B2-458C-A8FD-3608DD1414B0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AF24115A-3712-4FF3-9DD7-A600B282B7C3} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9646BDB4-86F7-4A9F-BA9A-92872DBD1B11} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpCmdRun.exe [1678960 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {C4290FFB-CB2B-4AC5-B1B6-46CF5FFD8B10} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030584 2024-04-23] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.31.248 1.1.1.1
Tcpip\..\Interfaces\{4ddb69af-f8ec-43b0-a00d-fa4771a09735}: [DhcpNameServer] 192.168.31.248 1.1.1.1
Tcpip\..\Interfaces\{4ddb69af-f8ec-43b0-a00d-fa4771a09735}: [DhcpDomain] local

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default [2024-06-22]
Edge HomePage: Default -> hxxp://www.google.sk/
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-05-18]
Edge Extension: (HP Dynamic Audio) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\iahgjpkfebmcdcaifedofgakoancmoli [2024-05-25]
Edge Extension: (Edge relevant text changes) - C:\Users\igorv\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-05-18]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-05-18] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.20 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2023-10-30] (VideoLAN -> VideoLAN)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-05-18] (Microsoft Corporation -> Microsoft Corporation)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [14012384 2024-06-07] (Microsoft Corporation -> Microsoft Corporation)
S2 FMAPOService; C:\windows\System32\FMService64.exe [990240 2023-11-17] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
S2 HotKeyServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_fa320f297f405a33\HotKeyServiceUWP.exe [1497672 2024-04-30] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\AppHelperCap.exe [926672 2024-05-07] (HP Inc. -> HP Inc.)
S2 HPAudioAnalytics; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_fa320f297f405a33\HPAudioAnalytics.exe [541152 2024-04-30] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\DiagsCap.exe [925648 2024-05-07] (HP Inc. -> HP Inc.)
R2 hpLHAgent; C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Agent\LHAgent.exe [7765600 2024-05-16] (HP Inc. -> HP Inc.)
R2 hpLHWatchdog; C:\Program Files (x86)\Hewlett-Packard\HP Touchpoint Manager\Tools\WatchDogService.exe [2713696 2024-05-16] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\NetworkCap.exe [921552 2024-05-07] (HP Inc. -> HP Inc.)
S2 hpsvcsscan; C:\windows\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2d93188f2a23173f\x64\hpsvcsscan.exe [7018048 2024-03-22] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_16fa6198551a36ef\x64\SysInfoCap.exe [925648 2024-05-07] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_273967626e857c15\x64\TouchpointAnalyticsClientService.exe [568896 2024-05-07] (HP Inc. -> HP Inc.)
S2 LanWlanWwanSwitchingServiceUWP; C:\windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_fa320f297f405a33\LanWlanWwanSwitchingServiceUWP.exe [605152 2024-04-30] (HP Inc. -> HP Inc.)
S2 LensUpdateService; c:\Program Files (x86)\oz-client\LensUpdateService.exe [1168464 2023-07-28] (Plantronics, Inc. -> Poly, Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MpDefenderCoreService.exe [1505416 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 SecurityUpdateService; C:\Program Files\HP\Security Update Service\4.4.12.463\SecurityUpdateService.exe [4778328 2024-01-04] (Bromium UK Limited -> HP)
S2 WbfPolicyService110; C:\windows\System32\DriverStore\FileRepository\synawudfbiousbuwpsvc.inf_amd64_35b9bee9d8906e7d\WbfPolicyService110.exe [715704 2023-12-13] (Synaptics Incorporated -> Synaptics Incorporated.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\NisSrv.exe [3236728 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24050.7-0\MsMpEng.exe [133704 2024-06-06] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
S3 hpqcaslwmiex; "C:\Program Files (x86)\HP\Shared\hpqwmiex.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\windows\System32\drivers\amdfendrmgr.sys [25584 2023-06-13] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\windows\System32\DriverStore\FileRepository\u0402449.inf_amd64_e17abfc6b744fd4c\B402316\amdkmdag.sys [99613832 2024-05-04] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdwirelessbutton; C:\windows\System32\drivers\amdwirelessbutton.sys [42768 2023-04-26] (Advanced Micro Devices INC. -> Advanced Micro Devices, Inc)
S3 BthA2dp; C:\windows\System32\drivers\BthA2dp.sys [544768 2023-07-12] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\windows\System32\drivers\bthhfenum.sys [184320 2023-07-12] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\windows\System32\drivers\bthmodem.sys [106496 2023-07-12] (Microsoft Corporation) [File not signed]
R0 fse; C:\windows\System32\drivers\fse.sys [218608 2024-06-16] (Microsoft Windows -> Microsoft Corporation)
R1 googledrivefs31357; C:\windows\System32\DriverStore\FileRepository\googledrivefs31357.inf_amd64_a8bf31a168cf7d00\googledrivefs31357.sys [384712 2024-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Google, Inc.)
R3 HPCustomCapDriver; C:\windows\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_a955fa431e522f5e\x64\hpcustomcapdriver.sys [26648 2022-06-24] (HP Inc. -> HP Inc.)
R3 MTKBTFilterx64; C:\windows\System32\drivers\mtkbtfilterx.sys [523600 2024-01-25] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 mtkwlex; C:\windows\System32\drivers\mtkwl6ex.sys [1707280 2023-12-07] (Microsoft Windows Hardware Compatibility Publisher -> MediaTek Inc.)
