Prosím o kontrolu, notebook ma neustále upozorňuje na nové viry :-/
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2025
Ran by ZSkopcany (administrator) on ZSKOPCANY (HP HP ProBook 455 15.6 inch G10 Notebook PC) (24-04-2025 13:08:31)
Running from C:\Users\zskop\Downloads\FRST64 (1).exe
Loaded Profiles: ZSkopcany
Platform: Microsoft Windows 11 Pro Education Version 24H2 26100.3775 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\HP\Sure Click\servers\BrService.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\bin\Br-uxendm.exe
(C:\Program Files\HP\Sure Click\servers\BrService.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrHostSvr.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe <13>
(cmd.exe ->) (Bromium UK Limited -> ) C:\Program Files\HP\Sure Click\servers\BrHostHelper\BrHostHelper.exe <14>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\BridgeCommunication.exe <2>
(DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOCL64.exe
(DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atieclxx.exe
(HP Inc. -> HP) C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <45>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <14>
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atiesrxx.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Security Update Service\4.4.24.3257\SecurityUpdateService.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BemSvc.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrService.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELAN_MOC_Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HPCommRecovery\HPCommRecovery.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_67bcefabacf2a385\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HPAudioAnalytics.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2358c22cfce9af22\x64\hpsvcsscan.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe <3>
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP ICS\ICS.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2503.1001.9.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SecHealthUI_1000.27777.1008.0_x64__8wekyb3d8bbwe\SecHealthUI.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.8401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\SecurityHealth\10.0.27777.1008-0\SecurityHealthHost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe [2119512 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM-x32\...\Run: [HPNotifications] => C:\Program Files (x86)\HP\HP Notifications\HPNotifications.exe [1607816 2021-02-11] (HP Inc. -> HP)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2459763727-713270161-2395763681-1001\...\Run: [MicrosoftEdgeAutoLaunch_99403A969D43EB0E14EB990E68793760] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {919C57FF-8160-43B3-845D-291793147596} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2025-02-18] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {72C986FC-014D-4761-8268-8647FDC33254} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2025-02-18] (HP Inc. -> HP Inc.)
Task: {A9239CEB-92C9-47E3-8972-4D581A6D6296} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-12-18] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {DB09576F-3804-4E87-B57D-C04B591EAD0B} - System32\Tasks\HP\HP ICS\ICS => C:\Program Files (x86)\HP\HP ICS\ICS.exe [76870640 2023-03-02] (HP Inc. -> HP)
Task: {18E73235-CEA2-4BA8-8885-003226A42632} - System32\Tasks\HP\HP Wolf Security\Launch Console => C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe [262664 2024-12-12] (HP Inc. -> HP Inc.)
Task: {8772D18C-05AB-4017-B243-0151B99527E6} - System32\Tasks\HP\Sure Click\Sure Click 4.4.24.3257 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2792200 2025-03-30] (Bromium UK Limited -> HP)
Task: {790FF585-5C4E-4DB0-A1DA-A421F7DA6C2A} - System32\Tasks\HP\Sure Click\Sure Click UI 4.4.24.3257 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [185608 2025-03-30] (Bromium UK Limited -> HP)
Task: {1A1B8D73-7643-4900-A630-2C0DD87910F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4735F1B1-F089-4445-9B9B-F50DDDD7EA48} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {572DA350-049A-4CB2-BE19-DD3C0C9A38C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222352 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {417E0277-7302-4714-95DA-B8ACD3805436} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222352 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {4EF84055-00D2-41BF-80C1-2F487EA2C826} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {D69D7AFE-20DA-4B99-91AD-4DE9043202D1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0F000AA1-A162-482B-90E6-2DF1579484C0} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {9CC97BE4-23DA-4FD2-B904-4017A4A52FD2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe [1745176 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {22C713DC-4475-4A61-AD70-CBA744DD0C23} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-12-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {33CF2256-C5C0-4BA6-BA96-31019B0BBCA8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {777EBE79-92C7-42F4-A0DB-675200538951} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {25FE8810-BE6C-485B-B0ED-FD492DA7BF4C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BE12E7-0F96-4B25-AB89-E2FCFEB08EBC} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Users\zskop\AppData\Roaming\Zoom\bin\Zoom.exe [436024 2025-03-20] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fd6ae9d-6f1d-4fca-aba8-eef3445937ae}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fd6ae9d-6f1d-4fca-aba8-eef3445937ae}: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393D25485455374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393D25485455374: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F523E243: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F523E243: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-24]
Edge Notifications: Default -> hxxps://7l261d6bamv47o.steadychainconnection.co.in; hxxps://cvvbj86071bc73a6ia7g.steadychainconnection.co.in; hxxps://prwcv8bm23fqtm.steadychainconnection.co.in; hxxps://www.messenger.com
Edge Extension: (HP Wolf Security Extension) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aoganjpeihhkhippgnniaclfocnihgln [2024-12-19]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-08]
Edge Extension: (Edge relevant text changes) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-03-04]
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 BrAmSvc; C:\Program Files\HP\Sure Click\servers\BrAmSvc.exe [2077088 2025-03-30] (HP Inc -> HP)
R2 BrEndpointSvc; c:\Program Files\HP\Sure Click\servers\BemSvc.exe [4912904 2025-03-30] (Bromium UK Limited -> HP)
R2 BrService; c:\Program Files\HP\Sure Click\servers\BrService.exe [10899208 2025-03-30] (Bromium UK Limited -> HP)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ELAN_MOC_Service; C:\WINDOWS\System32\ELAN_MOC_Service.exe [240032 2024-06-12] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncHelper.exe [3545416 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [1028024 2024-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HotKeyServiceUWP.exe [1510464 2025-01-02] (HP Inc. -> HP Inc.)
R2 HP Comm Recover; C:\Program Files\HPCommRecovery\HPCommRecovery.exe [893984 2022-08-15] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\AppHelperCap.exe [889976 2025-02-23] (HP Inc. -> HP Inc.)
R2 HPAudioAnalytics; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HPAudioAnalytics.exe [516160 2025-01-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\DiagsCap.exe [888928 2025-02-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe [885344 2025-02-23] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP)
R2 hpsvcsscan; C:\WINDOWS\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2358c22cfce9af22\x64\hpsvcsscan.exe [7039168 2024-09-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\SysInfoCap.exe [889464 2025-02-23] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_67bcefabacf2a385\x64\TouchpointAnalyticsClientService.exe [631472 2025-03-26] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\LanWlanWwanSwitchingServiceUWP.exe [605248 2025-01-02] (HP Inc. -> HP Inc.)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveUpdaterService.exe [3892568 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SECOMNService; C:\WINDOWS\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe [1087496 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.)
R2 SecurityUpdateService; C:\Program Files\HP\Security Update Service\4.4.24.3257\SecurityUpdateService.exe [5608200 2025-03-30] (Bromium UK Limited -> HP)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\amdkmdag.sys [106591144 2024-10-21] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 amdwirelessbutton; C:\WINDOWS\System32\drivers\amdwirelessbutton.sys [39032 2024-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
S3 atc; C:\WINDOWS\System32\DRIVERS\atc.sys [7643696 2025-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender S.R.L. Bucharest, ROMANIA)
S3 BdDci4; C:\WINDOWS\system32\DRIVERS\bddci4.sys [969776 2025-03-30] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
R0 BrCow_4_4_24_3257; C:\WINDOWS\System32\DRIVERS\BrCow_4_4_24_3257.sys [71120 2025-03-30] (Bromium UK Limited -> HP)
R2 BrFilter_4_4_24_3257; C:\WINDOWS\System32\DRIVERS\BrFilter_4_4_24_3257.sys [238544 2025-03-30] (Bromium UK Limited -> HP)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
R1 Gemma; C:\WINDOWS\System32\DRIVERS\gemma.sys [1791064 2025-03-30] (Microsoft Windows Hardware Compatibility Publisher -> BitDefender S.R.L. Bucharest, ROMANIA)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
R3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144840 2025-04-08] (Microsoft Windows -> Microsoft Corporation)
R3 MTKBTFilterX64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_bee0043985624487\mtkbtfilterx.sys [550072 2025-02-15] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_28fe41aefe6dd8d1\mtkwl6ex.sys [2011304 2025-02-20] (MEDIATEK INC. -> MediaTek Inc.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_d1a236ce16a4bbb1\rt68cx21x64.sys [845256 2024-12-25] (Realtek Semiconductor Corp. -> Realtek)
S0 sselam_4_4_19_828; C:\WINDOWS\System32\DRIVERS\sselam_4_4_19_828.sys [19528 2025-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> HP)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-08] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 uxen; C:\Program Files\HP\Sure Click\bin\uxen.sys [2053056 2025-02-19] (Bromium UK Limited -> HP)
R3 vlflt; C:\WINDOWS\System32\DRIVERS\vlflt.sys [1403456 2024-12-05] (Microsoft Windows Hardware Compatibility Publisher -> Bitdefender)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 ax_pvi; \??\C:\Program Files\HP\Sure Click\bin\ax_pvi.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\ProgramData\Desktop\MindMaple Lite.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\AvalonIT Board.lnk"
2025-04-24 13:08 - 2025-04-24 13:10 - 000027264 _____ C:\Users\zskop\Downloads\FRST.txt
2025-04-24 13:08 - 2025-04-24 13:09 - 000000000 ____D C:\FRST
2025-04-24 13:07 - 2025-04-24 13:08 - 002405376 _____ (Farbar) C:\Users\zskop\Downloads\FRST64 (1).exe
2025-04-24 13:07 - 2025-04-24 13:07 - 002097664 _____ (Farbar) C:\Users\zskop\Downloads\Nepotvrdené 663862.crdownload
2025-04-24 13:06 - 2025-04-24 13:06 - 002405376 _____ (Farbar) C:\Users\zskop\Downloads\Nepotvrdené 30894.crdownload
2025-04-24 12:42 - 2025-04-24 12:42 - 000668026 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-24 12:42 - 2025-04-24 12:42 - 000145048 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-24 12:36 - 2025-04-24 12:36 - 000010372 __RSH C:\ProgramData\ntuser.pol
2025-04-24 10:47 - 2025-04-24 10:48 - 000000000 ____D C:\Users\zskop\Desktop\Záloha pracovná plocha
2025-04-23 21:22 - 2025-04-23 21:22 - 000217724 _____ C:\Users\zskop\Downloads\Spoločenstvo lúk - previerka.pdf
2025-04-22 21:58 - 2025-04-22 21:58 - 000589258 _____ C:\Users\zskop\Downloads\Správanie sa telies v kvapalinách s rôznou hustotou.pptx
2025-04-22 21:56 - 2025-04-22 21:56 - 001531926 _____ C:\Users\zskop\Downloads\Správanie telies v kvapalinách s rôznou hustotou.pptx.pptx
2025-04-22 21:53 - 2025-04-22 21:54 - 154567658 _____ C:\Users\zskop\Downloads\ARCHIMEDOV ZÁKON V PRAXI.mp4
2025-04-22 21:51 - 2025-04-22 21:51 - 001014272 _____ C:\Users\zskop\Downloads\Vplyv hmotnosti, objemu a tvaru telies na ich správanie vo vode.ppt
2025-04-22 21:50 - 2025-04-22 21:50 - 001930752 _____ C:\Users\zskop\Downloads\Vplyv objemu a tvaru telies na ich spravanie vo vode.ppt
2025-04-16 21:57 - 2025-04-16 21:57 - 000617928 _____ C:\Users\zskop\Downloads\8. ročník - Biológia.pdf
2025-04-16 20:48 - 2025-03-30 16:20 - 000238544 _____ (HP) C:\WINDOWS\system32\Drivers\BrFilter_4_4_24_3257.sys
2025-04-16 20:48 - 2025-03-30 16:20 - 000071120 _____ (HP) C:\WINDOWS\system32\Drivers\BrCow_4_4_24_3257.sys
2025-04-16 15:47 - 2025-04-16 15:47 - 041457429 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri (1).pptx.pptx
2025-04-14 21:47 - 2025-04-14 21:47 - 002294511 _____ C:\Users\zskop\Downloads\Šifra - písmená.zip
2025-04-14 21:37 - 2025-04-14 21:37 - 000238277 _____ C:\Users\zskop\Downloads\Meranie vlastného výkonu.pdf
2025-04-08 23:32 - 2025-04-08 23:32 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-08 23:32 - 2025-04-08 23:32 - 000000000 ____D C:\inetpub
2025-04-08 21:24 - 2025-04-22 07:57 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-08 20:35 - 2025-04-08 20:35 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-08 20:35 - 2025-04-08 20:35 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-08 12:19 - 2025-04-08 12:19 - 000000710 _____ C:\Users\zskop\Documents\Zachránený dokument 1.txt
2025-04-07 09:11 - 2025-04-07 09:11 - 013654769 _____ C:\Users\zskop\Downloads\Fascinujuci-svet-dinosaurov.pptx.pdf
2025-04-06 21:41 - 2025-04-06 21:41 - 001566720 _____ C:\Users\zskop\Downloads\Bunková stavba organizmov.ppt
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETFC2.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF83.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF43.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF04.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETEB5.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETE37.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETDF7.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD68.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD48.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD09.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETCBA.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETC4A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETC2A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB9B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB7B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB4B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETAAE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETA8E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETA4E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET64F.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET5F0.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET5A1.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET571.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET532.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET511.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET4D2.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET483.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET434.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET349E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET30B5.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2FE9.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2FC9.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2F99.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET197A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET18FB.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET18AC.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET16E6.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET1697.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET13C7.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET12BC.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET127D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET124D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET121D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET11CE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET118D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET116D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET111E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET10DE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET10AF.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET106F.tmp
2025-04-06 21:33 - 2024-10-21 08:54 - 000737704 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-04-06 21:33 - 2024-10-21 08:54 - 000737704 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-04-06 21:33 - 2024-10-21 08:54 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-04-06 21:33 - 2024-10-21 08:54 - 000149392 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 002100160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 001617832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 001617832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000978344 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2025-04-06 21:33 - 2024-10-21 08:53 - 000464304 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000406440 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2025-04-06 21:33 - 2024-10-21 08:53 - 000229296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000175072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000165784 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000148904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000142760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 004179880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 002245552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 001074800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000771496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000678832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000434088 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000232808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000187976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000118696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000115136 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000048560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 088606656 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 001412088 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000152616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000138608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000138600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000131192 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2025-04-06 21:04 - 2025-04-06 21:04 - 000124925 _____ C:\Users\zskop\Downloads\Magnetické pole cievky s prúdom (1).pptx
2025-04-06 21:01 - 2025-04-06 21:01 - 015419419 _____ C:\Users\zskop\Downloads\2.12 Magnetické pole v okolí vodiča s prúdom. Magnetické pole cievky s prúdom.pptx
2025-04-06 21:00 - 2025-04-06 21:00 - 001490300 _____ C:\Users\zskop\Downloads\Magnetické pole cievky s prúdom.pptx
2025-04-06 20:58 - 2025-04-06 20:58 - 001220756 _____ C:\Users\zskop\Downloads\Simulácia mag. poľa v okolí magnet, cievky s prúdom... (1).jar
2025-04-06 20:58 - 2025-04-06 20:58 - 000155156 _____ C:\Users\zskop\Downloads\cievka v poli.pptx.pptx
2025-04-06 20:57 - 2025-04-06 20:57 - 001220756 _____ C:\Users\zskop\Downloads\Simulácia mag. poľa v okolí magnet, cievky s prúdom....jar
2025-04-06 20:55 - 2025-04-06 20:55 - 001534976 _____ C:\Users\zskop\Downloads\Magnetické pole v okolí vodiča s prúdom.ppt
2025-04-06 20:54 - 2025-04-06 20:54 - 000455680 _____ C:\Users\zskop\Downloads\Magnetické pole elektrického prúdu.ppt.ppt
2025-04-04 09:26 - 2025-04-04 09:26 - 014772973 _____ C:\Users\zskop\Downloads\SPOLOČENSTVO LÚK.pptx
