Prosím o kontrolu

[veroniccam]

Prosím o kontrolu logu, začíná mi z ničeho nic občas zamrzat notebook HP 255 G8

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-11-2024
Ran by Veronika (administrator) on HP255G8 (HP HP 255 G8 Notebook PC) (23-11-2024 20:03:47)
Running from C:\Users\HP\Desktop\FRST64.exe
Loaded Profiles: Veronika & DefaultAppPool
Platform: Microsoft Windows 11 Pro Version 24H2 26120.2415 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe
(Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe
(C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSSrcExt.exe
(C:\Program Files\AMD\CNext\CNext\RadeonSoftware.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\cncmd.exe
(C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.32301.0.0_x64__cw5n1h2txyewy\Dashboard\Widgets.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe <6>
(cmd.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\AMDRSServ.exe
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\BridgeCommunication.exe
(DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atieclxx.exe
(ETDService.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDCtrl.exe
(Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <33>
(Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\TrGUI.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SystemSettingsAdminFlows.exe
(SECOMN64.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOCL64.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\atiesrxx.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ETDService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\cpda.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\IDAFServerHostService.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\UIFramework\Bin\cptrayLogic.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Watchdog\EPWD.exe
(services.exe ->) (Check Point Software Technologies Ltd. -> Check Point Software Technologies) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\TracSrvWrapper.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe <2>
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Realtek Semiconductor Corp.) C:\Windows\RtkBtManServ.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d315e0ae42c5f5e6\RtkAudUService64.exe <2>
(services.exe ->) (Sound Research Corporation -> Sound Research, Corp.) C:\Windows\System32\SECOMN64.exe
(svchost.exe ->) (24803D75-212C-471A-BC57-9EF86AB91435 -> ) C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm\WhatsApp.exe
(svchost.exe ->) (Advanced Micro Devices -> Advanced Micro Devices, Inc.) C:\Program Files\AMD\CNext\CNext\CPUMetricsServer.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MicrosoftStickyNotes_6.1.4.0_x64__8wekyb3d8bbwe\Microsoft.Notes.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\inetsrv\w3wp.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SystemApps\Microsoft.Windows.AppRep.ChxApp_cw5n1h2txyewy\CHXSmartScreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.26100.2410_none_a52242b977504e85\TiWorker.exe
(SystemSettingsAdminFlows.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Dism\DismHost.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_d315e0ae42c5f5e6\RtkAudUService64.exe [1922856 2023-09-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [Check Point Endpoint Security Tray] => C:\Program Files (x86)\CheckPoint\Endpoint Security\UIFramework\Bin\cptrayUI.exe [680384 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Check Point Endpoint Security WUI] => C:\Program Files (x86)\CheckPoint\Endpoint Security\UIFramework\Bin\WUI\cptrayWUI.exe [1007040 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [Check Point Endpoint Connect] => C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\TrGUI.exe [14292416 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Windows\WindowsUpdate: Restriction <==== ATTENTION
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\Run: [MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3936328 2024-11-22] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\Policies\Explorer: [NolowDiskSpaceChecks] 1
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\system32\PhotoScreensaver.scr [565248 2024-10-04] (Microsoft Windows -> Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.86\Installer\chrmstp.exe [2024-11-19] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{C885AA15-1764-4293-B82A-0586ADD46B35}] ->
Startup: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gmail (2).lnk [2024-10-09]
ShortcutTarget: Gmail (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC -> Google LLC)
GroupPolicy: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {3D00B927-8C3A-4522-9DDD-AC4A0690B6FF} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {89D0DD39-DA89-4A78-B1D8-71DF8D80A981} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {71DBA129-5985-4543-82B7-59374CE67A73} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [184024 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {3BEE7CB1-D71D-4C93-94D9-5D98F780C011} - System32\Tasks\AMDScoSupportTypeUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {0E5EEE2B-E577-4C1C-BF6F-6662EDCB25F7} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe (No File)
Task: {C722CDAA-C7D5-4D9D-85A6-F9B3AA9892DD} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{36E25ADC-4CF1-41AB-9139-642EB9FB6D49} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {91C21894-8FD0-4FEE-962F-368935C74A33} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ABO => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://ABO
Task: {6D4A104D-D056-4EC4-9474-06517E87E82D} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusError => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusError
Task: {F4F8ACA4-F42A-463E-85E4-D7E8A048F1FE} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BatteryStatusTest => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BatteryStatusTest
Task: {A71ECFAA-6911-49E7-BF9A-62F1B3E136BD} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BCF => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BCF
Task: {A2FBBBF0-5034-45AB-9DE6-46235F445CA9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM1 => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM1
Task: {C8F456AA-2673-46EB-9D81-772B1163286F} - System32\Tasks\Hewlett-Packard\HP Diagnostics\BHM2 => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://BHM2
Task: {9F5B0ACD-87FD-40D2-A018-25008D1D617A} - System32\Tasks\Hewlett-Packard\HP Diagnostics\LaunchUI => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://LaunchUI
Task: {17E4EC14-3C09-4E2E-9670-308F75A3A1B0} - System32\Tasks\Hewlett-Packard\HP Diagnostics\ShowUI => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags:
Task: {0DD7C577-EFF7-4F84-8B2C-3DA86A45886C} - System32\Tasks\Hewlett-Packard\HP Diagnostics\SmartCheckError => C:\WINDOWS\system32\cmd.exe [339968 2024-11-08] (Microsoft Windows -> Microsoft Corporation) -> /c start hpdiags://SmartCheckError
Task: {55D5EAA9-549F-4957-8CFC-41E6AFF2D083} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-BatteryStatusTest => c:\Windows\System32\schtasks.exe [253952 2024-04-01] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\BatteryStatusTest"
Task: {6FDB6D56-025F-47C5-A52D-BE3107BE84F9} - System32\Tasks\Hewlett-Packard\HP Diagnostics\Uninstall-FastSystemTests => c:\Windows\System32\schtasks.exe [253952 2024-04-01] (Microsoft Windows -> Microsoft Corporation) -> /Change /Disable /tn "\Hewlett-Packard\HP Diagnostics\FastSystemTests"
Task: {D9B3BBAF-F3A2-49F8-A597-DE67E0CA2420} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003016 2024-11-13] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {CFC56A7E-B149-47BD-B432-7DB7ACBFA12E} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [138328 2024-11-13] (HP Inc. -> HP Inc.)
Task: {730B8684-2CE7-4E06-8323-B2CD68D4BD3C} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {B7CEDEAC-50F5-4B2F-B9DD-09D3E07AB630} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {2927C4DC-F582-40EE-88E0-8E793F8688FB} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {EC3CA881-8496-4B12-B8E2-242C47AD2329} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-11-14] (Microsoft Corporation -> Microsoft Corporation)
Task: {26B309D3-044F-46BD-86D5-E5F40491FA82} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\Office16\operfmon.exe [187600 2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Task: {45736A72-2DE8-4362-A315-059CE2BE8473} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_AC => %systemroot%\system32\MusNotification.exe /RunOnAC RebootDialog (No File)
Task: {319A0241-ADEB-4366-9B6F-6A145BA590F7} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\Reboot_Battery => %systemroot%\system32\MusNotification.exe /RunOnBattery RebootDialog (No File)
Task: {A40141D5-7437-4627-805D-05C6FE547AA2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {CF258D7E-274C-4D01-AC7A-DED33F3B3B3E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7014FFAF-6CB8-4B88-B3A4-1017E651293F} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {982AE90B-1FB9-481F-8EBB-39693B938BC5} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpCmdRun.exe [1687360 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {83D49785-580E-4B25-8844-816CBFD2521D} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\InitialConfiguration => {709FD5EF-7296-4154-BD3A-E9830FCFA60A} C:\WINDOWS\system32\ShellConfigTask.dll [184320 2024-11-23] (Microsoft Windows -> Microsoft Corporation)
Task: {FB5DDC38-91FD-45A3-82A6-D04C5BD449AF} - System32\Tasks\Microsoft\Windows\WindowsAI\Recall\PolicyConfiguration => {0BE6820D-B667-4CB6-931B-C153A77DA895} C:\WINDOWS\system32\ShellConfigTask.dll [184320 2024-11-23] (Microsoft Windows -> Microsoft Corporation)
Task: {DC85B176-1128-4E29-97B2-10E1EF27673F} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [1030872 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {B686BC4C-775A-4E98-B740-BFD2D9051C3D} - System32\Tasks\StartCN => C:\Program Files\AMD\CNext\CNext\cncmd.exe [60632 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
Task: {B38F6AE5-35DD-44BA-9D06-F7D6560C59F8} - System32\Tasks\StartDVR => C:\Program Files\AMD\CNext\CNext\RSServCmd.exe [324312 2024-08-19] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-3663164027-3565326852-1001575466-1001] => hxxp://de-a-v-l-0004.do-dat.int:8080
Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{247512de-c46c-4c38-bda7-e155bcc1e278}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{247512de-c46c-4c38-bda7-e155bcc1e278}: [DhcpDomain] home
Tcpip\..\Interfaces\{46132582-e49c-4510-9cff-3b6c898e6065}: [DhcpNameServer] 10.49.40.250 10.49.40.150
Tcpip\..\Interfaces\{46132582-e49c-4510-9cff-3b6c898e6065}: [DhcpDomain] do-dat.int
Tcpip\..\Interfaces\{9671ff7c-a0a1-4401-8642-a87a2f3b2d8f}: [DhcpNameServer] 31.30.90.11 31.30.90.12