R3 rt68cx21; C:\windows\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_043a02d7d5d8270f\rt68cx21x64.sys [752496 2024-01-16] (Realtek Semiconductor Corp. -> Realtek)
S3 rtcx21; C:\windows\System32\DriverStore\FileRepository\rtcx21x64.inf_amd64_516e5c9b75c49dc2\rtcx21x64.sys [539648 2022-05-06] (Microsoft Windows -> Realtek)
S3 vmbusproxy; C:\windows\system32\drivers\vmbusproxy.sys [94208 2024-05-18] (Microsoft Windows -> )
S0 WdBoot; C:\windows\System32\drivers\wd\WdBoot.sys [22080 2024-06-06] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\wd\WdFilter.sys [602520 2024-06-06] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-06-06] (Microsoft Windows -> Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-06-22 16:03 - 2024-06-22 16:04 - 000020949 _____ C:\Users\igorv\Desktop\FRST.txt
2024-06-22 16:03 - 2024-06-22 16:03 - 000000000 ____D C:\FRST
2024-06-22 16:01 - 2024-06-22 16:02 - 000000000 ____D C:\AdwCleaner
2024-06-22 16:00 - 2024-06-22 16:00 - 008790880 _____ (Malwarebytes) C:\Users\igorv\Downloads\adwcleaner.exe
2024-06-22 15:59 - 2024-06-22 15:59 - 002395648 _____ (Farbar) C:\Users\igorv\Desktop\FRST64.exe
2024-06-22 15:56 - 2024-06-22 15:56 - 012245967 _____ C:\Users\igorv\Desktop\hwi_804.zip
2024-06-22 13:31 - 2024-03-05 21:56 - 000016368 _____ (HP Inc.) C:\windows\system32\Drivers\AMDchipsetVer.dll
2024-06-18 19:13 - 2024-06-18 19:13 - 000003484 _____ C:\windows\system32\Tasks\ModifyLinkUpdate
2024-06-18 19:13 - 2024-06-18 19:13 - 000000000 ____D C:\windows\LastGood.Tmp
2024-06-18 19:13 - 2024-05-04 00:43 - 000842672 _____ C:\windows\system32\vulkaninfo-1-999-0-0-0.exe
2024-06-18 19:13 - 2024-05-04 00:43 - 000842672 _____ C:\windows\system32\vulkaninfo.exe
2024-06-18 19:13 - 2024-05-04 00:43 - 000725024 _____ C:\windows\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2024-06-18 19:13 - 2024-05-04 00:43 - 000725024 _____ C:\windows\SysWOW64\vulkaninfo.exe
2024-06-18 19:13 - 2024-05-04 00:43 - 000678320 _____ C:\windows\system32\vulkan-1-999-0-0-0.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000678320 _____ C:\windows\system32\vulkan-1.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000662864 _____ C:\windows\SysWOW64\vulkan-1-999-0-0-0.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000662864 _____ C:\windows\SysWOW64\vulkan-1.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000606240 _____ C:\windows\system32\GameManager64.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000549000 _____ C:\windows\system32\libsmi_guest.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000541840 _____ C:\windows\system32\libsmi_host.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000502416 _____ C:\windows\system32\EEURestart.exe
2024-06-18 19:13 - 2024-05-04 00:43 - 000459808 _____ C:\windows\SysWOW64\GameManager32.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000206768 _____ C:\windows\system32\mantle64.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000185776 _____ C:\windows\system32\mantleaxl64.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000163360 _____ C:\windows\SysWOW64\mantle32.dll
2024-06-18 19:13 - 2024-05-04 00:43 - 000147384 _____ C:\windows\SysWOW64\mantleaxl32.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 002083360 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atiadlxx.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 001602592 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxy.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 001602592 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\atiadlxx.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000960032 _____ (AMD) C:\windows\system32\atieclxx.exe
2024-06-18 19:13 - 2024-05-04 00:42 - 000535472 _____ C:\windows\system32\atieah64.exe
2024-06-18 19:13 - 2024-05-04 00:42 - 000473016 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\atidemgy.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000404408 _____ C:\windows\SysWOW64\atieah32.exe
2024-06-18 19:13 - 2024-05-04 00:42 - 000266272 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atig6txx.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000226736 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atigktxx.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000210256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\aticfx64.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000196128 _____ (AMD) C:\windows\system32\atimuixx.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000183728 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atisamu64.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000173152 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\aticfx32.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000146976 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atisamu32.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000138376 _____ C:\windows\system32\amdxc64.dll
2024-06-18 19:13 - 2024-05-04 00:42 - 000074784 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\ati2erec.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 011756544 _____ C:\windows\system32\amdsmi.exe
2024-06-18 19:13 - 2024-05-04 00:41 - 002186168 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdsasrv64.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 001331456 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdsacli64.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 001054216 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdsacli32.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 000943648 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdlvr64.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 000770992 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdlvr32.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 000568464 _____ C:\windows\system32\amdgfxinfo64.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 000432264 _____ C:\windows\SysWOW64\amdgfxinfo32.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 000187584 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdihk32.dll