2025-04-04 09:24 - 2025-04-04 09:24 - 004696415 _____ C:\Users\zskop\Downloads\RASTLINY SPOLOČENSTVA LÚK - 1.pptx
2025-04-04 08:05 - 2025-04-04 08:05 - 013068666 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri (1).pptx
2025-04-03 18:27 - 2025-04-03 18:27 - 012080271 _____ C:\Users\zskop\Downloads\Fascinujuci-svet-dinosaurov.pptx
2025-04-03 18:20 - 2025-04-03 18:20 - 013068666 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri.pptx
2025-04-02 20:55 - 2025-04-02 20:55 - 000573644 _____ C:\Users\zskop\Downloads\OPAKOVANIE - LESNÉ SPOLOČENSTVO - SK. B.pdf
2025-04-02 20:52 - 2025-04-02 20:52 - 003085937 _____ C:\Users\zskop\Downloads\Prírodoveda4- PU str. 68-69 Lesné spoločenstvo.pptx
2025-04-02 20:52 - 2025-04-02 20:52 - 000116602 _____ C:\Users\zskop\Downloads\PRI 4.roč._ Malá písomka Medveď a buk Pravda-nepravda.pdf
2025-04-02 20:48 - 2025-04-02 20:48 - 000629027 _____ C:\Users\zskop\Downloads\Prírodné spoločenstvá.pdf
2025-04-01 13:10 - 2025-04-01 13:10 - 004191468 _____ C:\Users\zskop\Downloads\Biela ružová zelená Kvetinový Deň matiek Príspevok na Instagram.pdf
2025-03-27 21:23 - 2025-03-27 21:23 - 000463994 _____ C:\Users\zskop\Downloads\lesné spoločenstvo - testík.pdf
2025-03-27 21:22 - 2025-03-27 21:22 - 000000066 _____ C:\Users\zskop\Downloads\Nepotvrdené 181735.crdownload
2025-03-27 21:04 - 2025-03-27 21:04 - 000193419 _____ C:\Users\zskop\Downloads\TEST-MAT-2.pdf
2025-03-27 21:03 - 2025-03-27 21:03 - 000228682 _____ C:\Users\zskop\Downloads\TEST-SJL1.pdf
2025-03-26 20:47 - 2025-03-26 20:47 - 003097088 _____ C:\Users\zskop\Downloads\hustota-kvapalin.ppt.ppt
2025-03-26 20:44 - 2025-03-26 20:44 - 001616146 _____ C:\Users\zskop\Downloads\2.4 Hustota kvapalín (2).pptx
2025-03-26 20:43 - 2025-03-26 20:43 - 001616146 _____ C:\Users\zskop\Downloads\2.4 Hustota kvapalín.pptx (1).pptx
2025-03-26 20:31 - 2025-03-26 20:32 - 316727753 _____ C:\Users\zskop\Downloads\Lesné spoločenstvo - prezentácia.pdf
2025-03-25 22:03 - 2025-03-25 22:03 - 000395199 _____ C:\Users\zskop\Downloads\PDA4 Lesné spoločenstvo.pdf
2025-03-25 22:02 - 2025-03-25 22:02 - 003711539 _____ C:\Users\zskop\Downloads\Rastliny lesného spoločenstva.pptx
2025-03-25 22:01 - 2025-03-25 22:01 - 000116602 _____ C:\Users\zskop\Downloads\PRÍ 4.roč. Päťminútovka Lesné spoločenstvo.pdf
2025-03-25 21:58 - 2025-03-25 21:58 - 000072379 _____ C:\Users\zskop\Downloads\Rastliny lesného spoločenstva.pdf
2025-03-25 21:53 - 2025-03-25 21:53 - 006255616 _____ C:\Users\zskop\Downloads\SLNKO.ppt
2025-03-25 21:51 - 2025-03-25 21:51 - 000049720 _____ C:\Users\zskop\Downloads\Test - pohyb a sila.htm
2025-03-25 21:47 - 2025-03-25 21:47 - 007488156 _____ C:\Users\zskop\Downloads\rýchlosť.pptx
2025-03-25 21:29 - 2025-03-25 21:29 - 000151785 _____ C:\Users\zskop\Downloads\cestovný príkaz tlačivo (1).xlsx
2025-03-25 13:01 - 2025-03-25 13:01 - 000151785 _____ C:\Users\zskop\Downloads\cestovný príkaz tlačivo.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-24 13:04 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-24 12:50 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-24 12:47 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-24 12:47 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-24 12:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-24 12:42 - 2024-12-18 04:35 - 001603790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-24 12:42 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-24 12:42 - 2023-07-29 22:15 - 000000000 ____D C:\ProgramData\Bromium
2025-04-24 12:41 - 2024-03-04 20:53 - 000000000 ____D C:\Users\zskop\AppData\Local\D3DSCache
2025-04-24 12:35 - 2024-12-18 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-24 12:35 - 2024-12-18 04:29 - 000003066 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-24 12:35 - 2024-12-18 04:27 - 000000000 ____D C:\Users\zskop
2025-04-24 12:35 - 2024-12-18 04:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-24 12:35 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-24 12:35 - 2023-07-29 22:10 - 000000000 ____D C:\Program Files\AMD
2025-04-24 12:35 - 2023-05-15 13:29 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-24 12:34 - 2024-12-18 04:26 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-24 12:34 - 2024-03-12 16:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-24 09:42 - 2024-03-04 20:50 - 000000000 ____D C:\Users\zskop\AppData\Local\Packages
2025-04-23 21:51 - 2024-03-04 21:26 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Word
2025-04-23 21:32 - 2024-03-04 21:27 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Excel
2025-04-23 20:42 - 2025-03-18 05:32 - 000378432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_8.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 002901544 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-04-23 20:42 - 2024-06-10 07:31 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-04-22 07:48 - 2025-02-07 10:14 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2459763727-713270161-2395763681-1001
2025-04-22 07:48 - 2024-12-18 04:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2459763727-713270161-2395763681-1001
2025-04-22 07:48 - 2024-12-18 04:30 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-22 07:48 - 2024-03-04 21:26 - 000002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-22 07:44 - 2023-05-15 13:29 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-16 20:48 - 2023-07-29 22:15 - 000006571 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2025-04-16 20:31 - 2023-05-15 13:36 - 000000000 ____D C:\Program Files\HP
2025-04-10 10:42 - 2023-05-15 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-10 06:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-04-10 02:03 - 2024-03-14 13:07 - 000000000 ____D C:\Users\zskop\AppData\Local\CrashDumps
2025-04-08 23:56 - 2024-03-04 21:29 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\PowerPoint
2025-04-08 23:53 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-08 23:52 - 2024-12-18 04:26 - 000622176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-08 23:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-08 23:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-08 23:32 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-08 20:34 - 2024-12-18 04:30 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 20:40 - 2024-12-18 04:30 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 20:40 - 2024-12-18 04:30 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-31 00:22 - 2024-12-19 08:36 - 001791064 _____ (BitDefender S.R.L. Bucharest, ROMANIA) C:\WINDOWS\system32\Drivers\gemma.sys
2025-03-31 00:03 - 2024-12-13 11:02 - 000019528 _____ (HP) C:\WINDOWS\system32\Drivers\sselam_4_4_19_828.sys
2025-03-27 17:15 - 2024-03-04 20:54 - 000000000 ____D C:\Users\zskop\AppData\Roaming\hpqLog
2025-03-25 09:35 - 2024-03-04 21:26 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Office
2025-03-25 09:21 - 2024-03-12 16:55 - 000000000 ____D C:\WINDOWS\Firmware
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2025
Ran by ZSkopcany (24-04-2025 13:14:25)
Running from C:\Users\zskop\Downloads
Microsoft Windows 11 Pro Education Version 24H2 26100.3775 (X64) (2024-12-18 02:30:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2459763727-713270161-2395763681-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2459763727-713270161-2395763681-503 - Limited - Disabled)
Guest (S-1-5-21-2459763727-713270161-2395763681-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2459763727-713270161-2395763681-504 - Limited - Disabled)
ZSkopcany (S-1-5-21-2459763727-713270161-2395763681-1001 - Administrator - Enabled) => C:\Users\zskop
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.20.44.10 - Advanced Micro Devices, Inc.)
AvalonIT Board 4.0.1 (HKLM-x32\...\AvalonIT Board) (Version: - )
HP Connection Optimizer (HKLM-x32\...\{6468C4A5-E47E-405F-B675-A70A70983EA6}) (Version: 2.0.19.0 - HP Inc)
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{84937F28-9CB4-49E7-A2CF-E32D97E6DAE6}) (Version: 1.1.28.1 - HP)
HP Security Update Service (HKLM\...\{BA61DF3F-BE8F-4785-AC56-D30049E35A7D}) (Version: 4.4.24.3257 - HP Inc.)
HP Sure Recover (HKLM\...\{7DC79887-72FA-4688-BBB9-2968BA80F61B}) (Version: 10.1.26.255 - HP Inc.)
HP Sure Run Module (HKLM\...\{3A089261-A5F9-4312-ABF0-9564F47A5AB8}) (Version: 5.0.5.81 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{29C20505-3240-4B32-93B7-09BECA8CEF36}) (Version: 1.4.16.17 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{5C1C084D-1DB7-4CAB-840F-E5DD386C2A50}) (Version: 1.4.16.22 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{E551DF5A-C791-4466-8049-FEF18C68C2B6}) (Version: 1.4.16.10 - HP Inc.) Hidden
HP Wolf Security - Console (HKLM\...\{8D6BF9FF-C0ED-49E6-970D-9EA7CAB3C7C0}) (Version: 11.1.3.817 - HP Inc.)
HP Wolf Security (HKLM\...\{408F5C0F-0DC9-11F0-A6D9-000C29910851}) (Version: 4.4.24.3257 - HP Inc.)
HP Wolf Security Application Support for Chrome 134.0.6998.178 (HKLM\...\{1DE23EA0-7E93-4166-AADE-55B9F23B7D43}) (Version: 4.4.24.3261 - HP Inc.) Hidden
HP Wolf Security Application Support for Sure Sense (HKLM\...\{2AF2F895-6B1E-48AC-83FB-15CD4DA7A47F}) (Version: 4.4.24.3257 - HP Inc.) Hidden
ICS (HKLM-x32\...\{5CD25FCD-D218-46D0-B405-E5A488969BDF}) (Version: 3.1.1.10 - HP Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.04401 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
MindMaple Lite 1.71 (HKLM-x32\...\MindMaple_is1) (Version: v1.71 - MindMaple Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Windows Driver Package - HP Inc. BrCow_4_4_24_3257 ActivityMonitor (03/30/2025 4.4.24.3257) (HKLM\...\10A61BE7E9076E790D19ABF2124E363C8CEE32A8) (Version: 03/30/2025 4.4.24.3257 - HP Inc.) Hidden
Windows Driver Package - HP Inc. BrFilter_4_4_24_3257 ActivityMonitor (03/30/2025 4.4.24.3257) (HKLM\...\5C9C494F96ED5A5E722956420FBF6000FC17D08E) (Version: 03/30/2025 4.4.24.3257 - HP Inc.) Hidden
Windows Driver Package - HP Inc. sselam_4_4_19_828 AntiVirus (08/09/2024 4.4.19.828) (HKLM\...\FB93285F183DE6985F684AEE5F637905935D05BF) (Version: 08/09/2024 4.4.19.828 - HP Inc.) Hidden
Zoom Workplace (HKU\S-1-5-21-2459763727-713270161-2395763681-1001\...\ZoomUMX) (Version: 6.4.0 (62047) - Zoom Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m [2024-11-11] (Advanced Micro Devices Inc.) [Startup Task]
Balík pre prostredie funkcií Windowsu -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-08] (Microsoft Windows)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.51.331.0_x64__dt26b99r8h8gj [2024-09-27] (Realtek Semiconductor Corp)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.7.2.0_x64__v10z8vjag6ke6 [2025-03-13] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_3.1.3.0_x64__v10z8vjag6ke6 [2024-03-04] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-09-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.43.12.0_x64__v10z8vjag6ke6 [2025-04-01] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.44.0_x64__v10z8vjag6ke6 [2024-12-04] (HP Inc.)
Kahoot! Create -> C:\Program Files\WindowsApps\37790ProgressiveAppsAuto-.KahootCreator_2.0.0.0_neutral__khvkecjt9945r [2025-02-20] (Kahoot! AS)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-13] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-16] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-30] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6 [2025-04-03] (HP Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-10] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ BromiumOverlay_4_4_24_3257] -> {6CDCC3E8-D8FF-46EF-B8BE-63A0593E7798} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ShellIconOverlayIdentifiers-x32: [ BromiumOverlay_4_4_24_3257] -> {6CDCC3E8-D8FF-46EF-B8BE-63A0593E7798} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [Bromium TrustDrive Context Menu_4_4_24_3257] -> {5F4F5529-DD35-4B9F-812F-A5B0B3FD5D44} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers3: [SureSense_ScanFile_4_4_24_3257] -> {1003406D-B16C-4A93-B2F0-13CCAAD05934} => C:\Program Files\HP\Sure Click\ApplicationSupport\sure_sense\4.4.24.3257\SureSenseShellExt.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers3: [vSentry_TrustFile_4_4_24_3257] -> {833378FE-1986-46BA-9B4E-F8F1D9B094D6} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/ ... inesspc-hp
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2025-02-18] (HP Inc. -> HP Inc.)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: HP Network Check Helper -> {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} -> C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2025-02-18] (HP Inc. -> HP Inc.)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2024-08-26 12:21 - 2024-09-04 08:10 - 000000515 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
10 25 47 926
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2459763727-713270161-2395763681-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img19.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Sieťové pripojenie Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: MediaTek Wi-Fi 6E MT7922 (RZ616) 160MHz PCIe Adapter -> mtkwl6ex.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C67A519A-5C1D-4523-91B7-F91E7C367FD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69A1970A-9753-44DC-9EA8-924CBC424716}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72E51F05-6EE8-46D3-844A-496446AF4456}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BE92A41-48F0-4EA5-9795-C7E1C27DBBD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85D2A575-9308-4488-B3D0-42E5E21F9BBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DDA8291-5E87-4BF6-B3BA-E79017C05C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BE654F3-AC24-487B-994B-782C686FD0A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F900CBCF-E1BF-4A03-A42E-BCC75520B4A6}] => (Allow) C:\Program Files\HP\Sure Click\ApplicationSupport\chrome\4.4.24.3261\brchromium\134.0.6998.178\BrChrome.exe (Bromium UK Limited -> HP)
FirewallRules: [{1767B235-58BB-4358-BB8C-1BBFF8A424A1}] => (Allow) C:\Program Files\HP\Sure Click\4.4.24.3257\servers\manifests\chrome\brchromium\132.0.6834.210\BrChrome.exe (Bromium UK Limited -> HP)
FirewallRules: [{50A43E6D-E4CC-464D-BE39-A7F49B1623BE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AD3D27A-E5E2-46C4-9652-8F4F897725E3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2ED3CA2C-9227-4365-83FA-83A6CDE52C3D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
22-04-2025 07:49:01 Windows Update
22-04-2025 07:49:03 Windows Update
24-04-2025 12:35:30 Grab_MSIExecute
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/24/2025 12:38:16 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/24/2025 12:35:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\ZSKOPCANY$ via https://NTC-KeyId-72b03d712281953463bc7 ... s/Aik/scep failed:
GetCACaps
Method: GET(969ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (04/23/2025 11:01:44 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/22/2025 05:50:58 PM) (Source: Application Error) (EventID: 1000) (User: ZSKopcany)
Description: Názov chybnej aplikácie: Zoom.exe, verzia: 6.4.0.62047, časová značka: 0x67d825e6
Názov modulu s poruchou: atidxx64.dll, verzia: 31.0.21918.3001, časová značka: 0x670cdd83
Kód výnimky: 0xc0000005
Odchýlka poruchy: 0x000000000003ddd8
Id poruchového procesu: 0x1748
Čas spustenia poruchovej aplikácie: 0x1dbb39a2297576b
Cesta k poruchovej aplikácii: C:\Users\zskop\AppData\Roaming\Zoom\bin\Zoom.exe
Cesta k poruchovému modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atidxx64.dll
Id správy: 2bd58fdb-d784-4f74-83ad-35034bb5dff8
Plný názov chybného balíka:
Identifikátor poruchovej aplikácie vzťahujúci sa na balík:
Error: (04/17/2025 11:13:08 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/16/2025 08:38:11 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybnej aplikácie: BrService.exe, verzia: 4.4.23.316, časová značka: 0x679d16a2
Názov modulu s poruchou: ntdll.dll, verzia: 10.0.26100.3775, časová značka: 0x5e4be250
Kód výnimky: 0xc0000005
Odchýlka poruchy: 0x0000000000040546
Id poruchového procesu: 0x1678
Čas spustenia poruchovej aplikácie: 0x1dba8d0c2d1655b
Cesta k poruchovej aplikácii: c:\Program Files\HP\Sure Click\servers\BrService.exe
Cesta k poruchovému modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Id správy: d81c7b5a-ad74-4a23-9f0e-963dad184df1
Plný názov chybného balíka:
Identifikátor poruchovej aplikácie vzťahujúci sa na balík:
Error: (04/16/2025 01:19:37 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/13/2025 10:00:16 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
System errors:
=============
Error: (04/24/2025 12:47:56 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Zlyhanie inštalácie: Systému Windows sa nepodarilo nainštalovať nasledujúcu aktualizáciu. Vyskytla sa chyba (0x80073d02 = The package could not be installed because resources it modifies are currently in use.): 9MV0B5HZVK9Z-Microsoft.GamingApp.
Error: (04/24/2025 12:35:13 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby l1vhlwf zlyhalo kvôli nasledujúcej chybe:
A hypervisor feature is not available to the user.
Error: (04/24/2025 12:35:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby BrFilter_4_4_23_316 zlyhalo kvôli nasledujúcej chybe:
A device attached to the system is not functioning.
Error: (04/24/2025 12:35:08 PM) (Source: EventLog) (EventID: 6008) (User: )
Description: The previous system shutdown at 12:32:30 on 24. 4. 2025 was unexpected.
Error: (04/24/2025 12:32:25 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.
Error: (04/24/2025 12:27:58 PM) (Source: DCOM) (EventID: 10010) (User: ZSKopcany)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
Error: (04/24/2025 11:42:04 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.
Error: (04/24/2025 11:42:03 AM) (Source: BTHUSB) (EventID: 17) (User: )
Description: Miestny adaptér Bluetooth zlyhal bližšie neurčeným spôsobom a nebude sa používať. Ovládač bol odstránený z pamäte.
Windows Defender:
================
Date: 2025-04-23 22:02:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-17 11:55:03
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-16 16:13:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-15 20:05:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-14 11:32:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
==================== Memory info ===========================
BIOS: HP V78 Ver. 01.09.00 01/14/2025
Motherboard: HP 8B5C
Processor: AMD Ryzen 3 7330U with Radeon Graphics
Percentage of memory in use: 88%
Total physical RAM: 7489.07 MB
Available physical RAM: 825.03 MB
Total Virtual: 20801.07 MB
Available Virtual: 9579.94 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:237.37 GB) (Free:142.84 GB) (Model: KBG50ZNV256G KIOXIA) (Protected) NTFS
\\?\Volume{022fa154-9f13-416e-8c7c-4544d0c9e643}\ (Windows RE Tools) (Fixed) (Total:0.83 GB) (Free:0.22 GB) NTFS
\\?\Volume{34cd2a02-f7be-45a9-8085-daccd0bc3135}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D06C7837)
Partition: GPT.
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Vyskakujúce upozornenia na vírus
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakujúce upozornenia na vírus
Zdravím!
Nejdříve spusťte tuto utilitu:
Nejdříve spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakujúce upozornenia na vírus
# -------------------------------
# Malwarebytes AdwCleaner 8.5.1.601
# -------------------------------
# Build: 03-26-2025
# Database: 2025-04-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-24-2025
# Duration: 00:00:03
# OS: Windows 11 (Build 26100.3775)
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPNotifications Folder C:\Program Files (x86)\HP\HP NOTIFICATIONS
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPNotifications
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPNotifications
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3233 octets] - [24/04/2025 16:57:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
# Malwarebytes AdwCleaner 8.5.1.601
# -------------------------------
# Build: 03-26-2025
# Database: 2025-04-04.3 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 04-24-2025
# Duration: 00:00:03
# OS: Windows 11 (Build 26100.3775)
# Cleaned: 16
# Failed: 0
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
No malicious folders cleaned.