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default [2024-11-22]
Edge Extension: (Emojis - Emoji Keyboard) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\gaoflciahikhligngeccdecgfjngejlh [2024-06-27]
Edge Extension: (Dokumenty Google offline) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-07]
Edge Extension: (Edge relevant text changes) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-01-24]
Edge Extension: (Vašekupóny.cz vyhledávač slev) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\kkbanodihokodakgnaglghalmaainfgk [2024-09-22]
Edge Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\HP\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ndcileolkflehcjpmjnfbnaibdcgglog [2024-11-22]

FireFox:
========
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-08-31] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-05] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default [2024-11-23]
CHR DownloadDir: C:\Users\HP\Desktop
CHR Notifications: Default -> hxxps://mail.google.com
CHR Extension: (Emojis - Emoji Keyboard) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gaoflciahikhligngeccdecgfjngejlh [2024-10-12]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2024-11-20]
CHR Extension: (Vašekupóny.cz vyhledávač slev) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\kfgkchpliekbcfnnmdcplkfjedmbgaec [2024-09-21]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-12-13]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Guest Profile [2024-04-13]
CHR Profile: C:\Users\HP\AppData\Local\Google\Chrome\User Data\System Profile [2024-09-20]
CHR HKLM-x32\...\Chrome\Extension: [jkfpchpiljkaemlpmpebnglgkomamfeo]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 Check Point Device Auxiliary Framework; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\IDAFServerHostService.exe [812856 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13652176 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
R2 CPDA; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\cpda.exe [7430080 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 EPClientUIService; C:\Program Files (x86)\CheckPoint\Endpoint Security\UIFramework\Bin\cptrayLogic.exe [24512 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 EPWD; C:\Program Files (x86)\CheckPoint\Endpoint Security\Watchdog\EPWD.exe [574912 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\AppHelperCap.exe [912480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\DiagsCap.exe [910944 2024-11-10] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\NetworkCap.exe [906848 2024-11-10] (HP Inc. -> HP Inc.)
S3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149480 2018-06-07] (HP Inc. -> HP)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_8a181b75f1f43801\x64\SysInfoCap.exe [911480 2024-11-10] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_7dcf4ebd9d1b4772\x64\TouchpointAnalyticsClientService.exe [569008 2024-05-07] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MpDefenderCoreService.exe [1447680 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 TracSrvWrapper; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\TracSrvWrapper.exe [9879488 2024-07-26] (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\NisSrv.exe [3199672 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24090.11-0\MsMpEng.exe [141952 2024-10-30] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 AMDAfdAudioService; C:\WINDOWS\System32\DriverStore\FileRepository\amdacpafd.inf_amd64_83e4d032c48bb725\amdacpafd.sys [432448 2024-07-07] (AMD Test Build -> Advanced Micro Devices)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [36016 2024-07-19] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R2 AMDRyzenMasterDriverV20; C:\WINDOWS\system32\AMDRyzenMasterDriver.sys [48328 2024-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 AMDSAFD; C:\WINDOWS\System32\DriverStore\FileRepository\amdsafd.inf_amd64_960126269e89c62e\amdsafd.sys [113880 2024-05-10] (Advanced Micro Devices -> Advanced Micro Devices)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0407052.inf_amd64_84d15514ad17ffa0\B406619\amdkmdag.sys [106596128 2024-09-04] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [61888 2023-05-24] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 epklibproxy; C:\WINDOWS\System32\drivers\epklibproxy.sys [30704 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\ISWKL.sys [50272 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
S3 Netaapl; C:\WINDOWS\System32\drivers\netaapl64.sys [32352 2017-11-28] (Microsoft Windows Hardware Compatibility Publisher -> Apple Inc.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_16d0e5f2b3759518\rt68cx21x64.sys [845256 2024-08-21] (Realtek Semiconductor Corp. -> Realtek)
R3 vna_ap; C:\WINDOWS\System32\drivers\vnaap.sys [76208 2022-08-08] (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
R1 vsdatant; C:\WINDOWS\system32\DRIVERS\vsdatant.sys [694696 2024-07-26] (Microsoft Windows Hardware Compatibility Publisher -> Check Point Software Technologies Ltd.)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [22104 2024-10-30] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [606624 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [105888 2024-10-30] (Microsoft Windows -> Microsoft Corporation)
R3 WirelessButtonDriver64; C:\WINDOWS\System32\drivers\WirelessButtonDriver64.sys [40200 2023-11-17] (HP Inc. -> HP)
S3 MpKsl6954b83c; \??\C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{E285AAB9-60D1-45CC-B4A7-ECFA3B5BD065}\MpKslDrv.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-23 20:03 - 2024-11-23 20:04 - 000028996 _____ C:\Users\HP\Desktop\FRST.txt
2024-11-23 20:03 - 2024-11-23 20:04 - 000000000 ____D C:\FRST
2024-11-23 20:02 - 2024-11-23 20:02 - 002402816 _____ (Farbar) C:\Users\HP\Desktop\FRST64.exe
2024-11-23 20:02 - 2024-11-23 20:02 - 000003281 _____ C:\Users\HP\Desktop\fixlist.txt