2024-06-18 19:13 - 2024-05-04 00:41 - 000113696 _____ C:\windows\SysWOW64\amdxc32.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 105774624 _____ C:\windows\system32\amd_comgr.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 089154592 _____ C:\windows\SysWOW64\amd_comgr32.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 004385416 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\amdadlx64.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 004189832 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\amdadlx32.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000801416 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\Rapidfire64.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000678432 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\Rapidfire.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000542240 _____ C:\windows\system32\dgtrayicon.exe
2024-06-18 19:13 - 2024-05-04 00:40 - 000524208 _____ (Khronos Group) C:\windows\system32\OpenCL.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000471072 _____ C:\windows\system32\amdlogum.exe
2024-06-18 19:13 - 2024-05-04 00:40 - 000389552 _____ (Khronos Group) C:\windows\SysWOW64\OpenCL.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000360888 _____ C:\windows\system32\clinfo.exe
2024-06-18 19:13 - 2024-05-04 00:40 - 000176560 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl6.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000051344 _____ (Advanced Micro Devices, Inc.) C:\windows\system32\RapidFireServer64.dll
2024-06-18 19:13 - 2024-05-04 00:40 - 000048160 _____ (Advanced Micro Devices, Inc.) C:\windows\SysWOW64\RapidFireServer.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 016643720 _____ (Advanced Micro Devices Inc.) C:\windows\system32\amdhip64.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 001725544 _____ (AMD) C:\windows\system32\amf-mft-mjpeg-decoder64.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 001400120 _____ (AMD) C:\windows\SysWOW64\amf-mft-mjpeg-decoder32.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000567744 _____ C:\windows\system32\amdmiracast.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000176960 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdave64.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000167256 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdpcom64.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000167040 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\atimpc64.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000156624 _____ C:\windows\system32\atidxx64.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000151104 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdave32.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000145440 _____ (Advanced Micro Devices, Inc. ) C:\windows\system32\amdmmcl.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000136592 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\atimpc32.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000136480 _____ (Advanced Micro Devices, Inc. ) C:\windows\SysWOW64\amdpcom32.dll
2024-06-18 19:13 - 2024-05-04 00:39 - 000129632 _____ C:\windows\SysWOW64\atidxx32.dll
2024-06-18 19:13 - 2024-05-04 00:05 - 103836664 _____ C:\windows\system32\amdxc64.so
2024-06-16 13:48 - 2024-06-16 13:48 - 000024821 _____ C:\windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-06-16 13:46 - 2024-06-16 13:46 - 000024821 _____ C:\windows\system32\IntegratedServicesRegionPolicySet.json
2024-06-16 13:38 - 2024-06-16 13:43 - 000000000 ___HD C:\$WinREAgent
2024-06-06 09:17 - 2024-06-06 09:17 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-05-29 16:50 - 2024-06-15 22:02 - 000000000 ____D C:\Users\igorv\AppData\Roaming\vlc
2024-05-29 16:49 - 2024-05-29 16:49 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2024-05-29 16:49 - 2024-05-29 16:49 - 000000000 ____D C:\Program Files\VideoLAN
2024-05-24 09:41 - 2024-05-24 09:41 - 000001277 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\HP Wolf Security .lnk
2024-05-24 09:41 - 2024-05-24 09:41 - 000000000 ____D C:\Program Files\PackageManagement
2024-05-24 09:37 - 2024-05-24 09:37 - 000000028 ____H C:\.GamingRoot
2024-05-24 09:37 - 2024-05-24 09:37 - 000000000 ____D C:\XboxGames
2024-05-23 22:48 - 2024-05-23 22:48 - 000000000 ____D C:\ProgramData\Package Cache
2024-05-23 22:43 - 2024-05-23 22:43 - 000003842 _____ C:\windows\system32\Tasks\HPInsightsUpdater
2024-05-23 22:43 - 2024-05-23 22:43 - 000000000 ____D C:\Program Files (x86)\Hewlett-Packard
2024-05-23 22:38 - 2024-05-23 22:38 - 000000000 ____D C:\Users\Default\AppData\Local\HP
2024-05-23 15:14 - 2024-05-23 15:14 - 000000000 ____D C:\Users\igorv\AppData\Local\CrashDumps
2024-05-23 10:04 - 2024-05-23 10:04 - 000000000 ____D C:\Users\igorv\AppData\Roaming\Microsoft\Word
2024-05-23 10:04 - 2024-05-23 10:04 - 000000000 ____D C:\Users\igorv\AppData\Roaming\Microsoft\UProof
2024-05-23 10:04 - 2024-05-23 10:04 - 000000000 ____D C:\Users\igorv\AppData\Roaming\Microsoft\Proof
2024-05-23 10:04 - 2024-05-23 10:04 - 000000000 ____D C:\Users\igorv\AppData\Roaming\Microsoft\Office
2024-05-23 10:04 - 2024-05-23 10:04 - 000000000 ____D C:\Users\igorv\AppData\Roaming\Microsoft\AddIns