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{3CCC052E-BDEE-408A-BEA7-90914EF2964B}
Deleted HKLM\Software\Wow6432Node\\Classes\CLSID\{61F47056-E400-43D3-AF1E-AB7DFFD4C4AD}
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.HPNotifications Folder C:\Program Files (x86)\HP\HP NOTIFICATIONS
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPNotifications
Deleted Preinstalled.HPNotifications Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|HPNotifications
Deleted Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Deleted Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Deleted Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Deleted Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Deleted Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Deleted Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Deleted Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner[S00].txt - [3233 octets] - [24/04/2025 16:57:09]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakujúce upozornenia na vírus
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakujúce upozornenia na vírus
FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2025
Ran by ZSkopcany (administrator) on ZSKOPCANY (HP HP ProBook 455 15.6 inch G10 Notebook PC) (24-04-2025 21:10:52)
Running from C:\Users\zskop\Downloads\FRST64 (1).exe
Loaded Profiles: ZSkopcany
Platform: Microsoft Windows 11 Pro Education Version 24H2 26100.3775 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\HP\Sure Click\servers\BrService.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrHostSvr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe <6>
(cmd.exe ->) (Bromium UK Limited -> ) C:\Program Files\HP\Sure Click\servers\BrHostHelper\BrHostHelper.exe <3>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\BridgeCommunication.exe
(DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOCL64.exe
(DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atieclxx.exe
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\zskop\Desktop\adwcleaner (2).exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(Portrait Displays, Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\HPDCSetup.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atiesrxx.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Security Update Service\4.4.24.3257\SecurityUpdateService.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BemSvc.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrService.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELAN_MOC_Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_67bcefabacf2a385\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HPAudioAnalytics.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2358c22cfce9af22\x64\hpsvcsscan.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe <3>
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2504.1001.26.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP ICS\ICS.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2504.1001.26.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.8401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe [2119512 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2459763727-713270161-2395763681-1001\...\Run: [MicrosoftEdgeAutoLaunch_99403A969D43EB0E14EB990E68793760] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {919C57FF-8160-43B3-845D-291793147596} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2025-02-18] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {72C986FC-014D-4761-8268-8647FDC33254} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2025-02-18] (HP Inc. -> HP Inc.)
Task: {A9239CEB-92C9-47E3-8972-4D581A6D6296} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-12-18] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {DB09576F-3804-4E87-B57D-C04B591EAD0B} - System32\Tasks\HP\HP ICS\ICS => C:\Program Files (x86)\HP\HP ICS\ICS.exe [76870640 2023-03-02] (HP Inc. -> HP)
Task: {18E73235-CEA2-4BA8-8885-003226A42632} - System32\Tasks\HP\HP Wolf Security\Launch Console => C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe [262664 2024-12-12] (HP Inc. -> HP Inc.)
Task: {8772D18C-05AB-4017-B243-0151B99527E6} - System32\Tasks\HP\Sure Click\Sure Click 4.4.24.3257 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2792200 2025-03-30] (Bromium UK Limited -> HP)
Task: {790FF585-5C4E-4DB0-A1DA-A421F7DA6C2A} - System32\Tasks\HP\Sure Click\Sure Click UI 4.4.24.3257 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [185608 2025-03-30] (Bromium UK Limited -> HP)
Task: {1A1B8D73-7643-4900-A630-2C0DD87910F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4735F1B1-F089-4445-9B9B-F50DDDD7EA48} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {572DA350-049A-4CB2-BE19-DD3C0C9A38C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222352 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {417E0277-7302-4714-95DA-B8ACD3805436} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222352 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {22C713DC-4475-4A61-AD70-CBA744DD0C23} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-12-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {33CF2256-C5C0-4BA6-BA96-31019B0BBCA8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {777EBE79-92C7-42F4-A0DB-675200538951} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {25FE8810-BE6C-485B-B0ED-FD492DA7BF4C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BE12E7-0F96-4B25-AB89-E2FCFEB08EBC} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Users\zskop\AppData\Roaming\Zoom\bin\Zoom.exe [436024 2025-03-20] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fd6ae9d-6f1d-4fca-aba8-eef3445937ae}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fd6ae9d-6f1d-4fca-aba8-eef3445937ae}: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393D25485455374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393D25485455374: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F523E243: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F523E243: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F52444: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F52444: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-24]
Edge Notifications: Default -> hxxps://7l261d6bamv47o.steadychainconnection.co.in; hxxps://cvvbj86071bc73a6ia7g.steadychainconnection.co.in; hxxps://prwcv8bm23fqtm.steadychainconnection.co.in; hxxps://www.messenger.com
Edge Extension: (HP Wolf Security Extension) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aoganjpeihhkhippgnniaclfocnihgln [2025-04-24]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-24]
Edge Extension: (Edge relevant text changes) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 BrAmSvc; C:\Program Files\HP\Sure Click\servers\BrAmSvc.exe [2077088 2025-03-30] (HP Inc -> HP)
R2 BrEndpointSvc; c:\Program Files\HP\Sure Click\servers\BemSvc.exe [4912904 2025-03-30] (Bromium UK Limited -> HP)
R2 BrService; c:\Program Files\HP\Sure Click\servers\BrService.exe [10899208 2025-03-30] (Bromium UK Limited -> HP)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ELAN_MOC_Service; C:\WINDOWS\System32\ELAN_MOC_Service.exe [240032 2024-06-12] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncHelper.exe [3545416 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [1028024 2024-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HotKeyServiceUWP.exe [1510464 2025-01-02] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\AppHelperCap.exe [889976 2025-02-23] (HP Inc. -> HP Inc.)
R2 HPAudioAnalytics; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HPAudioAnalytics.exe [516160 2025-01-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\DiagsCap.exe [888928 2025-02-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe [885344 2025-02-23] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP)
R2 hpsvcsscan; C:\WINDOWS\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2358c22cfce9af22\x64\hpsvcsscan.exe [7039168 2024-09-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\SysInfoCap.exe [889464 2025-02-23] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_67bcefabacf2a385\x64\TouchpointAnalyticsClientService.exe [631472 2025-03-26] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\LanWlanWwanSwitchingServiceUWP.exe [605248 2025-01-02] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9406208 2025-04-24] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveUpdaterService.exe [3892568 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SECOMNService; C:\WINDOWS\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe [1087496 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.)
R2 SecurityUpdateService; C:\Program Files\HP\Security Update Service\4.4.24.3257\SecurityUpdateService.exe [5608200 2025-03-30] (Bromium UK Limited -> HP)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\amdkmdag.sys [106591144 2024-10-21] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 amdwirelessbutton; C:\WINDOWS\System32\drivers\amdwirelessbutton.sys [39032 2024-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R0 BrCow_4_4_24_3257; C:\WINDOWS\System32\DRIVERS\BrCow_4_4_24_3257.sys [71120 2025-03-30] (Bromium UK Limited -> HP)
R2 BrFilter_4_4_24_3257; C:\WINDOWS\System32\DRIVERS\BrFilter_4_4_24_3257.sys [238544 2025-03-30] (Bromium UK Limited -> HP)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144840 2025-04-08] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [241112 2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80448 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_bee0043985624487\mtkbtfilterx.sys [550072 2025-02-15] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_28fe41aefe6dd8d1\mtkwl6ex.sys [2011304 2025-02-20] (MEDIATEK INC. -> MediaTek Inc.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_d1a236ce16a4bbb1\rt68cx21x64.sys [845256 2024-12-25] (Realtek Semiconductor Corp. -> Realtek)
S0 sselam_4_4_19_828; C:\WINDOWS\System32\DRIVERS\sselam_4_4_19_828.sys [19528 2025-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> HP)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-08] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 uxen; C:\Program Files\HP\Sure Click\bin\uxen.sys [2053056 2025-02-19] (Bromium UK Limited -> HP)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 ax_pvi; \??\C:\Program Files\HP\Sure Click\bin\ax_pvi.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\ProgramData\Desktop\MindMaple Lite.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\AvalonIT Board.lnk"
2025-04-24 18:10 - 2025-04-24 18:10 - 009568256 _____ (Malwarebytes) C:\Users\zskop\Downloads\adwcleaner (2).exe
2025-04-24 18:10 - 2025-04-24 18:10 - 009568256 _____ (Malwarebytes) C:\Users\zskop\Desktop\adwcleaner (2).exe
2025-04-24 17:48 - 2025-04-24 17:48 - 000668026 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-24 17:48 - 2025-04-24 17:48 - 000145048 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-24 17:44 - 2025-04-24 17:44 - 000010372 __RSH C:\ProgramData\ntuser.pol
2025-04-24 17:43 - 2025-04-24 17:43 - 000241112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-04-24 17:43 - 2025-04-24 17:43 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-04-24 17:40 - 2025-04-24 17:41 - 009566696 _____ (Malwarebytes) C:\Users\zskop\Desktop\AdwCleaner (1).exe
2025-04-24 17:39 - 2025-04-24 17:39 - 009566696 _____ (Malwarebytes) C:\Users\zskop\Downloads\AdwCleaner (1).exe
2025-04-24 17:03 - 2025-04-24 19:04 - 000000000 ____D C:\Users\zskop\AppData\Local\Malwarebytes
2025-04-24 17:03 - 2025-04-24 17:03 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-04-24 17:02 - 2025-04-24 17:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-04-24 17:02 - 2025-04-24 17:02 - 000000000 ____D C:\Program Files\Malwarebytes
2025-04-24 17:01 - 2025-04-24 17:01 - 002834160 _____ (Malwarebytes) C:\Users\zskop\Downloads\MBSetup.exe
2025-04-24 16:56 - 2025-04-24 16:58 - 000000000 ____D C:\AdwCleaner
2025-04-24 16:56 - 2025-04-24 16:56 - 009568256 _____ (Malwarebytes) C:\Users\zskop\Downloads\adwcleaner.exe
2025-04-24 13:14 - 2025-04-24 13:15 - 000022773 _____ C:\Users\zskop\Downloads\Addition.txt
2025-04-24 13:08 - 2025-04-24 21:11 - 000026845 _____ C:\Users\zskop\Downloads\FRST.txt
2025-04-24 13:08 - 2025-04-24 21:11 - 000000000 ____D C:\FRST
2025-04-24 13:07 - 2025-04-24 13:08 - 002405376 _____ (Farbar) C:\Users\zskop\Downloads\FRST64 (1).exe
2025-04-24 13:07 - 2025-04-24 13:07 - 002097664 _____ (Farbar) C:\Users\zskop\Downloads\Nepotvrdené 663862.crdownload
2025-04-24 13:06 - 2025-04-24 13:06 - 002405376 _____ (Farbar) C:\Users\zskop\Downloads\Nepotvrdené 30894.crdownload
2025-04-24 10:47 - 2025-04-24 10:48 - 000000000 ____D C:\Users\zskop\Desktop\Záloha pracovná plocha
2025-04-23 21:22 - 2025-04-23 21:22 - 000217724 _____ C:\Users\zskop\Downloads\Spoločenstvo lúk - previerka.pdf
2025-04-22 21:58 - 2025-04-22 21:58 - 000589258 _____ C:\Users\zskop\Downloads\Správanie sa telies v kvapalinách s rôznou hustotou.pptx
2025-04-22 21:56 - 2025-04-22 21:56 - 001531926 _____ C:\Users\zskop\Downloads\Správanie telies v kvapalinách s rôznou hustotou.pptx.pptx
2025-04-22 21:53 - 2025-04-22 21:54 - 154567658 _____ C:\Users\zskop\Downloads\ARCHIMEDOV ZÁKON V PRAXI.mp4
2025-04-22 21:51 - 2025-04-22 21:51 - 001014272 _____ C:\Users\zskop\Downloads\Vplyv hmotnosti, objemu a tvaru telies na ich správanie vo vode.ppt
2025-04-22 21:50 - 2025-04-22 21:50 - 001930752 _____ C:\Users\zskop\Downloads\Vplyv objemu a tvaru telies na ich spravanie vo vode.ppt
2025-04-16 21:57 - 2025-04-16 21:57 - 000617928 _____ C:\Users\zskop\Downloads\8. ročník - Biológia.pdf
2025-04-16 20:48 - 2025-03-30 16:20 - 000238544 _____ (HP) C:\WINDOWS\system32\Drivers\BrFilter_4_4_24_3257.sys
2025-04-16 20:48 - 2025-03-30 16:20 - 000071120 _____ (HP) C:\WINDOWS\system32\Drivers\BrCow_4_4_24_3257.sys
2025-04-16 15:47 - 2025-04-16 15:47 - 041457429 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri (1).pptx.pptx
2025-04-14 21:47 - 2025-04-14 21:47 - 002294511 _____ C:\Users\zskop\Downloads\Šifra - písmená.zip
2025-04-14 21:37 - 2025-04-14 21:37 - 000238277 _____ C:\Users\zskop\Downloads\Meranie vlastného výkonu.pdf
2025-04-08 23:32 - 2025-04-08 23:32 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-08 23:32 - 2025-04-08 23:32 - 000000000 ____D C:\inetpub
2025-04-08 21:24 - 2025-04-22 07:57 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-08 20:35 - 2025-04-08 20:35 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-08 20:35 - 2025-04-08 20:35 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-08 12:19 - 2025-04-08 12:19 - 000000710 _____ C:\Users\zskop\Documents\Zachránený dokument 1.txt
2025-04-07 09:11 - 2025-04-07 09:11 - 013654769 _____ C:\Users\zskop\Downloads\Fascinujuci-svet-dinosaurov.pptx.pdf
2025-04-06 21:41 - 2025-04-06 21:41 - 001566720 _____ C:\Users\zskop\Downloads\Bunková stavba organizmov.ppt
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETFC2.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF83.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF43.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF04.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETEB5.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETE37.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETDF7.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD68.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD48.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD09.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETCBA.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETC4A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETC2A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB9B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB7B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB4B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETAAE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETA8E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETA4E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET64F.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET5F0.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET5A1.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET571.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET532.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET511.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET4D2.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET483.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET434.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET349E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET30B5.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2FE9.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2FC9.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2F99.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET197A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET18FB.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET18AC.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET16E6.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET1697.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET13C7.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET12BC.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET127D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET124D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET121D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET11CE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET118D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET116D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET111E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET10DE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET10AF.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET106F.tmp
2025-04-06 21:33 - 2024-10-21 08:54 - 000737704 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-04-06 21:33 - 2024-10-21 08:54 - 000737704 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-04-06 21:33 - 2024-10-21 08:54 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-04-06 21:33 - 2024-10-21 08:54 - 000149392 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 002100160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 001617832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 001617832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000978344 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2025-04-06 21:33 - 2024-10-21 08:53 - 000464304 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000406440 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2025-04-06 21:33 - 2024-10-21 08:53 - 000229296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000175072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000165784 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000148904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000142760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 004179880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 002245552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 001074800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000771496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000678832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000434088 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000232808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000187976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000118696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000115136 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000048560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 088606656 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 001412088 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000152616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000138608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000138600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000131192 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2025-04-06 21:04 - 2025-04-06 21:04 - 000124925 _____ C:\Users\zskop\Downloads\Magnetické pole cievky s prúdom (1).pptx