2024-11-23 20:00 - 2024-11-23 20:00 - 000806758 _____ C:\WINDOWS\system32\perfh005.dat
2024-11-23 20:00 - 2024-11-23 20:00 - 000195904 _____ C:\WINDOWS\system32\perfc005.dat
2024-11-23 19:53 - 2024-11-23 19:53 - 000003108 _____ C:\WINDOWS\system32\Tasks\AMDInstallLauncher
2024-11-23 19:53 - 2024-11-23 19:53 - 000003100 _____ C:\WINDOWS\system32\Tasks\AMDLinkUpdate
2024-11-23 18:39 - 2024-11-23 19:54 - 000000000 ____D C:\WINDOWS\CbsTemp
2024-11-23 18:33 - 2024-11-23 18:33 - 000000998 _____ C:\WINDOWS\system32\DeviceFeatureDDF.json
2024-11-22 20:25 - 2024-11-22 20:25 - 000226974 _____ C:\Users\HP\Desktop\navrh-smlouvy-cpp-pojisteni-vozidel.pdf
2024-11-21 21:41 - 2024-11-23 19:52 - 000012288 ___SH C:\DumpStack.log.tmp
2024-11-19 17:52 - 2024-11-19 17:52 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\WebManagement
2024-11-19 17:48 - 2024-11-19 17:48 - 000000020 ___SH C:\Users\Classic .NET AppPool\ntuser.ini
2024-11-19 17:48 - 2024-11-19 17:48 - 000000020 ___SH C:\Users\.NET v2.0\ntuser.ini
2024-11-19 17:48 - 2024-11-19 17:48 - 000000020 ___SH C:\Users\.NET v2.0 Classic\ntuser.ini
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Šablony
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Soubory cookie
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Poslední
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Okolní tiskárny
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Okolní síť
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Nabídka Start
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Dokumenty
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Documents\Obrázky
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Documents\Hudba
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Documents\Filmy
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\Data aplikací
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\Classic .NET AppPool\AppData\Local\Data aplikací
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Šablony
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Soubory cookie
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Poslední
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Okolní tiskárny
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Okolní síť
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Nabídka Start
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Dokumenty
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Documents\Obrázky
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Documents\Hudba
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Documents\Filmy
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\Data aplikací
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0\AppData\Local\Data aplikací
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Šablony
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Soubory cookie
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Poslední
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Okolní tiskárny
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Okolní síť
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Nabídka Start
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Dokumenty
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Documents\Obrázky
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Documents\Hudba
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Documents\Filmy
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\Data aplikací
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 _SHDL C:\Users\.NET v2.0 Classic\AppData\Local\Data aplikací
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 ___RD C:\ProgramData\Microsoft\Windows\Start Menu\Programs\IIS
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 ____D C:\Users\Classic .NET AppPool
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 ____D C:\Users\.NET v2.0 Classic
2024-11-19 17:48 - 2024-11-19 17:48 - 000000000 ____D C:\Users\.NET v2.0
2024-11-19 17:48 - 2024-10-04 21:14 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Windows
2024-11-19 17:48 - 2024-10-04 21:14 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Network
2024-11-19 17:48 - 2024-10-04 21:14 - 000000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Microsoft\Windows
2024-11-19 17:48 - 2024-10-04 21:14 - 000000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Microsoft\Network
2024-11-19 17:48 - 2024-10-04 21:14 - 000000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Windows
2024-11-19 17:48 - 2024-10-04 21:14 - 000000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Network
2024-11-19 17:48 - 2024-05-21 15:46 - 000000000 ___RD C:\Users\Classic .NET AppPool\OneDrive
2024-11-19 17:48 - 2024-05-21 15:46 - 000000000 ___RD C:\Users\.NET v2.0\OneDrive
2024-11-19 17:48 - 2024-05-21 15:46 - 000000000 ___RD C:\Users\.NET v2.0 Classic\OneDrive
2024-11-19 17:48 - 2024-04-01 08:26 - 000000000 ____D C:\Users\Classic .NET AppPool\AppData\Roaming\Microsoft\Spelling
2024-11-19 17:48 - 2024-04-01 08:26 - 000000000 ____D C:\Users\.NET v2.0\AppData\Roaming\Microsoft\Spelling
2024-11-19 17:48 - 2024-04-01 08:26 - 000000000 ____D C:\Users\.NET v2.0 Classic\AppData\Roaming\Microsoft\Spelling
2024-11-19 17:11 - 2024-11-22 18:40 - 000000000 ____D C:\WINDOWS\Minidump
2024-11-14 21:47 - 2024-11-14 21:47 - 000000000 ____D C:\Program Files\Common Files\DESIGNER
2024-11-13 19:10 - 2024-11-13 19:10 - 000001832 __RSH C:\ProgramData\ntuser.pol
2024-11-12 19:59 - 2024-11-12 19:59 - 000233766 _____ C:\WINDOWS\system32\GPReport.html
2024-11-11 20:08 - 2024-11-11 20:08 - 000000000 ____D C:\Users\HP\AppData\Local\Microsoft_Corporation
2024-11-11 20:08 - 2024-11-11 20:08 - 000000000 _____ C:\WINDOWS\SysWOW64\Get-CimInstance
2024-11-07 21:44 - 2024-11-07 21:44 - 000027132 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-07 21:44 - 2024-11-07 21:44 - 000027132 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2024-11-03 19:57 - 2024-11-03 19:57 - 000000000 ____D C:\WINDOWS\system32\msmq