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-06-22 16:03 - 2023-09-05 13:26 - 000000000 ____D C:\ProgramData\HP
2024-06-22 16:03 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-06-22 16:02 - 2024-05-22 10:08 - 000000000 ____D C:\Users\igorv\AppData\Roaming\Hewlett-Packard
2024-06-22 16:02 - 2023-11-18 03:23 - 000000000 _RSHD C:\hp
2024-06-22 16:02 - 2023-09-05 13:27 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2024-06-22 16:02 - 2023-09-05 13:27 - 000000000 ____D C:\Program Files\HP
2024-06-22 16:02 - 2023-09-05 13:27 - 000000000 ____D C:\Program Files (x86)\HP
2024-06-22 15:57 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SystemTemp
2024-06-22 15:02 - 2024-05-18 10:19 - 000000000 ___SD C:\Users\igorv\AppData\Roaming\Microsoft\Credentials
2024-06-22 14:12 - 2022-05-07 07:22 - 000000000 ____D C:\windows\INF
2024-06-22 14:08 - 2024-01-26 15:41 - 000803640 _____ C:\windows\system32\PerfStringBackup.INI
2024-06-22 14:05 - 2022-05-07 07:24 - 000000000 ____D C:\windows\AppReadiness
2024-06-22 14:01 - 2024-01-26 15:37 - 000001623 _____ C:\windows\system32\config\VSMIDK
2024-06-22 14:01 - 2023-09-05 13:19 - 000012288 ___SH C:\DumpStack.log.tmp
2024-06-22 14:01 - 2023-09-05 13:19 - 000000006 ____H C:\windows\Tasks\SA.DAT
2024-06-22 14:01 - 2022-05-07 07:24 - 000000000 ____D C:\windows\ServiceState
2024-06-22 14:00 - 2022-05-07 07:17 - 000786432 _____ C:\windows\system32\config\BBI
2024-06-22 13:34 - 2024-05-18 10:41 - 000000000 ____D C:\Users\igorv\AppData\Local\D3DSCache
2024-06-22 13:31 - 2024-05-21 13:22 - 000000000 ____D C:\SWSetup
2024-06-22 13:13 - 2022-05-07 07:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-06-21 20:27 - 2023-09-05 13:19 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-06-21 18:07 - 2024-05-18 10:43 - 000000000 ____D C:\Users\igorv\AppData\Roaming\hpqLog
2024-06-21 17:15 - 2023-09-05 13:19 - 000000000 ____D C:\windows\system32\SleepStudy
2024-06-19 17:25 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\AppLocker
2024-06-18 19:14 - 2024-05-18 10:19 - 000000000 ____D C:\Users\igorv\AppData\Local\Packages
2024-06-18 19:14 - 2023-09-05 13:28 - 000000000 ____D C:\ProgramData\Packages
2024-06-18 19:13 - 2024-05-21 08:56 - 000000000 ____D C:\3
2024-06-18 09:09 - 2024-05-21 08:47 - 000002174 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive.lnk
2024-06-16 14:56 - 2022-05-07 07:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-06-16 14:42 - 2024-01-26 15:41 - 000000000 ____D C:\Program Files\Microsoft Office
2024-06-16 13:57 - 2023-09-05 13:19 - 000629032 _____ C:\windows\system32\FNTCACHE.DAT
2024-06-16 13:56 - 2024-05-18 10:38 - 000000000 ____D C:\windows\system32\Microsoft-Edge-WebView
2024-06-16 13:56 - 2024-05-18 10:38 - 000000000 ____D C:\windows\InboxApps
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ___SD C:\windows\system32\UNP
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ___RD C:\windows\PrintDialog
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\UUS
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SysWOW64\WinMetadata
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SysWOW64\setup
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SysWOW64\Dism
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\SystemResources
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\WinMetadata
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\WinBioPlugIns
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\ShellExperiences
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\Sgrm
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\setup
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\PerceptionSimulation
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\oobe
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\migwiz
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\Dism
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\system32\appraiser
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\ShellExperiences
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\ShellComponents
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\BrowserCore
2024-06-16 13:56 - 2022-05-07 07:24 - 000000000 ____D C:\windows\bcastdvr
2024-06-16 13:56 - 2022-05-07 07:17 - 000000000 ____D C:\windows\servicing
2024-06-16 13:53 - 2022-05-07 07:17 - 000000000 ____D C:\windows\CbsTemp
2024-06-16 13:52 - 2022-05-07 08:10 - 000036864 _____ (Microsoft Corporation) C:\windows\system32\OEMDefaultAssociations.dll
2024-06-16 13:52 - 2022-05-07 08:10 - 000024383 _____ C:\windows\system32\OEMDefaultAssociations.xml
2024-06-16 13:48 - 2023-09-05 13:21 - 003216384 _____ (Microsoft Corporation) C:\windows\SysWOW64\PrintConfig.dll
2024-06-16 13:38 - 2024-05-19 10:31 - 000000000 ____D C:\windows\system32\MRT
2024-06-16 13:31 - 2024-05-19 10:31 - 199048176 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2024-06-06 19:33 - 2023-09-05 13:19 - 000003632 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-06-06 19:33 - 2023-09-05 13:19 - 000003508 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-06-06 08:21 - 2023-09-05 13:19 - 000000000 ____D C:\windows\system32\Drivers\wd
2024-06-01 15:47 - 2024-05-21 08:56 - 000000000 ____D C:\4
2024-05-24 09:43 - 2024-05-21 13:22 - 000000000 ____D C:\Users\Default\AppData\Roaming\hpqLog
2024-05-24 09:42 - 2024-01-26 15:47 - 000000000 ____D C:\windows\HP
2024-05-24 09:37 - 2024-05-18 10:43 - 000000000 ____D C:\Users\igorv\AppData\Local\PlaceholderTileLogoFolder
2024-05-23 22:19 - 2024-05-18 10:43 - 000000000 ___RD C:\Users\igorv\OneDrive
2024-05-23 19:09 - 2024-05-18 10:58 - 000000000 ____D C:\windows\system32\Tasks\Hewlett-Packard
2024-05-23 19:08 - 2024-05-18 10:41 - 000000000 ____D C:\Users\igorv\AppData\Local\HP