2025-04-06 21:01 - 2025-04-06 21:01 - 015419419 _____ C:\Users\zskop\Downloads\2.12 Magnetické pole v okolí vodiča s prúdom. Magnetické pole cievky s prúdom.pptx
2025-04-06 21:00 - 2025-04-06 21:00 - 001490300 _____ C:\Users\zskop\Downloads\Magnetické pole cievky s prúdom.pptx
2025-04-06 20:58 - 2025-04-06 20:58 - 001220756 _____ C:\Users\zskop\Downloads\Simulácia mag. poľa v okolí magnet, cievky s prúdom... (1).jar
2025-04-06 20:58 - 2025-04-06 20:58 - 000155156 _____ C:\Users\zskop\Downloads\cievka v poli.pptx.pptx
2025-04-06 20:57 - 2025-04-06 20:57 - 001220756 _____ C:\Users\zskop\Downloads\Simulácia mag. poľa v okolí magnet, cievky s prúdom....jar
2025-04-06 20:55 - 2025-04-06 20:55 - 001534976 _____ C:\Users\zskop\Downloads\Magnetické pole v okolí vodiča s prúdom.ppt
2025-04-06 20:54 - 2025-04-06 20:54 - 000455680 _____ C:\Users\zskop\Downloads\Magnetické pole elektrického prúdu.ppt.ppt
2025-04-04 09:26 - 2025-04-04 09:26 - 014772973 _____ C:\Users\zskop\Downloads\SPOLOČENSTVO LÚK.pptx
2025-04-04 09:24 - 2025-04-04 09:24 - 004696415 _____ C:\Users\zskop\Downloads\RASTLINY SPOLOČENSTVA LÚK - 1.pptx
2025-04-04 08:05 - 2025-04-04 08:05 - 013068666 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri (1).pptx
2025-04-03 18:27 - 2025-04-03 18:27 - 012080271 _____ C:\Users\zskop\Downloads\Fascinujuci-svet-dinosaurov.pptx
2025-04-03 18:20 - 2025-04-03 18:20 - 013068666 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri.pptx
2025-04-02 20:55 - 2025-04-02 20:55 - 000573644 _____ C:\Users\zskop\Downloads\OPAKOVANIE - LESNÉ SPOLOČENSTVO - SK. B.pdf
2025-04-02 20:52 - 2025-04-02 20:52 - 003085937 _____ C:\Users\zskop\Downloads\Prírodoveda4- PU str. 68-69 Lesné spoločenstvo.pptx
2025-04-02 20:52 - 2025-04-02 20:52 - 000116602 _____ C:\Users\zskop\Downloads\PRI 4.roč._ Malá písomka Medveď a buk Pravda-nepravda.pdf
2025-04-02 20:48 - 2025-04-02 20:48 - 000629027 _____ C:\Users\zskop\Downloads\Prírodné spoločenstvá.pdf
2025-04-01 13:10 - 2025-04-01 13:10 - 004191468 _____ C:\Users\zskop\Downloads\Biela ružová zelená Kvetinový Deň matiek Príspevok na Instagram.pdf
2025-03-27 21:23 - 2025-03-27 21:23 - 000463994 _____ C:\Users\zskop\Downloads\lesné spoločenstvo - testík.pdf
2025-03-27 21:22 - 2025-03-27 21:22 - 000000066 _____ C:\Users\zskop\Downloads\Nepotvrdené 181735.crdownload
2025-03-27 21:04 - 2025-03-27 21:04 - 000193419 _____ C:\Users\zskop\Downloads\TEST-MAT-2.pdf
2025-03-27 21:03 - 2025-03-27 21:03 - 000228682 _____ C:\Users\zskop\Downloads\TEST-SJL1.pdf
2025-03-26 20:47 - 2025-03-26 20:47 - 003097088 _____ C:\Users\zskop\Downloads\hustota-kvapalin.ppt.ppt
2025-03-26 20:44 - 2025-03-26 20:44 - 001616146 _____ C:\Users\zskop\Downloads\2.4 Hustota kvapalín (2).pptx
2025-03-26 20:43 - 2025-03-26 20:43 - 001616146 _____ C:\Users\zskop\Downloads\2.4 Hustota kvapalín.pptx (1).pptx
2025-03-26 20:31 - 2025-03-26 20:32 - 316727753 _____ C:\Users\zskop\Downloads\Lesné spoločenstvo - prezentácia.pdf
2025-03-25 22:03 - 2025-03-25 22:03 - 000395199 _____ C:\Users\zskop\Downloads\PDA4 Lesné spoločenstvo.pdf
2025-03-25 22:02 - 2025-03-25 22:02 - 003711539 _____ C:\Users\zskop\Downloads\Rastliny lesného spoločenstva.pptx
2025-03-25 22:01 - 2025-03-25 22:01 - 000116602 _____ C:\Users\zskop\Downloads\PRÍ 4.roč. Päťminútovka Lesné spoločenstvo.pdf
2025-03-25 21:58 - 2025-03-25 21:58 - 000072379 _____ C:\Users\zskop\Downloads\Rastliny lesného spoločenstva.pdf
2025-03-25 21:53 - 2025-03-25 21:53 - 006255616 _____ C:\Users\zskop\Downloads\SLNKO.ppt
2025-03-25 21:51 - 2025-03-25 21:51 - 000049720 _____ C:\Users\zskop\Downloads\Test - pohyb a sila.htm
2025-03-25 21:47 - 2025-03-25 21:47 - 007488156 _____ C:\Users\zskop\Downloads\rýchlosť.pptx
2025-03-25 21:29 - 2025-03-25 21:29 - 000151785 _____ C:\Users\zskop\Downloads\cestovný príkaz tlačivo (1).xlsx
2025-03-25 13:01 - 2025-03-25 13:01 - 000151785 _____ C:\Users\zskop\Downloads\cestovný príkaz tlačivo.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-24 21:11 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-24 21:09 - 2024-12-18 04:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-24 20:37 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-24 17:48 - 2024-12-18 04:35 - 001603790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-24 17:48 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-24 17:44 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-24 17:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-24 17:43 - 2024-12-18 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-24 17:43 - 2024-12-18 04:29 - 000003212 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-24 17:43 - 2024-12-18 04:27 - 000000000 ____D C:\Users\zskop
2025-04-24 17:43 - 2024-12-18 04:26 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-24 17:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-24 17:43 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-24 17:43 - 2023-05-15 13:29 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-24 17:02 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-24 16:58 - 2024-03-04 20:53 - 000000000 ____D C:\Users\zskop\AppData\Local\D3DSCache
2025-04-24 16:58 - 2023-06-01 03:27 - 000000000 _RSHD C:\hp
2025-04-24 16:58 - 2023-05-15 13:36 - 000000000 ____D C:\ProgramData\HP
2025-04-24 16:58 - 2023-05-15 13:36 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2025-04-24 16:58 - 2023-05-15 13:36 - 000000000 ____D C:\Program Files (x86)\HP
2025-04-24 12:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-24 12:42 - 2023-07-29 22:15 - 000000000 ____D C:\ProgramData\Bromium
2025-04-24 12:35 - 2023-07-29 22:10 - 000000000 ____D C:\Program Files\AMD
2025-04-24 12:34 - 2024-03-12 16:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-24 09:42 - 2024-03-04 20:50 - 000000000 ____D C:\Users\zskop\AppData\Local\Packages
2025-04-23 21:51 - 2024-03-04 21:26 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Word
2025-04-23 21:32 - 2024-03-04 21:27 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Excel
2025-04-23 20:42 - 2025-03-18 05:32 - 000378432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_8.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 002901544 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-04-23 20:42 - 2024-06-10 07:31 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-04-22 07:48 - 2025-02-07 10:14 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2459763727-713270161-2395763681-1001
2025-04-22 07:48 - 2024-12-18 04:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2459763727-713270161-2395763681-1001
2025-04-22 07:48 - 2024-12-18 04:30 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-22 07:48 - 2024-03-04 21:26 - 000002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-22 07:44 - 2023-05-15 13:29 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-16 20:48 - 2023-07-29 22:15 - 000006571 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2025-04-16 20:31 - 2023-05-15 13:36 - 000000000 ____D C:\Program Files\HP
2025-04-10 10:42 - 2023-05-15 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-10 06:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-04-10 02:03 - 2024-03-14 13:07 - 000000000 ____D C:\Users\zskop\AppData\Local\CrashDumps
2025-04-08 23:56 - 2024-03-04 21:29 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\PowerPoint
2025-04-08 23:52 - 2024-12-18 04:26 - 000622176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-08 23:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-08 23:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-08 23:32 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-08 20:34 - 2024-12-18 04:30 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 20:40 - 2024-12-18 04:30 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 20:40 - 2024-12-18 04:30 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-31 00:03 - 2024-12-13 11:02 - 000019528 _____ (HP) C:\WINDOWS\system32\Drivers\sselam_4_4_19_828.sys
2025-03-27 17:15 - 2024-03-04 20:54 - 000000000 ____D C:\Users\zskop\AppData\Roaming\hpqLog
2025-03-25 09:35 - 2024-03-04 21:26 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Office
2025-03-25 09:21 - 2024-03-12 16:55 - 000000000 ____D C:\WINDOWS\Firmware
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2025
Ran by ZSkopcany (24-04-2025 21:13:50)
Running from C:\Users\zskop\Downloads
Microsoft Windows 11 Pro Education Version 24H2 26100.3775 (X64) (2024-12-18 02:30:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2459763727-713270161-2395763681-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2459763727-713270161-2395763681-503 - Limited - Disabled)
Guest (S-1-5-21-2459763727-713270161-2395763681-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2459763727-713270161-2395763681-504 - Limited - Disabled)
ZSkopcany (S-1-5-21-2459763727-713270161-2395763681-1001 - Administrator - Enabled) => C:\Users\zskop
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.20.44.10 - Advanced Micro Devices, Inc.)
AvalonIT Board 4.0.1 (HKLM-x32\...\AvalonIT Board) (Version: - )
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{84937F28-9CB4-49E7-A2CF-E32D97E6DAE6}) (Version: 1.1.28.1 - HP)
HP Security Update Service (HKLM\...\{BA61DF3F-BE8F-4785-AC56-D30049E35A7D}) (Version: 4.4.24.3257 - HP Inc.)
HP Sure Recover (HKLM\...\{7DC79887-72FA-4688-BBB9-2968BA80F61B}) (Version: 10.1.26.255 - HP Inc.)
HP Sure Run Module (HKLM\...\{3A089261-A5F9-4312-ABF0-9564F47A5AB8}) (Version: 5.0.5.81 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{29C20505-3240-4B32-93B7-09BECA8CEF36}) (Version: 1.4.16.17 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{5C1C084D-1DB7-4CAB-840F-E5DD386C2A50}) (Version: 1.4.16.22 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{E551DF5A-C791-4466-8049-FEF18C68C2B6}) (Version: 1.4.16.10 - HP Inc.) Hidden
HP Wolf Security - Console (HKLM\...\{8D6BF9FF-C0ED-49E6-970D-9EA7CAB3C7C0}) (Version: 11.1.3.817 - HP Inc.)
HP Wolf Security (HKLM\...\{408F5C0F-0DC9-11F0-A6D9-000C29910851}) (Version: 4.4.24.3257 - HP Inc.)
HP Wolf Security Application Support for Chrome 134.0.6998.178 (HKLM\...\{1DE23EA0-7E93-4166-AADE-55B9F23B7D43}) (Version: 4.4.24.3261 - HP Inc.) Hidden
HP Wolf Security Application Support for Sure Sense (HKLM\...\{2AF2F895-6B1E-48AC-83FB-15CD4DA7A47F}) (Version: 4.4.24.3257 - HP Inc.) Hidden
ICS (HKLM-x32\...\{5CD25FCD-D218-46D0-B405-E5A488969BDF}) (Version: 3.1.1.10 - HP Inc.)
Malwarebytes version 5.2.11.183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.11.183 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.06502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
MindMaple Lite 1.71 (HKLM-x32\...\MindMaple_is1) (Version: v1.71 - MindMaple Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Windows Driver Package - HP Inc. BrCow_4_4_24_3257 ActivityMonitor (03/30/2025 4.4.24.3257) (HKLM\...\10A61BE7E9076E790D19ABF2124E363C8CEE32A8) (Version: 03/30/2025 4.4.24.3257 - HP Inc.) Hidden
Windows Driver Package - HP Inc. BrFilter_4_4_24_3257 ActivityMonitor (03/30/2025 4.4.24.3257) (HKLM\...\5C9C494F96ED5A5E722956420FBF6000FC17D08E) (Version: 03/30/2025 4.4.24.3257 - HP Inc.) Hidden
Windows Driver Package - HP Inc. sselam_4_4_19_828 AntiVirus (08/09/2024 4.4.19.828) (HKLM\...\FB93285F183DE6985F684AEE5F637905935D05BF) (Version: 08/09/2024 4.4.19.828 - HP Inc.) Hidden
Zoom Workplace (HKU\S-1-5-21-2459763727-713270161-2395763681-1001\...\ZoomUMX) (Version: 6.4.0 (62047) - Zoom Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m [2024-11-11] (Advanced Micro Devices Inc.) [Startup Task]
Balík pre prostredie funkcií Windowsu -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-08] (Microsoft Windows)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.51.331.0_x64__dt26b99r8h8gj [2024-09-27] (Realtek Semiconductor Corp)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.7.2.0_x64__v10z8vjag6ke6 [2025-03-13] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_3.1.3.0_x64__v10z8vjag6ke6 [2024-03-04] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-09-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.43.12.0_x64__v10z8vjag6ke6 [2025-04-01] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.44.0_x64__v10z8vjag6ke6 [2024-12-04] (HP Inc.)
Kahoot! Create -> C:\Program Files\WindowsApps\37790ProgressiveAppsAuto-.KahootCreator_2.0.0.0_neutral__khvkecjt9945r [2025-02-20] (Kahoot! AS)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-13] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-16] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-30] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6 [2025-04-03] (HP Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-10] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ BromiumOverlay_4_4_24_3257] -> {6CDCC3E8-D8FF-46EF-B8BE-63A0593E7798} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ShellIconOverlayIdentifiers-x32: [ BromiumOverlay_4_4_24_3257] -> {6CDCC3E8-D8FF-46EF-B8BE-63A0593E7798} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [Bromium TrustDrive Context Menu_4_4_24_3257] -> {5F4F5529-DD35-4B9F-812F-A5B0B3FD5D44} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [SureSense_ScanFile_4_4_24_3257] -> {1003406D-B16C-4A93-B2F0-13CCAAD05934} => C:\Program Files\HP\Sure Click\ApplicationSupport\sure_sense\4.4.24.3257\SureSenseShellExt.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers3: [vSentry_TrustFile_4_4_24_3257] -> {833378FE-1986-46BA-9B4E-F8F1D9B094D6} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/ ... inesspc-hp
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\zskop\Desktop\AdwCleaner (1).exe:MBAM.Zone.Identifier [214]
AlternateDataStreams: C:\Users\zskop\Desktop\adwcleaner (2).exe:MBAM.Zone.Identifier [284]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2024-08-26 12:21 - 2024-09-04 08:10 - 000000515 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
10 25 47 926
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2459763727-713270161-2395763681-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img19.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Sieťové pripojenie Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: MediaTek Wi-Fi 6E MT7922 (RZ616) 160MHz PCIe Adapter -> mtkwl6ex.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C67A519A-5C1D-4523-91B7-F91E7C367FD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69A1970A-9753-44DC-9EA8-924CBC424716}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72E51F05-6EE8-46D3-844A-496446AF4456}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BE92A41-48F0-4EA5-9795-C7E1C27DBBD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85D2A575-9308-4488-B3D0-42E5E21F9BBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DDA8291-5E87-4BF6-B3BA-E79017C05C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BE654F3-AC24-487B-994B-782C686FD0A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F900CBCF-E1BF-4A03-A42E-BCC75520B4A6}] => (Allow) C:\Program Files\HP\Sure Click\ApplicationSupport\chrome\4.4.24.3261\brchromium\134.0.6998.178\BrChrome.exe (Bromium UK Limited -> HP)
FirewallRules: [{1767B235-58BB-4358-BB8C-1BBFF8A424A1}] => (Allow) C:\Program Files\HP\Sure Click\4.4.24.3257\servers\manifests\chrome\brchromium\132.0.6834.210\BrChrome.exe (Bromium UK Limited -> HP)
FirewallRules: [{50A43E6D-E4CC-464D-BE39-A7F49B1623BE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AD3D27A-E5E2-46C4-9652-8F4F897725E3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2ED3CA2C-9227-4365-83FA-83A6CDE52C3D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
22-04-2025 07:49:01 Windows Update
22-04-2025 07:49:03 Windows Update
24-04-2025 12:35:30 Grab_MSIExecute
24-04-2025 16:57:24 AdwCleaner_BeforeCleaning_24/04/2025_16:57:24
24-04-2025 17:41:56 AdwCleaner_BeforeCleaning_24/04/2025_17:41:55
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/24/2025 05:46:51 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/24/2025 01:46:01 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ZSKopcany)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147023600
Error: (04/24/2025 12:38:16 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/24/2025 12:35:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\ZSKOPCANY$ via https://NTC-KeyId-72b03d712281953463bc7 ... s/Aik/scep failed:
GetCACaps
Method: GET(969ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (04/23/2025 11:01:44 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/22/2025 05:50:58 PM) (Source: Application Error) (EventID: 1000) (User: ZSKopcany)
Description: Názov chybnej aplikácie: Zoom.exe, verzia: 6.4.0.62047, časová značka: 0x67d825e6
Názov modulu s poruchou: atidxx64.dll, verzia: 31.0.21918.3001, časová značka: 0x670cdd83
Kód výnimky: 0xc0000005
Odchýlka poruchy: 0x000000000003ddd8
Id poruchového procesu: 0x1748
Čas spustenia poruchovej aplikácie: 0x1dbb39a2297576b
Cesta k poruchovej aplikácii: C:\Users\zskop\AppData\Roaming\Zoom\bin\Zoom.exe
Cesta k poruchovému modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atidxx64.dll
Id správy: 2bd58fdb-d784-4f74-83ad-35034bb5dff8
Plný názov chybného balíka:
Identifikátor poruchovej aplikácie vzťahujúci sa na balík:
Error: (04/17/2025 11:13:08 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/16/2025 08:38:11 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybnej aplikácie: BrService.exe, verzia: 4.4.23.316, časová značka: 0x679d16a2
Názov modulu s poruchou: ntdll.dll, verzia: 10.0.26100.3775, časová značka: 0x5e4be250
Kód výnimky: 0xc0000005
Odchýlka poruchy: 0x0000000000040546
Id poruchového procesu: 0x1678
Čas spustenia poruchovej aplikácie: 0x1dba8d0c2d1655b
Cesta k poruchovej aplikácii: c:\Program Files\HP\Sure Click\servers\BrService.exe
Cesta k poruchovému modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Id správy: d81c7b5a-ad74-4a23-9f0e-963dad184df1
Plný názov chybného balíka:
Identifikátor poruchovej aplikácie vzťahujúci sa na balík:
System errors:
=============
Error: (04/24/2025 05:43:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HP Comm Recover zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (04/24/2025 05:43:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby l1vhlwf zlyhalo kvôli nasledujúcej chybe:
A hypervisor feature is not available to the user.
Error: (04/24/2025 05:43:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\system32\mtkihvx.dll
Error: (04/24/2025 05:43:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\system32\mtkihvx.dll
Error: (04/24/2025 05:43:03 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (04/24/2025 05:43:03 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (04/24/2025 05:43:03 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (04/24/2025 05:42:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Windows Defender:
================
Date: 2025-04-23 22:02:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-17 11:55:03
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-16 16:13:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-15 20:05:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-14 11:32:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2025-04-24 17:51:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-04-24 17:46:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-24 17:45:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: HP V78 Ver. 01.09.00 01/14/2025
Motherboard: HP 8B5C
Processor: AMD Ryzen 3 7330U with Radeon Graphics
Percentage of memory in use: 67%
Total physical RAM: 7489.07 MB
Available physical RAM: 2413.21 MB
Total Virtual: 20801.07 MB
Available Virtual: 12993.81 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:237.37 GB) (Free:142.2 GB) (Model: KBG50ZNV256G KIOXIA) (Protected) NTFS
\\?\Volume{022fa154-9f13-416e-8c7c-4544d0c9e643}\ (Windows RE Tools) (Fixed) (Total:0.83 GB) (Free:0.22 GB) NTFS
\\?\Volume{34cd2a02-f7be-45a9-8085-daccd0bc3135}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D06C7837)
Partition: GPT.