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-11-23 20:03 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2024-11-23 20:00 - 2024-10-04 21:19 - 001962336 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2024-11-23 20:00 - 2024-04-01 08:24 - 000000000 ____D C:\WINDOWS\INF
2024-11-23 19:56 - 2024-09-14 16:39 - 000000000 ____D C:\Users\HP\AppData\Local\AMD_Common
2024-11-23 19:55 - 2023-12-13 13:07 - 000000000 ____D C:\Users\HP\AppData\Local\D3DSCache
2024-11-23 19:53 - 2024-10-04 21:10 - 000000000 ____D C:\Users\DefaultAppPool
2024-11-23 19:53 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2024-11-23 19:53 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-11-23 19:52 - 2024-10-04 21:15 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2024-11-23 19:52 - 2024-10-04 21:10 - 000000000 ____D C:\Users\HP
2024-11-23 19:52 - 2024-10-04 21:08 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2024-11-23 19:52 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ServiceState
2024-11-23 19:52 - 2023-12-14 20:39 - 000036864 _____ C:\WINDOWS\system32\Drivers\vsparam.reg
2024-11-23 19:52 - 2023-12-14 20:39 - 000008192 _____ C:\WINDOWS\system32\Drivers\vsflt.reg
2024-11-23 19:52 - 2023-12-14 17:36 - 000012288 _____ C:\WINDOWS\system32\Drivers\vsndis.reg
2024-11-23 19:20 - 2024-04-01 08:26 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-23 19:00 - 2024-04-01 08:26 - 000000000 ___HD C:\Program Files\WindowsApps
2024-11-23 18:57 - 2024-10-04 21:08 - 000494144 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2024-11-23 18:57 - 2024-04-30 18:44 - 000049786 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2024-11-23 18:57 - 2024-04-01 08:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\UUS
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\AdvancedInstallers
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SystemResources
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\AdvancedInstallers
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\Provisioning
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2024-11-23 18:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2024-11-23 18:45 - 2023-12-13 12:50 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-11-23 18:38 - 2024-10-04 21:15 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-11-23 18:38 - 2024-10-04 21:15 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-11-23 18:32 - 2024-10-04 21:10 - 003337216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2024-11-22 21:19 - 2023-12-13 13:43 - 000000000 ___RD C:\Users\HP\Desktop\Nika ♥
2024-11-22 21:17 - 2023-12-13 22:00 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Word
2024-11-21 20:59 - 2023-12-16 21:01 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Excel
2024-11-21 20:53 - 2023-12-13 12:58 - 000000000 ____D C:\Users\HP\AppData\Local\Packages
2024-11-21 18:34 - 2023-12-13 22:21 - 000000000 ____D C:\Users\HP\AppData\Roaming\Telegram Desktop
2024-11-21 18:31 - 2024-08-30 19:12 - 000000000 ____D C:\Users\HP\AppData\Local\CrashDumps
2024-11-21 18:31 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2024-11-21 18:28 - 2024-10-09 21:24 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2024-11-20 18:14 - 2023-12-13 22:00 - 000000000 ____D C:\Users\HP\AppData\Roaming\Microsoft\Office
2024-11-20 09:28 - 2024-09-14 17:31 - 000000000 ____D C:\Program Files\AMD
2024-11-19 20:43 - 2024-09-22 17:19 - 000002209 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-11-19 20:43 - 2024-09-22 17:19 - 000002168 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-11-19 18:15 - 2024-10-04 21:15 - 000000000 ____D C:\WINDOWS\system32\Tasks\Hewlett-Packard
2024-11-19 17:52 - 2024-10-04 22:00 - 000000000 ____D C:\inetpub
2024-11-19 17:52 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\inetsrv
2024-11-19 17:48 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\SysWOW64\inetsrv
2024-11-15 23:47 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\catroot2_old
2024-11-14 21:47 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-14 21:47 - 2023-12-13 21:51 - 000000000 ____D C:\Program Files\Microsoft Office
2024-11-14 17:48 - 2023-12-31 15:33 - 000000000 ____D C:\ProgramData\Package Cache
2024-11-13 18:19 - 2023-12-13 13:05 - 000000000 ____D C:\WINDOWS\system32\MRT
2024-11-13 18:16 - 2023-12-13 13:05 - 202035632 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2024-11-08 23:56 - 2024-04-01 08:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2024-11-08 23:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2024-11-08 23:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2024-11-08 23:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\setup
2024-11-08 23:56 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\migwiz
2024-11-08 23:56 - 2024-04-01 08:26 - 000000000 ____D C:\Program Files\Common Files\System
2024-11-07 23:10 - 2024-04-01 17:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2024-11-07 23:10 - 2024-04-01 17:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2024-11-07 23:10 - 2024-04-01 08:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2024-11-05 18:57 - 2023-12-13 13:43 - 000000000 ___RD C:\Users\HP\Desktop\Musik
2024-11-05 18:57 - 2023-12-13 13:42 - 000000000 ___RD C:\Users\HP\Desktop\iPhone
2024-11-05 18:56 - 2023-12-13 13:42 - 000000000 ___RD C:\Users\HP\Desktop\BMW
2024-11-02 18:25 - 2024-10-09 21:20 - 000000000 ____D C:\ProgramData\Avast Software
2024-11-02 18:21 - 2024-04-01 08:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2024-11-02 17:23 - 2024-10-09 21:22 - 000000000 ____D C:\Users\HP\AppData\Local\Avast Software
2024-11-02 17:21 - 2024-10-09 21:21 - 000000000 ____D C:\Users\HP\AppData\Roaming\Avast Software
2024-11-02 17:19 - 2024-10-06 15:59 - 000888600 _____ (Google LLC) C:\Users\Public\Documents\gcapi.dll
2024-10-30 17:53 - 2023-12-13 12:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2024-10-28 19:09 - 2024-01-30 19:05 - 000000000 ____D C:\Users\HP\AppData\Local\cache