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

5manager5 · #2 Příspěvek od **5manager5** » 22 čer 2024 15:10

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19.06.2024
Ran by igorv (22-06-2024 16:04:42)
Running from C:\Users\igorv\Desktop
Microsoft Windows 11 Home Version 23H2 22631.3737 (X64) (2024-05-18 07:11:55)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-2384847340-952867437-1279697988-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2384847340-952867437-1279697988-503 - Limited - Disabled)
Guest (S-1-5-21-2384847340-952867437-1279697988-501 - Limited - Disabled)
igorv (S-1-5-21-2384847340-952867437-1279697988-1001 - Administrator - Enabled) => C:\Users\igorv
WDAGUtilityAccount (S-1-5-21-2384847340-952867437-1279697988-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 23.10.18.23 - Advanced Micro Devices, Inc.)
Google Drive (HKLM\...\{6BBAE539-2232-434A-A4E5-9A33560C6283}) (Version: 92.0.1.0 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
HP Client Management Script Library (HKLM-x32\...\{5A1AECCB-E0CE-4D2C-833C-29CCEA959448}_is1) (Version: 1.7.1 - HP Development Company, L.P.)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Insights (HKLM-x32\...\{0E009222-0399-43F9-A4F3-15D28029D5BB}) (Version: 5.24.128 - HP Inc.)
HP Notifications (HKLM-x32\...\{19F557DE-662A-4FEA-B635-1CACD56CC483}) (Version: 1.1.29.12 - HP)
HP Security Update Service (HKLM\...\{8C7D5AFD-57F3-480A-B6FC-FBD90200136C}) (Version: 4.4.12.463 - HP Inc.)
HP Sure Recover (HKLM\...\{4209B666-A120-4D0B-AABB-9D3B06DD7304}) (Version: 10.1.21.222 - HP Inc.)
HP Sure Run Module (HKLM\...\{2439AE5C-1F6E-4AD4-A403-D1BD8C6945B4}) (Version: 5.0.5.59 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{5C1C084D-1DB7-4CAB-840F-E5DD386C2A50}) (Version: 1.4.16.22 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{C4192E14-642D-4A9C-84BA-38FD0963F19D}) (Version: 1.4.16.16 - HP Inc.) Hidden
HP Wolf Security - Console (HKLM\...\{BCFA7F25-D664-4BEF-927B-2D306B6D87BD}) (Version: 11.1.2.695 - HP Inc.)
ICS (HKLM-x32\...\{5CD25FCD-D218-46D0-B405-E5A488969BDF}) (Version: 3.1.8.14 - HP Inc.)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft 365 - en-gb (HKLM\...\O365HomePremRetail - en-gb) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 126.0.2592.68 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 126.0.2592.68 - Microsoft Corporation)
Microsoft OneNote - cs-cz (HKLM\...\OneNoteFreeRetail - cs-cz) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft OneNote - en-gb (HKLM\...\OneNoteFreeRetail - en-gb) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft OneNote - sk-sk (HKLM\...\OneNoteFreeRetail - sk-sk) (Version: 16.0.17628.20144 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x86) - 14.25.28508 (HKLM-x32\...\{65e650ff-30be-469d-b63a-418d71ea1765}) (Version: 14.25.28508.3 - Microsoft Corporation)
Microsoft Visual C++ 2019 X86 Additional Runtime - 14.25.28508 (HKLM-x32\...\{0FA68574-690B-4B00-89AA-B28946231449}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X86 Minimum Runtime - 14.25.28508 (HKLM-x32\...\{2BC3BD4D-FABA-4394-93C7-9AC82A263FE2}) (Version: 14.25.28508 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20110 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.17628.20144 - Microsoft Corporation) Hidden
Poly Lens (HKLM-x32\...\{6E176115-6EB6-4D5D-948F-A6347E3DAB56}) (Version: 1.1.28.5852 - Poly, Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.20 - VideoLAN)