==================== End of Addition.txt =======================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 23-04-2025
Ran by ZSkopcany (administrator) on ZSKOPCANY (HP HP ProBook 455 15.6 inch G10 Notebook PC) (24-04-2025 21:10:52)
Running from C:\Users\zskop\Downloads\FRST64 (1).exe
Loaded Profiles: ZSkopcany
Platform: Microsoft Windows 11 Pro Education Version 24H2 26100.3775 (X64) Language: Čeština (Česká republika) -> Slovenčina (Slovensko)
Default browser: Edge
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe
(0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe
(C:\Program Files\HP\Sure Click\servers\BrService.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrHostSvr.exe
(C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\Malwarebytes.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSServ.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\AMDRSSrcExt.exe
(C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\RadeonSoftware.exe ->) (0A0B0503-04C2-4CCF-9BC2-4F164DC80FEE -> Advanced Micro Devices, Inc.) C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m\radeonsoftware\cncmd.exe
(C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe <6>
(cmd.exe ->) (Bromium UK Limited -> ) C:\Program Files\HP\Sure Click\servers\BrHostHelper\BrHostHelper.exe <3>
(DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\BridgeCommunication.exe
(DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOCL64.exe
(DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atiesrxx.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atieclxx.exe
(explorer.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Users\zskop\Desktop\adwcleaner (2).exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe <12>
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe <3>
(Portrait Displays, Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\HPDCSetup.exe
(services.exe ->) (Advanced Micro Devices -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atiesrxx.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Security Update Service\4.4.24.3257\SecurityUpdateService.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BemSvc.exe
(services.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrService.exe
(services.exe ->) (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.) C:\Windows\System32\ELAN_MOC_Service.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_67bcefabacf2a385\x64\TouchpointAnalyticsClientService.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\AppHelperCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\DiagsCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\SysInfoCap.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HotKeyServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HPAudioAnalytics.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\LanWlanWwanSwitchingServiceUWP.exe
(services.exe ->) (HP Inc. -> HP Inc.) C:\Windows\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2358c22cfce9af22\x64\hpsvcsscan.exe
(services.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
(services.exe ->) (Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.) C:\Windows\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrsr.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia) C:\Windows\System32\FMService64.exe
(services.exe ->) (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.) C:\Windows\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe <3>
(sihost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> DesktopExtension) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\win32\DesktopExtension.exe
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2504.1001.26.0_x64__8wekyb3d8bbwe\XboxPcTray.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.25032.52.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (Bromium UK Limited -> HP) C:\Program Files\HP\Sure Click\servers\BrConsole.exe
(svchost.exe ->) (ED346674-0FA1-4272-85CE-3187C9C86E26 -> ) C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6\HP.myHP.exe
(svchost.exe ->) (HP Inc. -> HP Inc.) C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe
(svchost.exe ->) (HP Inc. -> HP) C:\Program Files (x86)\HP\HP ICS\ICS.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.GamingApp_2504.1001.26.0_x64__8wekyb3d8bbwe\XboxPcAppFT.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_525.8401.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe [2119512 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2459763727-713270161-2395763681-1001\...\Run: [MicrosoftEdgeAutoLaunch_99403A969D43EB0E14EB990E68793760] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [4419624 2025-04-17] (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {919C57FF-8160-43B3-845D-291793147596} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Assistant Update Notice => C:\Program Files (x86)\HP\HP Support Framework\Resources\BingPopup\BingPopup.exe [1003528 2025-02-18] (HP Inc. -> HP Inc.) -> C:\Program Files (x86)\HP\HP Support Framework\\/show
Task: {72C986FC-014D-4761-8268-8647FDC33254} - System32\Tasks\Hewlett-Packard\HP Support Assistant\HP Support Solutions Framework Report => C:\Program Files (x86)\HP\HP Support Framework\Resources\HPSFReport.exe [479984 2025-02-18] (HP Inc. -> HP Inc.)
Task: {A9239CEB-92C9-47E3-8972-4D581A6D6296} - System32\Tasks\HP\Consent Manager Launcher => C:\WINDOWS\system32\sc.exe [102400 2024-12-18] (Microsoft Windows -> Microsoft Corporation) -> start hptouchpointanalyticsservice
Task: {DB09576F-3804-4E87-B57D-C04B591EAD0B} - System32\Tasks\HP\HP ICS\ICS => C:\Program Files (x86)\HP\HP ICS\ICS.exe [76870640 2023-03-02] (HP Inc. -> HP)
Task: {18E73235-CEA2-4BA8-8885-003226A42632} - System32\Tasks\HP\HP Wolf Security\Launch Console => C:\Program Files\HP\HP Client Security Manager\HP.ClientSecurityManager.exe [262664 2024-12-12] (HP Inc. -> HP Inc.)
Task: {8772D18C-05AB-4017-B243-0151B99527E6} - System32\Tasks\HP\Sure Click\Sure Click 4.4.24.3257 => C:\Program Files\HP\Sure Click\servers\BrLauncher.exe [2792200 2025-03-30] (Bromium UK Limited -> HP)
Task: {790FF585-5C4E-4DB0-A1DA-A421F7DA6C2A} - System32\Tasks\HP\Sure Click\Sure Click UI 4.4.24.3257 => C:\Program Files\HP\Sure Click\servers\BrConsole.exe [185608 2025-03-30] (Bromium UK Limited -> HP)
Task: {1A1B8D73-7643-4900-A630-2C0DD87910F3} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {4735F1B1-F089-4445-9B9B-F50DDDD7EA48} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28660920 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
Task: {572DA350-049A-4CB2-BE19-DD3C0C9A38C2} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222352 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {417E0277-7302-4714-95DA-B8ACD3805436} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [222352 2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
Task: {22C713DC-4475-4A61-AD70-CBA744DD0C23} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954808 2022-12-20] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {33CF2256-C5C0-4BA6-BA96-31019B0BBCA8} - System32\Tasks\OneDrive Per-Machine Standalone Update Task => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {777EBE79-92C7-42F4-A0DB-675200538951} - System32\Tasks\OneDrive Reporting Task-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Program Files\Microsoft OneDrive\OneDriveStandaloneUpdater.exe [4223832 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {25FE8810-BE6C-485B-B0ED-FD492DA7BF4C} - System32\Tasks\OneDrive Startup Task-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveLauncher.exe [676680 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
Task: {B3BE12E7-0F96-4B25-AB89-E2FCFEB08EBC} - System32\Tasks\ZoomUpdateTaskUser-S-1-5-21-2459763727-713270161-2395763681-1001 => C:\Users\zskop\AppData\Roaming\Zoom\bin\Zoom.exe [436024 2025-03-20] (Zoom Video Communications, Inc. -> Zoom Communications, Inc.)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fd6ae9d-6f1d-4fca-aba8-eef3445937ae}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{7fd6ae9d-6f1d-4fca-aba8-eef3445937ae}: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393D25485455374: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\45D2532383131393D25485455374: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F523E243: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F523E243: [DhcpDomain] home
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F52444: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{968f8823-c4c9-4ccd-844e-d12ac33f9571}\A535F5B4F6073616E697F52444: [DhcpDomain] home
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default [2025-04-24]
Edge Notifications: Default -> hxxps://7l261d6bamv47o.steadychainconnection.co.in; hxxps://cvvbj86071bc73a6ia7g.steadychainconnection.co.in; hxxps://prwcv8bm23fqtm.steadychainconnection.co.in; hxxps://www.messenger.com
Edge Extension: (HP Wolf Security Extension) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\aoganjpeihhkhippgnniaclfocnihgln [2025-04-24]
Edge Extension: (Dokumenty Google v režime offline) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2025-04-24]
Edge Extension: (Edge relevant text changes) - C:\Users\zskop\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2025-04-24]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
FireFox:
========
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Chrome:
=======
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
S4 BrAmSvc; C:\Program Files\HP\Sure Click\servers\BrAmSvc.exe [2077088 2025-03-30] (HP Inc -> HP)
R2 BrEndpointSvc; c:\Program Files\HP\Sure Click\servers\BemSvc.exe [4912904 2025-03-30] (Bromium UK Limited -> HP)
R2 BrService; c:\Program Files\HP\Sure Click\servers\BrService.exe [10899208 2025-03-30] (Bromium UK Limited -> HP)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13512888 2024-12-07] (Microsoft Corporation -> Microsoft Corporation)
R2 ELAN_MOC_Service; C:\WINDOWS\System32\ELAN_MOC_Service.exe [240032 2024-06-12] (ELAN MICROELECTRONICS CORPORATION -> ELAN Microelectronics Corp.)
S3 FileSyncHelper; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncHelper.exe [3545416 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 FMAPOService; C:\WINDOWS\System32\FMService64.exe [1028024 2024-05-17] (Microsoft Windows Hardware Compatibility Publisher -> Fortemedia)
R2 HotKeyServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HotKeyServiceUWP.exe [1510464 2025-01-02] (HP Inc. -> HP Inc.)
R2 HPAppHelperCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\AppHelperCap.exe [889976 2025-02-23] (HP Inc. -> HP Inc.)
R2 HPAudioAnalytics; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\HPAudioAnalytics.exe [516160 2025-01-02] (HP Inc. -> HP Inc.)
R2 HPDiagsCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\DiagsCap.exe [888928 2025-02-23] (HP Inc. -> HP Inc.)
R2 HPNetworkCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\NetworkCap.exe [885344 2025-02-23] (HP Inc. -> HP Inc.)
R3 hpqcaslwmiex; C:\Program Files (x86)\HP\Shared\hpqwmiex.exe [1149448 2020-07-23] (HP Inc. -> HP)
R2 hpsvcsscan; C:\WINDOWS\System32\DriverStore\FileRepository\hpsvcsscancomp.inf_amd64_2358c22cfce9af22\x64\hpsvcsscan.exe [7039168 2024-09-24] (HP Inc. -> HP Inc.)
R2 HPSysInfoCap; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_99df39518a95d370\x64\SysInfoCap.exe [889464 2025-02-23] (HP Inc. -> HP Inc.)
R2 HpTouchpointAnalyticsService; C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_67bcefabacf2a385\x64\TouchpointAnalyticsClientService.exe [631472 2025-03-26] (HP Inc. -> HP Inc.)
R2 LanWlanWwanSwitchingServiceUWP; C:\WINDOWS\System32\DriverStore\FileRepository\hpqkbsoftwarecompnent.inf_amd64_dba1fdfaedf1c498\LanWlanWwanSwitchingServiceUWP.exe [605248 2025-01-02] (HP Inc. -> HP Inc.)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [9406208 2025-04-24] (Malwarebytes Inc -> Malwarebytes)
S3 MBVpnTunnelService; C:\Program Files\Malwarebytes\Anti-Malware\MBVpnTunnelService.exe [2788304 2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
R2 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpDefenderCoreService.exe [2009608 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 OneDrive Updater Service; C:\Program Files\Microsoft OneDrive\25.056.0324.0003\OneDriveUpdaterService.exe [3892568 2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
R2 SECOMNService; C:\WINDOWS\System32\DriverStore\FileRepository\seapo64.inf_amd64_deaeb20891c6fa3a\SECOMN64.exe [1087496 2024-07-08] (Microsoft Windows Hardware Compatibility Publisher -> Sonitude, Inc.)
R2 SecurityUpdateService; C:\Program Files\HP\Security Update Service\4.4.24.3257\SecurityUpdateService.exe [5608200 2025-03-30] (Bromium UK Limited -> HP)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [559320 2025-04-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\NisSrv.exe [4538400 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MsMpEng.exe [278320 2025-04-10] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 HP Comm Recover; "C:\Program Files\HPCommRecovery\HPCommRecovery.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 amdfendrmgr; C:\WINDOWS\System32\DriverStore\FileRepository\amdfendr.inf_amd64_5f2cd636dbc40dd2\amdfendrmgr.sys [25672 2024-04-23] (Microsoft Windows Hardware Compatibility Publisher -> Advanced Micro Devices, Inc.)
R3 amdwddmg; C:\WINDOWS\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\amdkmdag.sys [106591144 2024-10-21] (Advanced Micro Devices -> Advanced Micro Devices, Inc.)
R3 amdwirelessbutton; C:\WINDOWS\System32\drivers\amdwirelessbutton.sys [39032 2024-03-27] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc)
R0 BrCow_4_4_24_3257; C:\WINDOWS\System32\DRIVERS\BrCow_4_4_24_3257.sys [71120 2025-03-30] (Bromium UK Limited -> HP)
R2 BrFilter_4_4_24_3257; C:\WINDOWS\System32\DRIVERS\BrFilter_4_4_24_3257.sys [238544 2025-03-30] (Bromium UK Limited -> HP)
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [158640 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R0 fse; C:\WINDOWS\System32\drivers\fse.sys [222528 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
R3 HPCustomCapDriver; C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapdriver.inf_amd64_1421dec2010cc057\x64\hpcustomcapdriver.sys [18984 2024-05-07] (Microsoft Windows Hardware Compatibility Publisher -> HP Inc.)
S3 KslD; C:\WINDOWS\System32\drivers\wd\KslD.sys [331168 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S2 l1vhlwf; C:\WINDOWS\System32\drivers\l1vhlwf.sys [144840 2025-04-08] (Microsoft Windows -> Microsoft Corporation)
R2 mbamchameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [234072 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [22120 2025-04-24] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\system32\DRIVERS\farflt11.sys [241112 2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\System32\Drivers\mbam.sys [80448 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [239568 2025-04-24] (Microsoft Windows Hardware Compatibility Publisher -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [189776 2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
R3 MTKBTFilterX64; C:\WINDOWS\System32\DriverStore\FileRepository\mtkbtfilter.inf_amd64_bee0043985624487\mtkbtfilterx.sys [550072 2025-02-15] (MEDIATEK INC. -> MediaTek Inc.)
R3 mtkwlex; C:\WINDOWS\System32\DriverStore\FileRepository\mtkwl6ex.inf_amd64_28fe41aefe6dd8d1\mtkwl6ex.sys [2011304 2025-02-20] (MEDIATEK INC. -> MediaTek Inc.)
R3 rt68cx21; C:\WINDOWS\System32\DriverStore\FileRepository\rt68cx21x64.inf_amd64_d1a236ce16a4bbb1\rt68cx21x64.sys [845256 2024-12-25] (Realtek Semiconductor Corp. -> Realtek)
S0 sselam_4_4_19_828; C:\WINDOWS\System32\DRIVERS\sselam_4_4_19_828.sys [19528 2025-03-30] (Microsoft Windows Early Launch Anti-malware Publisher -> HP)
S3 ThermalFilter; C:\WINDOWS\System32\DriverStore\FileRepository\c_thermal.inf_amd64_732a53ed1662b707\ThermalFilter.sys [75376 2025-04-08] (Microsoft Windows Hardware Abstraction Layer Publisher -> Microsoft Corporation)
R3 uxen; C:\Program Files\HP\Sure Click\bin\uxen.sys [2053056 2025-02-19] (Bromium UK Limited -> HP)
S3 vmbusproxy; C:\WINDOWS\system32\drivers\vmbusproxy.sys [98304 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [20016 2025-04-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [605576 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [100744 2025-04-10] (Microsoft Windows -> Microsoft Corporation)
S3 wini3ctarget; C:\WINDOWS\System32\DriverStore\FileRepository\wini3ctarget.inf_amd64_bdb09ebda2834009\wini3ctarget.sys [75168 2025-04-08] (Microsoft Windows -> Microsoft Corporation)
S3 WSDPrintDevice; C:\WINDOWS\System32\DriverStore\FileRepository\wsdprint.inf_amd64_1f9e32519098c0b6\WSDPrint.sys [57344 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 WSDScan; C:\WINDOWS\System32\DriverStore\FileRepository\sti.inf_amd64_971c769b103df369\WSDScan.sys [61440 2024-12-18] (Microsoft Windows -> Microsoft Corporation)
S3 ax_pvi; \??\C:\Program Files\HP\Sure Click\bin\ax_pvi.sys [X]
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
Error Reading file: "C:\ProgramData\Desktop\MindMaple Lite.lnk"
Error Reading file: "C:\ProgramData\Desktop\desktop.ini"
Error Reading file: "C:\ProgramData\Desktop\AvalonIT Board.lnk"
2025-04-24 18:10 - 2025-04-24 18:10 - 009568256 _____ (Malwarebytes) C:\Users\zskop\Downloads\adwcleaner (2).exe
2025-04-24 18:10 - 2025-04-24 18:10 - 009568256 _____ (Malwarebytes) C:\Users\zskop\Desktop\adwcleaner (2).exe
2025-04-24 17:48 - 2025-04-24 17:48 - 000668026 _____ C:\WINDOWS\system32\perfh005.dat
2025-04-24 17:48 - 2025-04-24 17:48 - 000145048 _____ C:\WINDOWS\system32\perfc005.dat
2025-04-24 17:44 - 2025-04-24 17:44 - 000010372 __RSH C:\ProgramData\ntuser.pol
2025-04-24 17:43 - 2025-04-24 17:43 - 000241112 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt11.sys
2025-04-24 17:43 - 2025-04-24 17:43 - 000189776 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2025-04-24 17:40 - 2025-04-24 17:41 - 009566696 _____ (Malwarebytes) C:\Users\zskop\Desktop\AdwCleaner (1).exe
2025-04-24 17:39 - 2025-04-24 17:39 - 009566696 _____ (Malwarebytes) C:\Users\zskop\Downloads\AdwCleaner (1).exe
2025-04-24 17:03 - 2025-04-24 19:04 - 000000000 ____D C:\Users\zskop\AppData\Local\Malwarebytes
2025-04-24 17:03 - 2025-04-24 17:03 - 000002101 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2025-04-24 17:02 - 2025-04-24 17:02 - 000000000 ____D C:\ProgramData\Malwarebytes
2025-04-24 17:02 - 2025-04-24 17:02 - 000000000 ____D C:\Program Files\Malwarebytes
2025-04-24 17:01 - 2025-04-24 17:01 - 002834160 _____ (Malwarebytes) C:\Users\zskop\Downloads\MBSetup.exe
2025-04-24 16:56 - 2025-04-24 16:58 - 000000000 ____D C:\AdwCleaner
2025-04-24 16:56 - 2025-04-24 16:56 - 009568256 _____ (Malwarebytes) C:\Users\zskop\Downloads\adwcleaner.exe
2025-04-24 13:14 - 2025-04-24 13:15 - 000022773 _____ C:\Users\zskop\Downloads\Addition.txt
2025-04-24 13:08 - 2025-04-24 21:11 - 000026845 _____ C:\Users\zskop\Downloads\FRST.txt
2025-04-24 13:08 - 2025-04-24 21:11 - 000000000 ____D C:\FRST
2025-04-24 13:07 - 2025-04-24 13:08 - 002405376 _____ (Farbar) C:\Users\zskop\Downloads\FRST64 (1).exe
2025-04-24 13:07 - 2025-04-24 13:07 - 002097664 _____ (Farbar) C:\Users\zskop\Downloads\Nepotvrdené 663862.crdownload
2025-04-24 13:06 - 2025-04-24 13:06 - 002405376 _____ (Farbar) C:\Users\zskop\Downloads\Nepotvrdené 30894.crdownload
2025-04-24 10:47 - 2025-04-24 10:48 - 000000000 ____D C:\Users\zskop\Desktop\Záloha pracovná plocha
2025-04-23 21:22 - 2025-04-23 21:22 - 000217724 _____ C:\Users\zskop\Downloads\Spoločenstvo lúk - previerka.pdf
2025-04-22 21:58 - 2025-04-22 21:58 - 000589258 _____ C:\Users\zskop\Downloads\Správanie sa telies v kvapalinách s rôznou hustotou.pptx
2025-04-22 21:56 - 2025-04-22 21:56 - 001531926 _____ C:\Users\zskop\Downloads\Správanie telies v kvapalinách s rôznou hustotou.pptx.pptx
2025-04-22 21:53 - 2025-04-22 21:54 - 154567658 _____ C:\Users\zskop\Downloads\ARCHIMEDOV ZÁKON V PRAXI.mp4
2025-04-22 21:51 - 2025-04-22 21:51 - 001014272 _____ C:\Users\zskop\Downloads\Vplyv hmotnosti, objemu a tvaru telies na ich správanie vo vode.ppt
2025-04-22 21:50 - 2025-04-22 21:50 - 001930752 _____ C:\Users\zskop\Downloads\Vplyv objemu a tvaru telies na ich spravanie vo vode.ppt
2025-04-16 21:57 - 2025-04-16 21:57 - 000617928 _____ C:\Users\zskop\Downloads\8. ročník - Biológia.pdf