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-11-2024
Ran by Veronika (23-11-2024 20:06:08)
Running from C:\Users\HP\Desktop
Microsoft Windows 11 Pro Version 24H2 26120.2415 (X64) (2024-10-04 20:15:38)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-3663164027-3565326852-1001575466-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3663164027-3565326852-1001575466-503 - Limited - Disabled)
Guest (S-1-5-21-3663164027-3565326852-1001575466-501 - Limited - Disabled)
Veronika (S-1-5-21-3663164027-3565326852-1001575466-1001 - Administrator - Enabled) => C:\Users\HP
WDAGUtilityAccount (S-1-5-21-3663164027-3565326852-1001575466-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.133 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 6.07.22.037 - Advanced Micro Devices, Inc.)
AMD I2C Driver (HKLM-x32\...\{B31D92D9-2914-46B0-9738-F668A563DE73}) (Version: 1.2.0.124 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.30.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 8.0.0.13 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.44 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 24.9.1 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{a3a3f608-32f7-42e6-abeb-9312016404b4}) (Version: 6.07.22.037 - Advanced Micro Devices, Inc.) Hidden
Branding64 (HKLM\...\{492AEFBE-1B81-4C20-A111-E6974BB98EC5}) (Version: 1.00.0009 - Advanced Micro Devices, Inc.) Hidden
CopyTrans Control Center Uninstall Only (HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\CopyTrans Suite) (Version: 5.003 - WindSolutions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.86 - Google LLC)
HP Software Framework (HKLM-x32\...\{71E18A14-1BDB-4B58-A67F-1BCDA12462FD}) (Version: 7.1.15.1 - HP)
Check Point Endpoint Security (HKLM\...\{EA915842-74A4-49E5-96A0-15EB9A1861BB}) (Version: 88.00.0188 - Check Point Software Technologies Ltd.)
iCloud Outlook (HKLM\...\{F4523358-0218-44DA-8A86-7C40FAF2262B}) (Version: 15.0.0.215 - Apple Inc.)
Microsoft 365 Apps for enterprise - en-us (HKLM\...\O365ProPlusRetail - en-us) (Version: 16.0.18129.20158 - Microsoft Corporation)
Microsoft 365 Apps pro velké organizace - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.18129.20158 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 132.0.2957.11 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.63 - Microsoft Corporation) Hidden
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.19202 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2022 Redistributable (x64) - 14.42.34433 (HKLM-x32\...\{804e7d66-ccc2-4c12-84ba-476da31d103d}) (Version: 14.42.34433.0 - Microsoft Corporation)
Microsoft Visual C++ 2022 X64 Additional Runtime - 14.42.34433 (HKLM\...\{E1902FC6-C423-4719-AB8A-AC7B2694B367}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2022 X64 Minimum Runtime - 14.42.34433 (HKLM\...\{382F1166-A409-4C5B-9B1E-85ED538B8291}) (Version: 14.42.34433 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20100 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20158 - Microsoft Corporation) Hidden
RyzenMasterSDK (HKLM\...\{4B4B44C4-19FF-4791-AAD4-1AE011803AE8}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden
Signal 7.27.0 (HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\7d96caee-06e6-597c-9f2f-c7bb2e0948b4) (Version: 7.27.0 - Signal Messenger, LLC)
Telegram Desktop (HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\{53F49750-6209-4FBF-9CA8-7A333C87D1ED}_is1) (Version: 5.8.2 - Telegram FZ-LLC)
WinRAR 7.01 (64-bit) (HKLM\...\WinRAR archiver) (Version: 7.01.0 - win.rar GmbH)