Packages:
=========

AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.10022.0_x64__0a9344xs7nr4m [2024-06-18] (Advanced Micro Devices Inc.) [Startup Task]
Fotografie -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2024.11060.20006.0_x64__8wekyb3d8bbwe [2024-06-22] (Microsoft Corporation) [Startup Task]
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.50.322.0_x64__dt26b99r8h8gj [2024-05-22] (Realtek Semiconductor Corp)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.6.1.0_x64__v10z8vjag6ke6 [2024-06-22] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_3.1.8.0_x64__v10z8vjag6ke6 [2024-05-18] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-05-22] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.35.35.0_x64__v10z8vjag6ke6 [2024-05-19] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.39.0_x64__v10z8vjag6ke6 [2024-05-18] (HP Inc.)
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2406.5002.0_x64__8wekyb3d8bbwe [2024-06-19] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-05-19] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_53.21110.548.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corporation)
Microsoft.BingSearch -> C:\Program Files\WindowsApps\Microsoft.BingSearch_1.0.91.0_x64__8wekyb3d8bbwe [2024-05-22] (Microsoft Corporation)
Microsoft.MPEG2VideoExtension -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.61931.0_x64__8wekyb3d8bbwe [2024-05-19] (Microsoft Corporation)
MicrosoftWindows.CrossDevice -> C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24052.57.0_x64__cw5n1h2txyewy [2024-06-15] (Microsoft Windows) [Startup Task]
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_34.52424.589.0_x64__v10z8vjag6ke6 [2024-06-13] (HP Inc.) [Startup Task]
Power Automate -> C:\Program Files\WindowsApps\Microsoft.PowerAutomateDesktop_11.2405.35.0_x64__8wekyb3d8bbwe [2024-06-06] (Microsoft Corporation) [Startup Task]
Windows Feature Experience Pack -> C:\windows\SystemApps\MicrosoftWindows.Client.LKG_cw5n1h2txyewy [2024-06-16] (Microsoft Windows)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ GoogleDriveCloudOverlayIconHandler] -> {A8E52322-8734-481D-A7E2-27B309EF8D56} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveMirrorBlacklistedOverlayIconHandler] -> {51EF1569-67EE-4AD6-9646-E726C3FFC8A2} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDrivePinnedOverlayIconHandler] -> {CFE8B367-77A7-41D7-9C90-75D16D7DC6B6} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)
ShellIconOverlayIdentifiers: [ GoogleDriveProgressOverlayIconHandler] -> {C973DA94-CBDF-4E77-81D1-E5B794FBD146} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers1: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers4: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)
ContextMenuHandlers5: [DriveFS 28 or later] -> {EE15C2BD-CECB-49F8-A113-CA1BFC528F5B} => C:\Program Files\Google\Drive File Stream\92.0.1.0\drivefsext.dll [2024-06-18] (Google LLC -> Google, Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/ ... inesspc-hp

==================== Loaded Modules (Whitelisted) =============

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

SearchScopes: HKLM-x32 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-05-18] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-06-06] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2384847340-952867437-1279697988-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\web\wallpaper\Windows\img0.jpg
DNS Servers: 192.168.31.248 - 1.1.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