2025-04-16 20:48 - 2025-03-30 16:20 - 000238544 _____ (HP) C:\WINDOWS\system32\Drivers\BrFilter_4_4_24_3257.sys
2025-04-16 20:48 - 2025-03-30 16:20 - 000071120 _____ (HP) C:\WINDOWS\system32\Drivers\BrCow_4_4_24_3257.sys
2025-04-16 15:47 - 2025-04-16 15:47 - 041457429 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri (1).pptx.pptx
2025-04-14 21:47 - 2025-04-14 21:47 - 002294511 _____ C:\Users\zskop\Downloads\Šifra - písmená.zip
2025-04-14 21:37 - 2025-04-14 21:37 - 000238277 _____ C:\Users\zskop\Downloads\Meranie vlastného výkonu.pdf
2025-04-08 23:32 - 2025-04-08 23:32 - 000000000 ____D C:\WINDOWS\system32\AccountHealthAssets
2025-04-08 23:32 - 2025-04-08 23:32 - 000000000 ____D C:\inetpub
2025-04-08 21:24 - 2025-04-22 07:57 - 000000000 ____D C:\WINDOWS\CbsTemp
2025-04-08 20:35 - 2025-04-08 20:35 - 000029042 _____ C:\WINDOWS\SysWOW64\IntegratedServicesRegionPolicySet.json
2025-04-08 20:35 - 2025-04-08 20:35 - 000029042 _____ C:\WINDOWS\system32\IntegratedServicesRegionPolicySet.json
2025-04-08 12:19 - 2025-04-08 12:19 - 000000710 _____ C:\Users\zskop\Documents\Zachránený dokument 1.txt
2025-04-07 09:11 - 2025-04-07 09:11 - 013654769 _____ C:\Users\zskop\Downloads\Fascinujuci-svet-dinosaurov.pptx.pdf
2025-04-06 21:41 - 2025-04-06 21:41 - 001566720 _____ C:\Users\zskop\Downloads\Bunková stavba organizmov.ppt
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETFC2.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF83.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF43.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETF04.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETEB5.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETE37.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETDF7.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD68.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD48.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETD09.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETCBA.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETC4A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETC2A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB9B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB7B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETB4B.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETAAE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETA8E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SETA4E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET64F.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET5F0.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET5A1.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET571.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET532.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET511.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET4D2.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET483.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET434.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET349E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET30B5.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2FE9.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2FC9.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET2F99.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET197A.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET18FB.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET18AC.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET16E6.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET1697.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET13C7.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET12BC.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET127D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET124D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET121D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET11CE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET118D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET116D.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET111E.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET10DE.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET10AF.tmp
2025-04-06 21:34 - 2025-04-06 21:34 - 000000000 _____ C:\WINDOWS\system32\SET106F.tmp
2025-04-06 21:33 - 2024-10-21 08:54 - 000737704 _____ C:\WINDOWS\SysWOW64\vulkaninfo-1-999-0-0-0.exe
2025-04-06 21:33 - 2024-10-21 08:54 - 000737704 _____ C:\WINDOWS\SysWOW64\vulkaninfo.exe
2025-04-06 21:33 - 2024-10-21 08:54 - 000668008 _____ C:\WINDOWS\SysWOW64\vulkan-1-999-0-0-0.dll
2025-04-06 21:33 - 2024-10-21 08:54 - 000149392 _____ C:\WINDOWS\SysWOW64\mantleaxl32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 002100160 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\atiadlxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 001617832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxy.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 001617832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\atiadlxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000978344 _____ (AMD) C:\WINDOWS\system32\atieclxx.exe
2025-04-06 21:33 - 2024-10-21 08:53 - 000464304 _____ C:\WINDOWS\SysWOW64\GameManager32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000406440 _____ C:\WINDOWS\SysWOW64\atieah32.exe
2025-04-06 21:33 - 2024-10-21 08:53 - 000229296 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atigktxx.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000175072 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\aticfx32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000165784 _____ C:\WINDOWS\SysWOW64\mantle32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000148904 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atisamu32.dll
2025-04-06 21:33 - 2024-10-21 08:53 - 000142760 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amfrt64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 004179880 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdadlx32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 002245552 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdsasrv64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 001074800 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdsacli32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000771496 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdlvr32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000678832 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\Rapidfire.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000434088 _____ C:\WINDOWS\SysWOW64\amdgfxinfo32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000232808 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\system32\amdihk64.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000187976 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amdihk32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000118696 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\amfrt32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000115136 _____ C:\WINDOWS\SysWOW64\amdxc32.dll
2025-04-06 21:33 - 2024-10-21 08:52 - 000048560 _____ (Advanced Micro Devices, Inc.) C:\WINDOWS\SysWOW64\RapidFireServer.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 088606656 _____ C:\WINDOWS\SysWOW64\amd_comgr32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 001412088 _____ (AMD) C:\WINDOWS\SysWOW64\amf-mft-mjpeg-decoder32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000152616 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdave32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000138608 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\amdpcom32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000138600 _____ (Advanced Micro Devices, Inc. ) C:\WINDOWS\SysWOW64\atimpc32.dll
2025-04-06 21:33 - 2024-10-21 08:51 - 000131192 _____ C:\WINDOWS\SysWOW64\atidxx32.dll
2025-04-06 21:04 - 2025-04-06 21:04 - 000124925 _____ C:\Users\zskop\Downloads\Magnetické pole cievky s prúdom (1).pptx
2025-04-06 21:01 - 2025-04-06 21:01 - 015419419 _____ C:\Users\zskop\Downloads\2.12 Magnetické pole v okolí vodiča s prúdom. Magnetické pole cievky s prúdom.pptx
2025-04-06 21:00 - 2025-04-06 21:00 - 001490300 _____ C:\Users\zskop\Downloads\Magnetické pole cievky s prúdom.pptx
2025-04-06 20:58 - 2025-04-06 20:58 - 001220756 _____ C:\Users\zskop\Downloads\Simulácia mag. poľa v okolí magnet, cievky s prúdom... (1).jar
2025-04-06 20:58 - 2025-04-06 20:58 - 000155156 _____ C:\Users\zskop\Downloads\cievka v poli.pptx.pptx
2025-04-06 20:57 - 2025-04-06 20:57 - 001220756 _____ C:\Users\zskop\Downloads\Simulácia mag. poľa v okolí magnet, cievky s prúdom....jar
2025-04-06 20:55 - 2025-04-06 20:55 - 001534976 _____ C:\Users\zskop\Downloads\Magnetické pole v okolí vodiča s prúdom.ppt
2025-04-06 20:54 - 2025-04-06 20:54 - 000455680 _____ C:\Users\zskop\Downloads\Magnetické pole elektrického prúdu.ppt.ppt
2025-04-04 09:26 - 2025-04-04 09:26 - 014772973 _____ C:\Users\zskop\Downloads\SPOLOČENSTVO LÚK.pptx
2025-04-04 09:24 - 2025-04-04 09:24 - 004696415 _____ C:\Users\zskop\Downloads\RASTLINY SPOLOČENSTVA LÚK - 1.pptx
2025-04-04 08:05 - 2025-04-04 08:05 - 013068666 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri (1).pptx
2025-04-03 18:27 - 2025-04-03 18:27 - 012080271 _____ C:\Users\zskop\Downloads\Fascinujuci-svet-dinosaurov.pptx
2025-04-03 18:20 - 2025-04-03 18:20 - 013068666 _____ C:\Users\zskop\Downloads\Svet-Dinosaurov-Fascinujuci-Prehistoricki-Obri.pptx
2025-04-02 20:55 - 2025-04-02 20:55 - 000573644 _____ C:\Users\zskop\Downloads\OPAKOVANIE - LESNÉ SPOLOČENSTVO - SK. B.pdf
2025-04-02 20:52 - 2025-04-02 20:52 - 003085937 _____ C:\Users\zskop\Downloads\Prírodoveda4- PU str. 68-69 Lesné spoločenstvo.pptx
2025-04-02 20:52 - 2025-04-02 20:52 - 000116602 _____ C:\Users\zskop\Downloads\PRI 4.roč._ Malá písomka Medveď a buk Pravda-nepravda.pdf
2025-04-02 20:48 - 2025-04-02 20:48 - 000629027 _____ C:\Users\zskop\Downloads\Prírodné spoločenstvá.pdf
2025-04-01 13:10 - 2025-04-01 13:10 - 004191468 _____ C:\Users\zskop\Downloads\Biela ružová zelená Kvetinový Deň matiek Príspevok na Instagram.pdf
2025-03-27 21:23 - 2025-03-27 21:23 - 000463994 _____ C:\Users\zskop\Downloads\lesné spoločenstvo - testík.pdf
2025-03-27 21:22 - 2025-03-27 21:22 - 000000066 _____ C:\Users\zskop\Downloads\Nepotvrdené 181735.crdownload
2025-03-27 21:04 - 2025-03-27 21:04 - 000193419 _____ C:\Users\zskop\Downloads\TEST-MAT-2.pdf
2025-03-27 21:03 - 2025-03-27 21:03 - 000228682 _____ C:\Users\zskop\Downloads\TEST-SJL1.pdf
2025-03-26 20:47 - 2025-03-26 20:47 - 003097088 _____ C:\Users\zskop\Downloads\hustota-kvapalin.ppt.ppt
2025-03-26 20:44 - 2025-03-26 20:44 - 001616146 _____ C:\Users\zskop\Downloads\2.4 Hustota kvapalín (2).pptx
2025-03-26 20:43 - 2025-03-26 20:43 - 001616146 _____ C:\Users\zskop\Downloads\2.4 Hustota kvapalín.pptx (1).pptx
2025-03-26 20:31 - 2025-03-26 20:32 - 316727753 _____ C:\Users\zskop\Downloads\Lesné spoločenstvo - prezentácia.pdf
2025-03-25 22:03 - 2025-03-25 22:03 - 000395199 _____ C:\Users\zskop\Downloads\PDA4 Lesné spoločenstvo.pdf
2025-03-25 22:02 - 2025-03-25 22:02 - 003711539 _____ C:\Users\zskop\Downloads\Rastliny lesného spoločenstva.pptx
2025-03-25 22:01 - 2025-03-25 22:01 - 000116602 _____ C:\Users\zskop\Downloads\PRÍ 4.roč. Päťminútovka Lesné spoločenstvo.pdf
2025-03-25 21:58 - 2025-03-25 21:58 - 000072379 _____ C:\Users\zskop\Downloads\Rastliny lesného spoločenstva.pdf
2025-03-25 21:53 - 2025-03-25 21:53 - 006255616 _____ C:\Users\zskop\Downloads\SLNKO.ppt
2025-03-25 21:51 - 2025-03-25 21:51 - 000049720 _____ C:\Users\zskop\Downloads\Test - pohyb a sila.htm
2025-03-25 21:47 - 2025-03-25 21:47 - 007488156 _____ C:\Users\zskop\Downloads\rýchlosť.pptx
2025-03-25 21:29 - 2025-03-25 21:29 - 000151785 _____ C:\Users\zskop\Downloads\cestovný príkaz tlačivo (1).xlsx
2025-03-25 13:01 - 2025-03-25 13:01 - 000151785 _____ C:\Users\zskop\Downloads\cestovný príkaz tlačivo.xlsx
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2025-04-24 21:11 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemTemp
2025-04-24 21:09 - 2024-12-18 04:26 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2025-04-24 20:37 - 2024-04-01 09:26 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2025-04-24 17:48 - 2024-12-18 04:35 - 001603790 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2025-04-24 17:48 - 2024-04-01 09:24 - 000000000 ____D C:\WINDOWS\INF
2025-04-24 17:44 - 2024-04-01 09:26 - 000000000 ___HD C:\Program Files\WindowsApps
2025-04-24 17:44 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\AppReadiness
2025-04-24 17:43 - 2024-12-18 04:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2025-04-24 17:43 - 2024-12-18 04:29 - 000003212 _____ C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
2025-04-24 17:43 - 2024-12-18 04:27 - 000000000 ____D C:\Users\zskop
2025-04-24 17:43 - 2024-12-18 04:26 - 000001623 _____ C:\WINDOWS\system32\config\VSMIDK
2025-04-24 17:43 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ServiceState
2025-04-24 17:43 - 2024-04-01 09:21 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2025-04-24 17:43 - 2023-05-15 13:29 - 000012288 ___SH C:\DumpStack.log.tmp
2025-04-24 17:02 - 2024-04-01 09:26 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2025-04-24 16:58 - 2024-03-04 20:53 - 000000000 ____D C:\Users\zskop\AppData\Local\D3DSCache
2025-04-24 16:58 - 2023-06-01 03:27 - 000000000 _RSHD C:\hp
2025-04-24 16:58 - 2023-05-15 13:36 - 000000000 ____D C:\ProgramData\HP
2025-04-24 16:58 - 2023-05-15 13:36 - 000000000 ____D C:\ProgramData\Hewlett-Packard
2025-04-24 16:58 - 2023-05-15 13:36 - 000000000 ____D C:\Program Files (x86)\HP
2025-04-24 12:45 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecurityHealth
2025-04-24 12:42 - 2023-07-29 22:15 - 000000000 ____D C:\ProgramData\Bromium
2025-04-24 12:35 - 2023-07-29 22:10 - 000000000 ____D C:\Program Files\AMD
2025-04-24 12:34 - 2024-03-12 16:11 - 000000000 ____D C:\Program Files\Microsoft OneDrive
2025-04-24 09:42 - 2024-03-04 20:50 - 000000000 ____D C:\Users\zskop\AppData\Local\Packages
2025-04-23 21:51 - 2024-03-04 21:26 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Word
2025-04-23 21:32 - 2024-03-04 21:27 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Excel
2025-04-23 20:42 - 2025-03-18 05:32 - 000378432 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingservicesproxy_8.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 002901544 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgameruntime.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000796224 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameplatformservices.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000267840 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamelaunchhelper.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000243240 _____ (Microsoft Corporation) C:\WINDOWS\system32\gameconfighelper.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000153152 _____ (Microsoft Corporation) C:\WINDOWS\system32\gamingtcuihelpers.dll
2025-04-23 20:42 - 2024-06-10 07:31 - 000124480 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamehelper.exe
2025-04-23 20:42 - 2024-06-10 07:31 - 000075304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xgamecontrol.exe
2025-04-22 07:48 - 2025-02-07 10:14 - 000003546 _____ C:\WINDOWS\system32\Tasks\OneDrive Startup Task-S-1-5-21-2459763727-713270161-2395763681-1001
2025-04-22 07:48 - 2024-12-18 04:30 - 000003592 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-2459763727-713270161-2395763681-1001
2025-04-22 07:48 - 2024-12-18 04:30 - 000003194 _____ C:\WINDOWS\system32\Tasks\OneDrive Per-Machine Standalone Update Task
2025-04-22 07:48 - 2024-03-04 21:26 - 000002128 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2025-04-22 07:44 - 2023-05-15 13:29 - 000002452 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2025-04-16 20:48 - 2023-07-29 22:15 - 000006571 _____ C:\WINDOWS\SysWOW64\InstallUtil.InstallLog
2025-04-16 20:31 - 2023-05-15 13:36 - 000000000 ____D C:\Program Files\HP
2025-04-10 10:42 - 2023-05-15 13:29 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2025-04-10 06:06 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioDatabase
2025-04-10 02:03 - 2024-03-14 13:07 - 000000000 ____D C:\Users\zskop\AppData\Local\CrashDumps
2025-04-08 23:56 - 2024-03-04 21:29 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\PowerPoint
2025-04-08 23:52 - 2024-12-18 04:26 - 000622176 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\WINDOWS\InboxApps
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Photo Viewer
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2025-04-08 23:32 - 2024-04-01 18:31 - 000000000 ____D C:\Program Files (x86)\Windows Photo Viewer
2025-04-08 23:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\OpenSSH
2025-04-08 23:32 - 2024-04-01 18:30 - 000000000 ____D C:\WINDOWS\system32\Microsoft-Edge-WebView
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\SysWOW64\F12
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\UNP
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___SD C:\WINDOWS\system32\F12
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\UUS
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\WinMetadata
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\setup
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemResources
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\SystemApps
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinMetadata
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\WinBioPlugIns
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\ShellExperiences
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Sgrm
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\setup
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\SecureBootUpdates
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\PerceptionSimulation
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\oobe
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\HealthAttestationClient
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\Dism
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\system32\appraiser
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellExperiences
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\ShellComponents
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\WINDOWS\bcastdvr
2025-04-08 23:32 - 2024-04-01 09:26 - 000000000 ____D C:\Program Files\Common Files\System
2025-04-08 23:32 - 2024-04-01 09:21 - 000000000 ____D C:\WINDOWS\servicing
2025-04-08 20:34 - 2024-12-18 04:30 - 003352064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\PrintConfig.dll
2025-04-06 20:40 - 2024-12-18 04:30 - 000003632 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2025-04-06 20:40 - 2024-12-18 04:30 - 000003508 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2025-03-31 00:03 - 2024-12-13 11:02 - 000019528 _____ (HP) C:\WINDOWS\system32\Drivers\sselam_4_4_19_828.sys
2025-03-27 17:15 - 2024-03-04 20:54 - 000000000 ____D C:\Users\zskop\AppData\Roaming\hpqLog
2025-03-25 09:35 - 2024-03-04 21:26 - 000000000 ____D C:\Users\zskop\AppData\Roaming\Microsoft\Office
2025-03-25 09:21 - 2024-03-12 16:55 - 000000000 ____D C:\WINDOWS\Firmware
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
ADDITION
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 23-04-2025
Ran by ZSkopcany (24-04-2025 21:13:50)
Running from C:\Users\zskop\Downloads
Microsoft Windows 11 Pro Education Version 24H2 26100.3775 (X64) (2024-12-18 02:30:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-2459763727-713270161-2395763681-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-2459763727-713270161-2395763681-503 - Limited - Disabled)
Guest (S-1-5-21-2459763727-713270161-2395763681-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2459763727-713270161-2395763681-504 - Limited - Disabled)
ZSkopcany (S-1-5-21-2459763727-713270161-2395763681-1001 - Administrator - Enabled) => C:\Users\zskop
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Malwarebytes (Enabled - Up to date) {0D452135-A081-B000-D6B6-132E52638543}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.20.44.10 - Advanced Micro Devices, Inc.)