Chrome apps:
============
Gmail (HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\af4c9799d4397ada8b99337c1b0a4776) (Version: 1.0 - Google\Chrome)

Packages:
=========
AMD Radeon Software -> C:\Program Files\AMD\CNext\CNext [2024-10-01] (Advanced Micro Devices Inc.)
Clipchamp.Clipchamp -> C:\Program Files\WindowsApps\Clipchamp.Clipchamp_3.0.10220.0_neutral_split.language-cs_yxz26nhyzhsrt [2024-04-30] (Microsoft Corp.)
HP Audio Center -> C:\Program Files\WindowsApps\AD2F1837.HPAudioCenter_1.50.322.0_x64__v10z8vjag6ke6 [2024-05-15] (HP Inc.)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.6.3.0_x64__v10z8vjag6ke6 [2024-09-23] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.40.48.0_x64__v10z8vjag6ke6 [2024-11-19] (HP Inc.)
iTunes -> C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa [2024-10-22] (Apple Inc.) [Startup Task]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2024-05-04] (Microsoft Corporation) [MS Ad]
WhatsApp -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2445.7.0_x64__cv1g1gvanyjgm [2024-11-13] (WhatsApp Inc.) [Startup Task]
WiFi Analyzer -> C:\Program Files\WindowsApps\19965MATTHAFNER.WIFIANALYZER_2.8.0.0_x64__gs5k5vmxr2ste [2024-09-16] (Matt Hafner)
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.311.2039.0_x64__8wekyb3d8bbwe [2024-11-14] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_6000.318.2304.0_x64__8wekyb3d8bbwe [2024-11-19] (Microsoft Corp.)
Windows Package Manager Source (platform) V2 -> C:\Program Files\WindowsApps\Microsoft.Winget.Platform.Source_2024.619.2424.30_neutral__8wekyb3d8bbwe [2024-10-09] (Microsoft Corporation)
WinRAR -> C:\Program Files\WinRAR [2024-07-16] (win.rar GmbH)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3663164027-3565326852-1001575466-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\HP\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.19202\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [UnLockerMenu] -> {410BF280-86EF-4E0F-8279-EC5848546AD3} => -> No File

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\HP\Desktop\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\HP\AppData\Local\Google\Chrome\User Data\Default\Web Applications\_crx_fmgjjmmmlfnkbppncabfkddbjimcfncm\Gmail.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Gmail (2).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm
ShortcutWithArgument: C:\Users\HP\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\Gmail (1).lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=fmgjjmmmlfnkbppncabfkddbjimcfncm

==================== Loaded Modules (Whitelisted) =============


==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2024-11-13] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-09-30] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2024-11-13] (HP Inc. -> HP Inc.)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-11-01] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-07 10:14 - 2019-12-07 10:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

2024-04-14 15:29 - 2024-08-28 17:59 - 000000435 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
192.168.137.1 HP255G8.mshome.net # 2029 8 1 27 16 59 22 488

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\HP\Desktop\iPhone\Veronika\IMG_7654.JPG
HKU\S-1-5-82-3006700770-424185619-1745488364-794895919-4004696415\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
Ethernet 2: Check Point Virtual Network Adapter For Endpoint VPN Client -> vnaap.sys
Síťové připojení Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: Realtek RTL8822CE 802.11ac PCIe Adapter -> rtwlane.sys

MS_NdisLwf: Zone Alarm Firewall Driver

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AUEPLauncher => 2
MSCONFIG\Services: WinThruster Real Time Protection Service => 2
HKLM\...\StartupApproved\StartupFolder: => "Gmail (2).lnk"
HKLM\...\StartupApproved\Run: => "SecurityHealth"
HKLM\...\StartupApproved\Run: => "RtkAudUService"
HKLM\...\StartupApproved\Run32: => "Check Point Endpoint Security Tray"
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\StartupApproved\StartupFolder: => "Gmail.lnk"
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\StartupApproved\Run: => "OneDrive"
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\StartupApproved\Run: => "MicrosoftEdgeAutoLaunch_AC3B7AF181558E407F159DB8A5D4AA84"
HKU\S-1-5-21-3663164027-3565326852-1001575466-1001\...\StartupApproved\Run: => "AMDNoiseSuppression"