HKU\S-1-5-21-2384847340-952867437-1279697988-1001\...\StartupApproved\Run: => "CCleaner Smart Cleaning"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{86141221-9E98-42FF-A8C6-159C28CDF1B8}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{A47AAB62-59B4-46A6-85A7-3848EB37DA71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{B8AC61AD-DFD7-4994-A029-804B91850311}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{76FEEB89-C499-4F2C-A3AF-2BA66BBE6138}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C6343AAE-199F-4736-8CDF-88B7571185AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{47893453-764F-4172-B4F4-3449E65B050C}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24137.2402.2884.4157_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{207FF0BA-4D00-447D-8427-9CBDA098563E}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24137.2402.2884.4157_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{50A6ABB4-1225-4286-835C-C6AC1F3800FE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\126.0.2592.68\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

17-06-2024 09:28:30 Windows Update
18-06-2024 19:03:33 HPSF Applying updates
21-06-2024 20:31:16 Windows Update
21-06-2024 20:31:19 Windows Update
22-06-2024 13:31:07 HPSF Applying updates
22-06-2024 16:02:38 AdwCleaner_BeforeCleaning_22/06/2024_16:02:38

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (06/22/2024 02:03:18 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/19/2024 05:25:49 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/18/2024 07:02:01 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program PhoneExperienceHost.exe version 1.24051.101.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (06/17/2024 11:36:02 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/16/2024 01:59:27 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/15/2024 09:50:19 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

Error: (06/09/2024 08:03:22 PM) (Source: Application Hang) (EventID: 1002) (User: NT AUTHORITY)
Description: The program msedge.exe version 125.0.2535.92 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Error: (06/07/2024 09:32:46 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0

System errors:
=============
Error: (06/22/2024 04:04:46 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "2" attempting to start the service hpqcaslwmiex with arguments "Unavailable" in order to run the server:
{FC9A6B26-991A-478D-9FF5-2B22854728E9}

Error: (06/22/2024 04:04:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HP CASL Framework Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/22/2024 04:04:45 PM) (Source: DCOM) (EventID: 10005) (User: NT AUTHORITY)
Description: DCOM got error "2" attempting to start the service hpqcaslwmiex with arguments "Unavailable" in order to run the server:
{FC9A6B26-991A-478D-9FF5-2B22854728E9}

Error: (06/22/2024 04:04:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HP CASL Framework Service zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.

Error: (06/22/2024 04:02:45 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Poly Lens Update Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (06/22/2024 04:02:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Insights Analytics sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/22/2024 04:02:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP LAN/WLAN/WWAN Switching UWP Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 120000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (06/22/2024 04:02:45 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP Insights WatchDog Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 60000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Windows Defender:
================
Date: 2024-06-22 12:18:49
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-06-21 20:30:43
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-06-20 09:23:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-06-17 09:24:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2024-06-14 10:08:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

==================== Memory info ===========================

BIOS: HP V78 Ver. 01.05.00 01/18/2024
Motherboard: HP 8B5C
Processor: AMD Ryzen 3 7330U with Radeon Graphics
Percentage of memory in use: 27%
Total physical RAM: 15681.06 MB
Available physical RAM: 11432.25 MB
Total Virtual: 16705.06 MB
Available Virtual: 12268.69 MB

==================== Drives ================================

Drive c: (Windows ) (Fixed) (Total:475.81 GB) (Free:403.28 GB) (Model: KBG50ZNV512G KIOXIA) (Protected) NTFS

\\?\Volume{c42a7235-279c-4e77-ab2f-9f572c3caec3}\ (Windows RE Tools) (Fixed) (Total:0.85 GB) (Free:0.11 GB) NTFS
\\?\Volume{0ab8e5a7-bce4-4bbf-9a28-5943b9189e90}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.17 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 476.9 GB) (Disk ID: 04C4C758)

Partition: GPT.

==================== End of Addition.txt =======================

#3 Příspěvek od **Rudy** » 22 čer 2024 16:29

Zdravím!
Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:

FirewallRules: [{A47AAB62-59B4-46A6-85A7-3848EB37DA71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{B8AC61AD-DFD7-4994-A029-804B91850311}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{76FEEB89-C499-4F2C-A3AF-2BA66BBE6138}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C6343AAE-199F-4736-8CDF-88B7571185AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
Task: {2D148F22-59B8-4E83-998E-5A4D1E42C0E0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{0A083088-27BB-4BA5-AFBA-394BA4650294} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

5manager5 · #4 Příspěvek od **5manager5** » 22 čer 2024 16:35

ok len ešte otazka predtým: adw cleaner označil nejaké veci od hp za nežiaduce a dal som do karanteny ale čo s tým? je to falošný poplach a tie veci potrebujem
z karanteny to nejde obnoviť...nechať tak a proste ignorovať a HP veci dalej použivať?

#5 Příspěvek od **Rudy** » 22 čer 2024 17:50

5manager5 píše: 22 čer 2024 16:35 ok len ešte otazka predtým: adw cleaner označil nejaké veci od hp za nežiaduce a dal som do karanteny ale čo s tým? je to falošný poplach a tie veci potrebujem
z karanteny to nejde obnoviť...nechať tak a proste ignorovať a HP veci dalej použivať?