AvalonIT Board 4.0.1 (HKLM-x32\...\AvalonIT Board) (Version: - )
HP Documentation (HKLM\...\HP_Documentation) (Version: 1.0.0.1 - HP Inc.)
HP Notifications (HKLM-x32\...\{84937F28-9CB4-49E7-A2CF-E32D97E6DAE6}) (Version: 1.1.28.1 - HP)
HP Security Update Service (HKLM\...\{BA61DF3F-BE8F-4785-AC56-D30049E35A7D}) (Version: 4.4.24.3257 - HP Inc.)
HP Sure Recover (HKLM\...\{7DC79887-72FA-4688-BBB9-2968BA80F61B}) (Version: 10.1.26.255 - HP Inc.)
HP Sure Run Module (HKLM\...\{3A089261-A5F9-4312-ABF0-9564F47A5AB8}) (Version: 5.0.5.81 - HP Inc.)
HP System Default Settings (HKLM-x32\...\{29C20505-3240-4B32-93B7-09BECA8CEF36}) (Version: 1.4.16.17 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{5C1C084D-1DB7-4CAB-840F-E5DD386C2A50}) (Version: 1.4.16.22 - HP Inc.) Hidden
HP System Default Settings (HKLM-x32\...\{E551DF5A-C791-4466-8049-FEF18C68C2B6}) (Version: 1.4.16.10 - HP Inc.) Hidden
HP Wolf Security - Console (HKLM\...\{8D6BF9FF-C0ED-49E6-970D-9EA7CAB3C7C0}) (Version: 11.1.3.817 - HP Inc.)
HP Wolf Security (HKLM\...\{408F5C0F-0DC9-11F0-A6D9-000C29910851}) (Version: 4.4.24.3257 - HP Inc.)
HP Wolf Security Application Support for Chrome 134.0.6998.178 (HKLM\...\{1DE23EA0-7E93-4166-AADE-55B9F23B7D43}) (Version: 4.4.24.3261 - HP Inc.) Hidden
HP Wolf Security Application Support for Sure Sense (HKLM\...\{2AF2F895-6B1E-48AC-83FB-15CD4DA7A47F}) (Version: 4.4.24.3257 - HP Inc.) Hidden
ICS (HKLM-x32\...\{5CD25FCD-D218-46D0-B405-E5A488969BDF}) (Version: 3.1.1.10 - HP Inc.)
Malwarebytes version 5.2.11.183 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 5.2.11.183 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 135.0.3179.85 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 135.0.3179.85 - Microsoft Corporation) Hidden
Microsoft Office 2019 Professional Plus - sk-sk (HKLM\...\ProPlus2019Retail - sk-sk) (Version: 16.0.18227.20162 - Microsoft Corporation)
Microsoft OneDrive (HKLM\...\OneDriveSetup.exe) (Version: 25.056.0324.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.25.06502 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
MindMaple Lite 1.71 (HKLM-x32\...\MindMaple_is1) (Version: v1.71 - MindMaple Inc.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20082 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.18227.20162 - Microsoft Corporation) Hidden
Windows Driver Package - HP Inc. BrCow_4_4_24_3257 ActivityMonitor (03/30/2025 4.4.24.3257) (HKLM\...\10A61BE7E9076E790D19ABF2124E363C8CEE32A8) (Version: 03/30/2025 4.4.24.3257 - HP Inc.) Hidden
Windows Driver Package - HP Inc. BrFilter_4_4_24_3257 ActivityMonitor (03/30/2025 4.4.24.3257) (HKLM\...\5C9C494F96ED5A5E722956420FBF6000FC17D08E) (Version: 03/30/2025 4.4.24.3257 - HP Inc.) Hidden
Windows Driver Package - HP Inc. sselam_4_4_19_828 AntiVirus (08/09/2024 4.4.19.828) (HKLM\...\FB93285F183DE6985F684AEE5F637905935D05BF) (Version: 08/09/2024 4.4.19.828 - HP Inc.) Hidden
Zoom Workplace (HKU\S-1-5-21-2459763727-713270161-2395763681-1001\...\ZoomUMX) (Version: 6.4.0 (62047) - Zoom Communications, Inc.)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\AdvancedMicroDevicesInc-2.AMDRadeonSoftware_10.23.19010.0_x64__0a9344xs7nr4m [2024-11-11] (Advanced Micro Devices Inc.) [Startup Task]
Balík pre prostredie funkcií Windowsu -> C:\WINDOWS\SystemApps\SxS\MicrosoftWindows.55182690.Taskbar_cw5n1h2txyewy [2025-04-08] (Microsoft Windows)
HP Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.HPAudioControl_2.51.331.0_x64__dt26b99r8h8gj [2024-09-27] (Realtek Semiconductor Corp)
HP PC Hardware Diagnostics Windows -> C:\Program Files\WindowsApps\AD2F1837.HPPCHardwareDiagnosticsWindows_2.7.2.0_x64__v10z8vjag6ke6 [2025-03-13] (HP Inc.)
HP Power Manager -> C:\Program Files\WindowsApps\AD2F1837.HPPowerManager_3.1.3.0_x64__v10z8vjag6ke6 [2024-03-04] (HP Inc.)
HP Privacy Settings -> C:\Program Files\WindowsApps\AD2F1837.HPPrivacySettings_1.3.7.0_x64__v10z8vjag6ke6 [2024-09-27] (HP Inc.)
HP Support Assistant -> C:\Program Files\WindowsApps\AD2F1837.HPSupportAssistant_9.43.12.0_x64__v10z8vjag6ke6 [2025-04-01] (HP Inc.)
HP System Information -> C:\Program Files\WindowsApps\AD2F1837.HPSystemInformation_8.10.44.0_x64__v10z8vjag6ke6 [2024-12-04] (HP Inc.)
Kahoot! Create -> C:\Program Files\WindowsApps\37790ProgressiveAppsAuto-.KahootCreator_2.0.0.0_neutral__khvkecjt9945r [2025-02-20] (Kahoot! AS)
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2024-03-13] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_55.20331.573.0_x64__8wekyb3d8bbwe [2025-04-16] (Microsoft Corporation)
Microsoft.StartExperiencesApp -> C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.296.0_x64__8wekyb3d8bbwe [2025-03-30] (Microsoft Corporation)
myHP -> C:\Program Files\WindowsApps\AD2F1837.myHP_43.52513.1706.0_x64__v10z8vjag6ke6 [2025-04-03] (HP Inc.) [Startup Task]
WinAppRuntime.Main.1.5 -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Main.1.5_5001.373.1736.0_x64__8wekyb3d8bbwe [2025-01-23] (Microsoft Corp.)
WinAppRuntime.Singleton -> C:\Program Files\WindowsApps\MicrosoftCorporationII.WinAppRuntime.Singleton_7000.456.1632.0_x64__8wekyb3d8bbwe [2025-04-10] (Microsoft Corp.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [ BromiumOverlay_4_4_24_3257] -> {6CDCC3E8-D8FF-46EF-B8BE-63A0593E7798} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ShellIconOverlayIdentifiers-x32: [ BromiumOverlay_4_4_24_3257] -> {6CDCC3E8-D8FF-46EF-B8BE-63A0593E7798} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers1: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers2: [Bromium TrustDrive Context Menu_4_4_24_3257] -> {5F4F5529-DD35-4B9F-812F-A5B0B3FD5D44} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
ContextMenuHandlers3: [SureSense_ScanFile_4_4_24_3257] -> {1003406D-B16C-4A93-B2F0-13CCAAD05934} => C:\Program Files\HP\Sure Click\ApplicationSupport\sure_sense\4.4.24.3257\SureSenseShellExt.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers3: [vSentry_TrustFile_4_4_24_3257] -> {833378FE-1986-46BA-9B4E-F8F1D9B094D6} => C:\Program Files\HP\Sure Click\4.4.24.3257\servers\HostShellExtension.dll [2025-03-30] (Bromium UK Limited -> HP)
ContextMenuHandlers4: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers5: [ FileSyncEx] -> {CB3D0F55-BC2C-4C1A-85ED-23ED75B5106B} => C:\Program Files\Microsoft OneDrive\25.056.0324.0003\FileSyncShell64.dll [2025-04-22] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2025-04-24] (Malwarebytes Inc. -> Malwarebytes)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Amazon.com.lnk -> C:\Program Files (x86)\Online Services\Amazon\WizLink.exe () -> hxxp://www.amazon.com/gp/ubp/oneButton/config/ ... inesspc-hp
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\zskop\Desktop\AdwCleaner (1).exe:MBAM.Zone.Identifier [214]
AlternateDataStreams: C:\Users\zskop\Desktop\adwcleaner (2).exe:MBAM.Zone.Identifier [284]
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) =============
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2024-12-17] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2022-05-07 07:24 - 2022-05-07 07:22 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
2024-08-26 12:21 - 2024-09-04 08:10 - 000000515 _____ C:\WINDOWS\system32\drivers\etc\hosts.ics
10 25 47 926
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-2459763727-713270161-2395763681-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\windows\img19.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
Network Binding:
=============
Sieťové pripojenie Bluetooth: Bluetooth Device (Personal Area Network) -> bthpan.sys
Wi-Fi: MediaTek Wi-Fi 6E MT7922 (RZ616) 160MHz PCIe Adapter -> mtkwl6ex.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt68cx21x64.sys
vms_vsf: Hyper-V Virtual Switch Extension Filter
ms_l1vhlwf: Nested Network Virtualization
vms_vsp: Hyper-V Virtual Switch Extension Protocol
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{C67A519A-5C1D-4523-91B7-F91E7C367FD4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{69A1970A-9753-44DC-9EA8-924CBC424716}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72E51F05-6EE8-46D3-844A-496446AF4456}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24215.1105.3082.1600_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{0BE92A41-48F0-4EA5-9795-C7E1C27DBBD8}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{85D2A575-9308-4488-B3D0-42E5E21F9BBB}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2DDA8291-5E87-4BF6-B3BA-E79017C05C31}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{8BE654F3-AC24-487B-994B-782C686FD0A3}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-V2] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [FPS-SpoolWorker-In-TCP-NoScope] => (Allow) C:\WINDOWS\system32\spoolsvworker.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{F900CBCF-E1BF-4A03-A42E-BCC75520B4A6}] => (Allow) C:\Program Files\HP\Sure Click\ApplicationSupport\chrome\4.4.24.3261\brchromium\134.0.6998.178\BrChrome.exe (Bromium UK Limited -> HP)
FirewallRules: [{1767B235-58BB-4358-BB8C-1BBFF8A424A1}] => (Allow) C:\Program Files\HP\Sure Click\4.4.24.3257\servers\manifests\chrome\brchromium\132.0.6834.210\BrChrome.exe (Bromium UK Limited -> HP)
FirewallRules: [{50A43E6D-E4CC-464D-BE39-A7F49B1623BE}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\135.0.3179.85\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4AD3D27A-E5E2-46C4-9652-8F4F897725E3}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2ED3CA2C-9227-4365-83FA-83A6CDE52C3D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_25072.1611.3570.1995_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
==================== Restore Points =========================
22-04-2025 07:49:01 Windows Update
22-04-2025 07:49:03 Windows Update
24-04-2025 12:35:30 Grab_MSIExecute
24-04-2025 16:57:24 AdwCleaner_BeforeCleaning_24/04/2025_16:57:24
24-04-2025 17:41:56 AdwCleaner_BeforeCleaning_24/04/2025_17:41:55
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (04/24/2025 05:46:51 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/24/2025 01:46:01 PM) (Source: Microsoft-Windows-AppModel-State) (EventID: 10) (User: ZSKopcany)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe-2147023600
Error: (04/24/2025 12:38:16 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/24/2025 12:35:37 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: SCEP Certificate enrollment initialization for WORKGROUP\ZSKOPCANY$ via https://NTC-KeyId-72b03d712281953463bc7 ... s/Aik/scep failed:
GetCACaps
Method: GET(969ms)
Stage: GetCACaps
The server name or address could not be resolved 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)
Error: (04/23/2025 11:01:44 PM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/22/2025 05:50:58 PM) (Source: Application Error) (EventID: 1000) (User: ZSKopcany)
Description: Názov chybnej aplikácie: Zoom.exe, verzia: 6.4.0.62047, časová značka: 0x67d825e6
Názov modulu s poruchou: atidxx64.dll, verzia: 31.0.21918.3001, časová značka: 0x670cdd83
Kód výnimky: 0xc0000005
Odchýlka poruchy: 0x000000000003ddd8
Id poruchového procesu: 0x1748
Čas spustenia poruchovej aplikácie: 0x1dbb39a2297576b
Cesta k poruchovej aplikácii: C:\Users\zskop\AppData\Roaming\Zoom\bin\Zoom.exe
Cesta k poruchovému modulu: C:\WINDOWS\System32\DriverStore\FileRepository\u0408580.inf_amd64_8c845c7af98953b1\B408487\atidxx64.dll
Id správy: 2bd58fdb-d784-4f74-83ad-35034bb5dff8
Plný názov chybného balíka:
Identifikátor poruchovej aplikácie vzťahujúci sa na balík:
Error: (04/17/2025 11:13:08 AM) (Source: Application) (EventID: 0) (User: )
Description: Event-ID 0
Error: (04/16/2025 08:38:11 PM) (Source: Application Error) (EventID: 1000) (User: NT AUTHORITY)
Description: Názov chybnej aplikácie: BrService.exe, verzia: 4.4.23.316, časová značka: 0x679d16a2
Názov modulu s poruchou: ntdll.dll, verzia: 10.0.26100.3775, časová značka: 0x5e4be250
Kód výnimky: 0xc0000005
Odchýlka poruchy: 0x0000000000040546
Id poruchového procesu: 0x1678
Čas spustenia poruchovej aplikácie: 0x1dba8d0c2d1655b
Cesta k poruchovej aplikácii: c:\Program Files\HP\Sure Click\servers\BrService.exe
Cesta k poruchovému modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
Id správy: d81c7b5a-ad74-4a23-9f0e-963dad184df1
Plný názov chybného balíka:
Identifikátor poruchovej aplikácie vzťahujúci sa na balík:
System errors:
=============
Error: (04/24/2025 05:43:46 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby HP Comm Recover zlyhalo kvôli nasledujúcej chybe:
The system cannot find the file specified.
Error: (04/24/2025 05:43:45 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Spustenie služby l1vhlwf zlyhalo kvôli nasledujúcej chybe:
A hypervisor feature is not available to the user.
Error: (04/24/2025 05:43:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\system32\mtkihvx.dll
Error: (04/24/2025 05:43:04 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Modul WLAN Extensibility Module sa neočakávane zastavil.
Cesta k modulu: C:\WINDOWS\system32\mtkihvx.dll
Error: (04/24/2025 05:43:03 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (04/24/2025 05:43:03 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (04/24/2025 05:43:03 PM) (Source: Microsoft-Windows-DeviceAssociationService) (EventID: 3503) (User: NT AUTHORITY)
Description: Device Association Service detected an endpoint discovery failure.
Error: (04/24/2025 05:42:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba HP System Info HSA Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 2 krát. O 5000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.
Windows Defender:
================
Date: 2025-04-23 22:02:29
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-17 11:55:03
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-16 16:13:23
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-15 20:05:20
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2025-04-14 11:32:33
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
CodeIntegrity:
===============
Date: 2025-04-24 17:51:05
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
Date: 2025-04-24 17:46:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.25030.2-0\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Microsoft signing level requirements.
Date: 2025-04-24 17:45:53
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbamsi64.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: HP V78 Ver. 01.09.00 01/14/2025
Motherboard: HP 8B5C
Processor: AMD Ryzen 3 7330U with Radeon Graphics
Percentage of memory in use: 67%
Total physical RAM: 7489.07 MB
Available physical RAM: 2413.21 MB
Total Virtual: 20801.07 MB
Available Virtual: 12993.81 MB
==================== Drives ================================
Drive c: (Windows ) (Fixed) (Total:237.37 GB) (Free:142.2 GB) (Model: KBG50ZNV256G KIOXIA) (Protected) NTFS
\\?\Volume{022fa154-9f13-416e-8c7c-4544d0c9e643}\ (Windows RE Tools) (Fixed) (Total:0.83 GB) (Free:0.22 GB) NTFS
\\?\Volume{34cd2a02-f7be-45a9-8085-daccd0bc3135}\ (SYSTEM) (Fixed) (Total:0.25 GB) (Free:0.09 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Size: 238.5 GB) (Disk ID: D06C7837)
Partition: GPT.