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{DECC47BD-EFC9-4682-88E2-AC0B02DF57FB}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{80BB3A79-4B41-478D-AE2A-35B7ACC08F3E}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24215.1007.3082.1590_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{644D3DDB-B581-4A75-8AE5-D8460775748E}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4FF4A516-DFEF-4CC2-ABB1-2DC25DA3FD03}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{D945C6E7-48CF-402F-A110-11B73017C1D1}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{88A250F9-2D55-4187-9BBF-4259A03003C7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{6024624B-0770-4A6B-A5E1-050659A20009}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\bin\IDAFServerHostService.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies Ltd.)
FirewallRules: [{ADA2AA97-AAAF-4368-A1AF-27D1B43A7E8D}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\cpinfo\uploader\cpinfo_uploader.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{A5EC8122-E995-4332-B775-AEF69C64E17C}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\TracSrvWrapper.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{E4C587BA-5142-42ED-A17E-2E31973768DA}] => (Allow) C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Connect\TrGUI.exe (Check Point Software Technologies Ltd. -> Check Point Software Technologies)
FirewallRules: [{7EEA91D3-F185-4E8F-B3C7-0FA4DB2C9894}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DCE4AF6-4C89-41BF-967D-17D2E1C0DB17}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24060.3102.2733.5911_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{98D6E1B9-1C9A-472E-A0E9-EA1C201F9ED9}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{B13FE403-B17C-47FF-B478-0E712513D896}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{9F2C17C8-C610-4847-BF22-2404F3963DEE}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{1AA44591-589D-4ED9-815C-C4A95AF658F3}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\iTunes.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{BCF7D016-3610-4895-ACF1-B8BB15BE2B76}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{581BCA4B-628B-4710-894D-E5D7A0005D89}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{0187D86F-A39C-4BA0-A1CD-3DECA0F57E9E}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{2F00264F-06AF-486B-8846-2BC1171EF6AB}] => (Allow) C:\Program Files\WindowsApps\AppleInc.iTunes_12134.4.3008.0_x64__nzyj5cx40ttqa\AMDS64\AppleMobileDeviceProcess.exe (5BD5593D-A41B-4F89-884E-B4F3E0FBAA75 -> Apple Inc.)
FirewallRules: [{80728A6E-DE10-43F0-9BC5-07A8F3031C64}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{FA6B04BA-1CE8-4CBE-9843-ABAFC0EAE85E}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{0A85C077-71D3-4D94-8D17-001E1C8057F3}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{21D8085F-78BA-4923-8AB9-D37FF870AD67}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{B539D7B6-8FDE-40A4-808C-367C109A629C}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.132.3201.0_x64__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5F185DDB-68A8-49EE-A62F-7BAC8C33F39C}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{2F8CD18A-6BB6-486D-AE69-3B27B806DE51}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.63\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

23-11-2024 18:15:44 Windows Update
23-11-2024 18:15:45 Windows Update
23-11-2024 18:15:46 Windows Update
23-11-2024 18:21:54 Instalační služba modulů systému Windows
23-11-2024 19:53:08 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (11/23/2024 07:53:12 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(406ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/23/2024 05:58:56 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(109ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/22/2024 09:41:39 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(31ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/21/2024 09:42:10 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(375ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/21/2024 09:30:41 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/21/2024 09:30:38 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(125ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/21/2024 07:14:20 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(63ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (11/21/2024 09:51:45 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\HP255G8$ přes https://AMD-KeyId-1b3648db23e5e6a3972b8 ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(125ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)


System errors:
=============
Error: (11/23/2024 07:55:02 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/23/2024 07:55:02 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (11/23/2024 07:53:01 PM) (Source: APPHOSTSVC) (EventID: 9010) (User: )
Description: Při pokusu o přístup ke kořenovému adresáři historie C:\inetpub\history zjistila pomocná služba hostitele aplikace chybu. Adresář buď neexistuje, nebo jeho oprávnění nepovolují přístup službě historie. Funkce historie konfigurací je prozatím zakázána a bude povolena po vyřešení problému. Chcete-li tento problém vyřešit, zkontrolujte, zda adresář existuje a zda k němu má skupina Administrators přístup pro čtení a zápis. Datové pole obsahuje číslo chyby.

Error: (11/23/2024 07:52:46 PM) (Source: Microsoft-Windows-Kernel-Boot) (EventID: 124) (User: NT AUTHORITY)
Description: 03225747456

Error: (11/23/2024 07:52:46 PM) (Source: Microsoft-Windows-Hyper-V-Hypervisor) (EventID: 42) (User: NT AUTHORITY)
Description: Spuštění hypervisoru se nepovedlo. SVM není k dispozici nebo není povolené v systému BIOS.

Error: (11/23/2024 07:52:56 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (19:37:20, ‎23.‎11.‎2024) bylo neočekávané.