Pokud je označil jako Preinstalled, není to šmejd, ale něco, co bylo součástí instalace OS na váš NB. Takže z karantény klidně vraťte zpět. Pokud ale byly označeny jako šmejdy (o čemž pochybuji, když jsou od HP), pak je nechte v karanténě. Tam ničemu neškodí a budou smazány současnsně s odinstalací ADW. Také jste mohl dát sem log ADW a bylo by jasno.

5manager5 · #6 Příspěvek od **5manager5** » 22 čer 2024 17:53

z karanteny ich nejde vratit a vymazať ich nechcem co teda robiť?
lebo takto ked aj tieto veci zmaze bude hp sw dalej fungovať?

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-03-04.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 06-22-2024
# Duration: 00:00:01
# OS: Windows 11 (Build 22631.3737)
# Cleaned: 18
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPNotifications Folder C:\Program Files (x86)\HP\HP NOTIFICATIONS
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPNotifications
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|HPNotifications
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPNotifications
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Folder C:\Users\igorv\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files (x86)\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\Program Files\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [3508 octets] - [22/06/2024 16:01:21]
AdwCleaner[S01].txt - [3569 octets] - [22/06/2024 16:02:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C01].txt ##########

#7 Příspěvek od **Rudy** » 22 čer 2024 18:54

Už jste je smazal (deleted). To je právě to, že lidé neřeknou, co všechno už dělali.

. OS bude fungovat i bez nich. Pokud byste ale něco potřeboval, nebudou k dispozici. Bude ale asi možné je znovu nainstalovat. Jde převážně o servisní funkce (utility). Teď bych pooprosil om fixlog FRST.

5manager5 · #8 Příspěvek od **5manager5** » 22 čer 2024 20:34

ok, no snad mi ten sw nebude od hp chybať, mám od nich špecialny support servis na 3 roky

Fix result of Farbar Recovery Scan Tool (x64) Version: 19.06.2024
Ran by igorv (22-06-2024 21:31:21) Run:1
Running from C:\Users\igorv\Desktop
Loaded Profiles: igorv
Boot Mode: Normal
==============================================

fixlist content:
*****************
tart

CloseProcesses:

FirewallRules: [{A47AAB62-59B4-46A6-85A7-3848EB37DA71}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{B8AC61AD-DFD7-4994-A029-804B91850311}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe => No File
FirewallRules: [{76FEEB89-C499-4F2C-A3AF-2BA66BBE6138}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
FirewallRules: [{C6343AAE-199F-4736-8CDF-88B7571185AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe => No File
Task: {2D148F22-59B8-4E83-998E-5A4D1E42C0E0} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{0A083088-27BB-4BA5-AFBA-394BA4650294} => C:\Program Files (x86)\Google\GoogleUpdater\128.0.6537.0\updater.exe [4623976 2024-06-13] (Google LLC -> Google LLC)
Task: {E0F10DCF-44AD-40E8-9370-FB5DA59F93FB} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\DumpStack.log.tmp

EmptyTemp:
End
*****************

tart => Error: No automatic fix found for this entry.
Processes closed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A47AAB62-59B4-46A6-85A7-3848EB37DA71}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{B8AC61AD-DFD7-4994-A029-804B91850311}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{76FEEB89-C499-4F2C-A3AF-2BA66BBE6138}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{C6343AAE-199F-4736-8CDF-88B7571185AF}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D148F22-59B8-4E83-998E-5A4D1E42C0E0}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D148F22-59B8-4E83-998E-5A4D1E42C0E0}" => removed successfully
C:\windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{0A083088-27BB-4BA5-AFBA-394BA4650294} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem128.0.6537.0{0A083088-27BB-4BA5-AFBA-394BA4650294}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{E0F10DCF-44AD-40E8-9370-FB5DA59F93FB}" => removed successfully
C:\windows\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 1048576 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 13770378 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 79200515 B
Windows/system/drivers => 19253284 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 31766 B
igorv => 2499621 B

RecycleBin => 8790880 B
EmptyTemp: => 118.8 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 22-06-2024 21:33:07)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 21:33:07 ====

#9 Příspěvek od **Rudy** » 22 čer 2024 20:51

Smazáno, log je již OK. OS bude fungovat i bez něj a pokud byste ho potřeboval k nějakým servisním činnostem, určitě bude z webu HP ke stažení. Případně existují i alternativy.

5manager5 · #10 Příspěvek od **5manager5** » 22 čer 2024 21:02

ok dakujem, ako vačšinu mi netreba ale tie recovery veci by mohli byť treba no...tak snad to niekedy nebude problem ked by to bolo potrebne

#11 Příspěvek od **Rudy** » 23 čer 2024 08:22

To možná ano. Utility určitě budou ke stažení z webu HP. Nemáte zač!

VIRY.CZ

kontrola nového NB

kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB

Re: kontrola nového NB