Error: (11/23/2024 06:59:24 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (11/23/2024 06:59:24 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2024-11-21 21:23:11
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {01AA79B0-3400-427F-91BB-9E4AB41472EE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-19 21:43:41
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {CF88D06E-F72D-4B20-9996-EF011816FAF3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-14 21:43:27
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D5649739-C1FF-4D36-B86C-6392CC98DB43}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-13 22:07:17
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {5E90E7D2-2D9A-4AB7-9778-9000FC58AC59}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-11-10 20:29:32
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7826631B-CAA6-45CE-82C1-E2662A53E4AA}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

CodeIntegrity:
===============
Date: 2024-11-02 18:19:17
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: Insyde F.40 08/07/2024
Motherboard: HP 890E
Processor: AMD Ryzen 5 5500U with Radeon Graphics
Percentage of memory in use: 83%
Total physical RAM: 7488.01 MB
Available physical RAM: 1222.25 MB
Total Virtual: 18240.01 MB
Available Virtual: 9114.2 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:237.57 GB) (Free:142.82 GB) (Model: SK hynix BC711 HFM256GD3JX013N) NTFS

\\?\Volume{20d96510-4c69-441f-a725-5e01ba015c44}\ () (Fixed) (Total:0.79 GB) (Free:0.25 GB) NTFS
\\?\Volume{50653e3b-1815-47dd-8104-9de0db5a472a}\ () (Fixed) (Total:0.09 GB) (Free:0.03 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: 36FC6EC7)

Partition: GPT.

==================== End of Addition.txt =======================

[JaRon]

Ahoj,
vycisti NTB s Adwcleanerom a MBAM - oba logy sem

[veroniccam]

Posílám

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-24-2024
# Duration: 00:00:02
# OS: Windows 11 (Build 26120.2415)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************


########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C04].txt ##########


Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 11/24/2024
Scan Time: 5:05 PM
Log File: f289ea84-aa7d-11ef-9e04-48e7dad2260e.json

-Software Information-
Version: 5.2.2.154
Components Version: 1.0.5101
Update Package Version: 1.0.92192
License: Free

-System Information-
OS: Windows 11 (Build 26120.2415)
CPU: x64
File System: NTFS
User: HP255G8\Veronika

-Scan Summary-
Scan Type: Custom Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 470387
Threats Detected: 0
Threats Quarantined: 0
Time Elapsed: 1 hr, 17 min, 2 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Enabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 0
(No malicious items detected)

File: 0
(No malicious items detected)

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

[JaRon]

Vycisti este s Ccleanerom vcetne registrov
Toto na virovy problem nevypada

[veroniccam]

Vyzkouším. Ale podle mě to dělá od té doby, co jsem se já de*il přihlásila do Windows Insider

[JaRon]

Pokial vies kedy to bolo, skus obnovu systemu pred ten datum

[veroniccam]

Tak v protokolu událostí mi vyskočily tyto chyby:

Systém Windows nepoužil nastavení {F312195E-3D9D-447A-A3F5-08DFFA24735E}. Nastavení {F312195E-3D9D-447A-A3F5-08DFFA24735E} mohlo mít svůj vlastní soubor protokolu. Klikněte na odkaz Další informace.

+ System

- Provider

[ Name] Microsoft-Windows-GroupPolicy
[ Guid] {aea1b4fa-97d1-45f2-a64c-4d69fffd92c9}

EventID 1085

Version 0

Level 3

Task 0

Opcode 1

Keywords 0x8000000000000000

- TimeCreated

[ SystemTime] 2024-11-25T18:38:54.8507143Z

EventRecordID 20975

- Correlation

[ ActivityID] {0dbef3f3-536e-462f-ac5e-0c5fbf627cad}

- Execution

[ ProcessID] 2428
[ ThreadID] 2604

Channel System

Computer HP255G8

- Security

[ UserID] S-1-5-18

- EventData

SupportInfo1 1
SupportInfo2 5229
ProcessingMode 2
ProcessingTimeInMilliseconds 796
ErrorCode 3224698910
ErrorDescription Funkce hypervisoru není pro uživatele k dispozici.
DCName
ExtensionName {F312195E-3D9D-447A-A3F5-08DFFA24735E}
ExtensionId {F312195E-3D9D-447A-A3F5-08DFFA24735E}


A taky:

Při pokusu o přístup ke kořenovému adresáři historie C:\inetpub\history zjistila pomocná služba hostitele aplikace chybu. Adresář buď neexistuje, nebo jeho oprávnění nepovolují přístup službě historie. Funkce historie konfigurací je prozatím zakázána a bude povolena po vyřešení problému. Chcete-li tento problém vyřešit, zkontrolujte, zda adresář existuje a zda k němu má skupina Administrators přístup pro čtení a zápis. Datové pole obsahuje číslo chyby.

System

- Provider

[ Name] Microsoft-Windows-IIS-APPHOSTSVC
[ Guid] {CAC10856-9223-48fe-96BA-2A772274FB53}
[ EventSourceName] APPHOSTSVC

- EventID 9010

[ Qualifiers] 49152

Version 0

Level 2

Task 0

Opcode 0

Keywords 0x80000000000000

- TimeCreated

[ SystemTime] 2024-11-25T18:38:56.2366649Z

EventRecordID 20977

Correlation

- Execution

[ ProcessID] 6156
[ ThreadID] 0

Channel System

Computer HP255G8

Security

- EventData

Path C:\inetpub\history
02000000

--------------------------------------------------------------------------------

Binární data:

Ve slovech

0000: 00000002


V bajtech

0000: 02 00 00 00 ....

[JaRon]

Obnova nepomohla ?
Bolo by vhodne skusit update GPU, Bios
Skontrolovat proxy, hosts
Toto nie je virovy problem, skor nejake nestastne nastavenie

[veroniccam]

A ještě dodám toto:

Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Spuštění hypervisoru se nepovedlo. SVM není k dispozici nebo není povolené v systému BIOS.


No každopádně se v tom zkusím povrtat
Při nejhorším si dám vše na flashku a přeinstaluju Windows (to se dá udělat tím, že opustím ten program Windows Insider).