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakujúce upozornenia na vírus
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\zskop\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe [2119512 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\SETFC2.tmp
C:\WINDOWS\system32\SETF83.tmp
C:\WINDOWS\system32\SETF43.tmp
C:\WINDOWS\system32\SETF04.tmp
C:\WINDOWS\system32\SETEB5.tmp
C:\WINDOWS\system32\SETE37.tmp
C:\WINDOWS\system32\SETDF7.tmp
C:\WINDOWS\system32\SETD68.tmp
C:\WINDOWS\system32\SETD48.tmp
C:\WINDOWS\system32\SETD09.tmp
C:\WINDOWS\system32\SETCBA.tmp
C:\WINDOWS\system32\SETC4A.tmp
C:\WINDOWS\system32\SETC2A.tmp
C:\WINDOWS\system32\SETB9B.tmp
C:\WINDOWS\system32\SETB7B.tmp
C:\WINDOWS\system32\SETB4B.tmp
C:\WINDOWS\system32\SETAAE.tmp
C:\WINDOWS\system32\SETA8E.tmp
C:\WINDOWS\system32\SETA4E.tmp
C:\WINDOWS\system32\SET64F.tmp
C:\WINDOWS\system32\SET5F0.tmp
C:\WINDOWS\system32\SET5A1.tmp
C:\WINDOWS\system32\SET571.tmp
C:\WINDOWS\system32\SET532.tmp
C:\WINDOWS\system32\SET511.tmp
C:\WINDOWS\system32\SET4D2.tmp
C:\WINDOWS\system32\SET483.tmp
C:\WINDOWS\system32\SET434.tmp
C:\WINDOWS\system32\SET349E.tmp
C:\WINDOWS\system32\SET30B5.tmp
C:\WINDOWS\system32\SET2FE9.tmp
C:\WINDOWS\system32\SET2FC9.tmp
C:\WINDOWS\system32\SET2F99.tmp
C:\WINDOWS\system32\SET197A.tmp
C:\WINDOWS\system32\SET18FB.tmp
C:\WINDOWS\system32\SET18AC.tmp
C:\WINDOWS\system32\SET16E6.tmp
C:\WINDOWS\system32\SET1697.tmp
C:\WINDOWS\system32\SET13C7.tmp
C:\WINDOWS\system32\SET12BC.tmp
C:\WINDOWS\system32\SET127D.tmp
C:\WINDOWS\system32\SET124D.tmp
C:\WINDOWS\system32\SET121D.tmp
C:\WINDOWS\system32\SET11CE.tmp
C:\WINDOWS\system32\SET118D.tmp
C:\WINDOWS\system32\SET116D.tmp
C:\WINDOWS\system32\SET111E.tmp
C:\WINDOWS\system32\SET10DE.tmp
C:\WINDOWS\system32\SET10AF.tmp
C:\WINDOWS\system32\SET106F.tmp
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\Users\zskop\Desktop\AdwCleaner (1).exe:MBAM.Zone.Identifier [214]
AlternateDataStreams: C:\Users\zskop\Desktop\adwcleaner (2).exe:MBAM.Zone.Identifier [284]
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakujúce upozornenia na vírus
Fix result of Farbar Recovery Scan Tool (x64) Version: 23-04-2025
Ran by ZSkopcany (24-04-2025 22:28:49) Run:1
Running from C:\Users\zskop\Downloads
Loaded Profiles: ZSkopcany
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe [2119512 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\SETFC2.tmp
C:\WINDOWS\system32\SETF83.tmp
C:\WINDOWS\system32\SETF43.tmp
C:\WINDOWS\system32\SETF04.tmp
C:\WINDOWS\system32\SETEB5.tmp
C:\WINDOWS\system32\SETE37.tmp
C:\WINDOWS\system32\SETDF7.tmp
C:\WINDOWS\system32\SETD68.tmp
C:\WINDOWS\system32\SETD48.tmp
C:\WINDOWS\system32\SETD09.tmp
C:\WINDOWS\system32\SETCBA.tmp
C:\WINDOWS\system32\SETC4A.tmp
C:\WINDOWS\system32\SETC2A.tmp
C:\WINDOWS\system32\SETB9B.tmp
C:\WINDOWS\system32\SETB7B.tmp
C:\WINDOWS\system32\SETB4B.tmp
C:\WINDOWS\system32\SETAAE.tmp
C:\WINDOWS\system32\SETA8E.tmp
C:\WINDOWS\system32\SETA4E.tmp
C:\WINDOWS\system32\SET64F.tmp
C:\WINDOWS\system32\SET5F0.tmp
C:\WINDOWS\system32\SET5A1.tmp
C:\WINDOWS\system32\SET571.tmp
C:\WINDOWS\system32\SET532.tmp
C:\WINDOWS\system32\SET511.tmp
C:\WINDOWS\system32\SET4D2.tmp
C:\WINDOWS\system32\SET483.tmp
C:\WINDOWS\system32\SET434.tmp
C:\WINDOWS\system32\SET349E.tmp
C:\WINDOWS\system32\SET30B5.tmp
C:\WINDOWS\system32\SET2FE9.tmp
C:\WINDOWS\system32\SET2FC9.tmp
C:\WINDOWS\system32\SET2F99.tmp
C:\WINDOWS\system32\SET197A.tmp
C:\WINDOWS\system32\SET18FB.tmp
C:\WINDOWS\system32\SET18AC.tmp
C:\WINDOWS\system32\SET16E6.tmp
C:\WINDOWS\system32\SET1697.tmp
C:\WINDOWS\system32\SET13C7.tmp
C:\WINDOWS\system32\SET12BC.tmp
C:\WINDOWS\system32\SET127D.tmp
C:\WINDOWS\system32\SET124D.tmp
C:\WINDOWS\system32\SET121D.tmp
C:\WINDOWS\system32\SET11CE.tmp
C:\WINDOWS\system32\SET118D.tmp
C:\WINDOWS\system32\SET116D.tmp
C:\WINDOWS\system32\SET111E.tmp
C:\WINDOWS\system32\SET10DE.tmp
C:\WINDOWS\system32\SET10AF.tmp
C:\WINDOWS\system32\SET106F.tmp
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\Users\zskop\Desktop\AdwCleaner (1).exe:MBAM.Zone.Identifier [214]
AlternateDataStreams: C:\Users\zskop\Desktop\adwcleaner (2).exe:MBAM.Zone.Identifier [284]
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RtkAudUService" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\WINDOWS\system32\GroupPolicy\User" Folder move:
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\WINDOWS\system32\SETFC2.tmp => moved successfully
C:\WINDOWS\system32\SETF83.tmp => moved successfully
C:\WINDOWS\system32\SETF43.tmp => moved successfully
C:\WINDOWS\system32\SETF04.tmp => moved successfully
C:\WINDOWS\system32\SETEB5.tmp => moved successfully
C:\WINDOWS\system32\SETE37.tmp => moved successfully
C:\WINDOWS\system32\SETDF7.tmp => moved successfully
C:\WINDOWS\system32\SETD68.tmp => moved successfully
C:\WINDOWS\system32\SETD48.tmp => moved successfully
C:\WINDOWS\system32\SETD09.tmp => moved successfully
C:\WINDOWS\system32\SETCBA.tmp => moved successfully
C:\WINDOWS\system32\SETC4A.tmp => moved successfully
C:\WINDOWS\system32\SETC2A.tmp => moved successfully
C:\WINDOWS\system32\SETB9B.tmp => moved successfully
C:\WINDOWS\system32\SETB7B.tmp => moved successfully
C:\WINDOWS\system32\SETB4B.tmp => moved successfully
C:\WINDOWS\system32\SETAAE.tmp => moved successfully
C:\WINDOWS\system32\SETA8E.tmp => moved successfully
C:\WINDOWS\system32\SETA4E.tmp => moved successfully
C:\WINDOWS\system32\SET64F.tmp => moved successfully
C:\WINDOWS\system32\SET5F0.tmp => moved successfully
C:\WINDOWS\system32\SET5A1.tmp => moved successfully
C:\WINDOWS\system32\SET571.tmp => moved successfully
C:\WINDOWS\system32\SET532.tmp => moved successfully
C:\WINDOWS\system32\SET511.tmp => moved successfully
C:\WINDOWS\system32\SET4D2.tmp => moved successfully
C:\WINDOWS\system32\SET483.tmp => moved successfully
C:\WINDOWS\system32\SET434.tmp => moved successfully
C:\WINDOWS\system32\SET349E.tmp => moved successfully
C:\WINDOWS\system32\SET30B5.tmp => moved successfully
C:\WINDOWS\system32\SET2FE9.tmp => moved successfully
C:\WINDOWS\system32\SET2FC9.tmp => moved successfully
C:\WINDOWS\system32\SET2F99.tmp => moved successfully
C:\WINDOWS\system32\SET197A.tmp => moved successfully
C:\WINDOWS\system32\SET18FB.tmp => moved successfully
C:\WINDOWS\system32\SET18AC.tmp => moved successfully
C:\WINDOWS\system32\SET16E6.tmp => moved successfully
C:\WINDOWS\system32\SET1697.tmp => moved successfully
C:\WINDOWS\system32\SET13C7.tmp => moved successfully
C:\WINDOWS\system32\SET12BC.tmp => moved successfully
C:\WINDOWS\system32\SET127D.tmp => moved successfully
C:\WINDOWS\system32\SET124D.tmp => moved successfully
C:\WINDOWS\system32\SET121D.tmp => moved successfully
C:\WINDOWS\system32\SET11CE.tmp => moved successfully
C:\WINDOWS\system32\SET118D.tmp => moved successfully
C:\WINDOWS\system32\SET116D.tmp => moved successfully
C:\WINDOWS\system32\SET111E.tmp => moved successfully
C:\WINDOWS\system32\SET10DE.tmp => moved successfully
C:\WINDOWS\system32\SET10AF.tmp => moved successfully
C:\WINDOWS\system32\SET106F.tmp => moved successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
"C:\Users\zskop\Desktop\AdwCleaner (1).exe" => ":MBAM.Zone.Identifier" ADS not found.
"C:\Users\zskop\Desktop\adwcleaner (2).exe" => ":MBAM.Zone.Identifier" ADS not found.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19019361 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 6716 B
Windows/system/drivers => 102107239 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 183759 B
systemprofile32 => 183759 B
LocalService => 199717 B
NetworkService => 275715 B
zskop => 295407536 B
RecycleBin => 89014105 B
EmptyTemp: => 482.9 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-04-2025 22:32:16)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Is moved successfully
==== End of Fixlog 22:32:16 ====
Ran by ZSkopcany (24-04-2025 22:28:49) Run:1
Running from C:\Users\zskop\Downloads
Loaded Profiles: ZSkopcany
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\...\Run: [RtkAudUService] => C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_a42d9de41f05fa49\RtkAudUService64.exe [2119512 2024-07-29] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
GroupPolicy: Restriction - Chrome <==== ATTENTION
GroupPolicy\User: Restriction ? <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Microsoft\Edge: Restriction <==== ATTENTION
Task: {077BA067-7C15-40F0-B22E-C9DC2A54B4A2} - System32\Tasks\Microsoft\Windows\Location\Notifications => %windir%\System32\LocationNotificationWindows.exe (No File)
Task: {F3E6E7ED-A196-4E44-8803-55FAB3AD4E29} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => %systemroot%\system32\MusNotification.exe (No File)
C:\WINDOWS\system32\SETFC2.tmp
C:\WINDOWS\system32\SETF83.tmp
C:\WINDOWS\system32\SETF43.tmp
C:\WINDOWS\system32\SETF04.tmp
C:\WINDOWS\system32\SETEB5.tmp
C:\WINDOWS\system32\SETE37.tmp
C:\WINDOWS\system32\SETDF7.tmp
C:\WINDOWS\system32\SETD68.tmp
C:\WINDOWS\system32\SETD48.tmp
C:\WINDOWS\system32\SETD09.tmp
C:\WINDOWS\system32\SETCBA.tmp
C:\WINDOWS\system32\SETC4A.tmp
C:\WINDOWS\system32\SETC2A.tmp
C:\WINDOWS\system32\SETB9B.tmp
C:\WINDOWS\system32\SETB7B.tmp
C:\WINDOWS\system32\SETB4B.tmp
C:\WINDOWS\system32\SETAAE.tmp
C:\WINDOWS\system32\SETA8E.tmp
C:\WINDOWS\system32\SETA4E.tmp
C:\WINDOWS\system32\SET64F.tmp
C:\WINDOWS\system32\SET5F0.tmp
C:\WINDOWS\system32\SET5A1.tmp
C:\WINDOWS\system32\SET571.tmp
C:\WINDOWS\system32\SET532.tmp
C:\WINDOWS\system32\SET511.tmp
C:\WINDOWS\system32\SET4D2.tmp
C:\WINDOWS\system32\SET483.tmp
C:\WINDOWS\system32\SET434.tmp
C:\WINDOWS\system32\SET349E.tmp
C:\WINDOWS\system32\SET30B5.tmp
C:\WINDOWS\system32\SET2FE9.tmp
C:\WINDOWS\system32\SET2FC9.tmp
C:\WINDOWS\system32\SET2F99.tmp
C:\WINDOWS\system32\SET197A.tmp
C:\WINDOWS\system32\SET18FB.tmp
C:\WINDOWS\system32\SET18AC.tmp
C:\WINDOWS\system32\SET16E6.tmp
C:\WINDOWS\system32\SET1697.tmp
C:\WINDOWS\system32\SET13C7.tmp
C:\WINDOWS\system32\SET12BC.tmp
C:\WINDOWS\system32\SET127D.tmp
C:\WINDOWS\system32\SET124D.tmp
C:\WINDOWS\system32\SET121D.tmp
C:\WINDOWS\system32\SET11CE.tmp
C:\WINDOWS\system32\SET118D.tmp
C:\WINDOWS\system32\SET116D.tmp
C:\WINDOWS\system32\SET111E.tmp
C:\WINDOWS\system32\SET10DE.tmp
C:\WINDOWS\system32\SET10AF.tmp
C:\WINDOWS\system32\SET106F.tmp
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2
AlternateDataStreams: C:\Users\zskop\Desktop\AdwCleaner (1).exe:MBAM.Zone.Identifier [214]
AlternateDataStreams: C:\Users\zskop\Desktop\adwcleaner (2).exe:MBAM.Zone.Identifier [284]
EmptyTemp:
End
*****************
Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\RtkAudUService" => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully
"C:\WINDOWS\system32\GroupPolicy\Machine" Folder move:
C:\WINDOWS\system32\GroupPolicy\Machine => moved successfully
C:\WINDOWS\system32\GroupPolicy\GPT.ini => moved successfully
C:\WINDOWS\SysWOW64\GroupPolicy\GPT.ini => moved successfully
"C:\WINDOWS\system32\GroupPolicy\User" Folder move:
C:\WINDOWS\system32\GroupPolicy\User => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
HKLM\SOFTWARE\Policies\Google => removed successfully
HKLM\SOFTWARE\Policies\Microsoft\Edge => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{077BA067-7C15-40F0-B22E-C9DC2A54B4A2}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\Location\Notifications => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Location\Notifications" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F3E6E7ED-A196-4E44-8803-55FAB3AD4E29}" => removed successfully
C:\WINDOWS\System32\Tasks\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UpdateOrchestrator\USO_UxBroker" => removed successfully
C:\WINDOWS\system32\SETFC2.tmp => moved successfully
C:\WINDOWS\system32\SETF83.tmp => moved successfully
C:\WINDOWS\system32\SETF43.tmp => moved successfully
C:\WINDOWS\system32\SETF04.tmp => moved successfully
C:\WINDOWS\system32\SETEB5.tmp => moved successfully
C:\WINDOWS\system32\SETE37.tmp => moved successfully
C:\WINDOWS\system32\SETDF7.tmp => moved successfully
C:\WINDOWS\system32\SETD68.tmp => moved successfully
C:\WINDOWS\system32\SETD48.tmp => moved successfully
C:\WINDOWS\system32\SETD09.tmp => moved successfully
C:\WINDOWS\system32\SETCBA.tmp => moved successfully
C:\WINDOWS\system32\SETC4A.tmp => moved successfully
C:\WINDOWS\system32\SETC2A.tmp => moved successfully
C:\WINDOWS\system32\SETB9B.tmp => moved successfully
C:\WINDOWS\system32\SETB7B.tmp => moved successfully
C:\WINDOWS\system32\SETB4B.tmp => moved successfully
C:\WINDOWS\system32\SETAAE.tmp => moved successfully
C:\WINDOWS\system32\SETA8E.tmp => moved successfully
C:\WINDOWS\system32\SETA4E.tmp => moved successfully
C:\WINDOWS\system32\SET64F.tmp => moved successfully
C:\WINDOWS\system32\SET5F0.tmp => moved successfully
C:\WINDOWS\system32\SET5A1.tmp => moved successfully
C:\WINDOWS\system32\SET571.tmp => moved successfully
C:\WINDOWS\system32\SET532.tmp => moved successfully
C:\WINDOWS\system32\SET511.tmp => moved successfully
C:\WINDOWS\system32\SET4D2.tmp => moved successfully
C:\WINDOWS\system32\SET483.tmp => moved successfully
C:\WINDOWS\system32\SET434.tmp => moved successfully
C:\WINDOWS\system32\SET349E.tmp => moved successfully
C:\WINDOWS\system32\SET30B5.tmp => moved successfully
C:\WINDOWS\system32\SET2FE9.tmp => moved successfully
C:\WINDOWS\system32\SET2FC9.tmp => moved successfully
C:\WINDOWS\system32\SET2F99.tmp => moved successfully
C:\WINDOWS\system32\SET197A.tmp => moved successfully
C:\WINDOWS\system32\SET18FB.tmp => moved successfully
C:\WINDOWS\system32\SET18AC.tmp => moved successfully
C:\WINDOWS\system32\SET16E6.tmp => moved successfully
C:\WINDOWS\system32\SET1697.tmp => moved successfully
C:\WINDOWS\system32\SET13C7.tmp => moved successfully
C:\WINDOWS\system32\SET12BC.tmp => moved successfully
C:\WINDOWS\system32\SET127D.tmp => moved successfully
C:\WINDOWS\system32\SET124D.tmp => moved successfully
C:\WINDOWS\system32\SET121D.tmp => moved successfully
C:\WINDOWS\system32\SET11CE.tmp => moved successfully
C:\WINDOWS\system32\SET118D.tmp => moved successfully
C:\WINDOWS\system32\SET116D.tmp => moved successfully
C:\WINDOWS\system32\SET111E.tmp => moved successfully
C:\WINDOWS\system32\SET10DE.tmp => moved successfully
C:\WINDOWS\system32\SET10AF.tmp => moved successfully
C:\WINDOWS\system32\SET106F.tmp => moved successfully
Could not move "C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2" => Scheduled to move on reboot.
"C:\Users\zskop\Desktop\AdwCleaner (1).exe" => ":MBAM.Zone.Identifier" ADS not found.
"C:\Users\zskop\Desktop\adwcleaner (2).exe" => ":MBAM.Zone.Identifier" ADS not found.
=========== EmptyTemp: ==========
FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 19019361 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 6716 B
Windows/system/drivers => 102107239 B
Edge => 0 B
Firefox => 0 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 183759 B
systemprofile32 => 183759 B
LocalService => 199717 B
NetworkService => 275715 B
zskop => 295407536 B
RecycleBin => 89014105 B
EmptyTemp: => 482.9 MB temporary data Removed.
================================
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 24-04-2025 22:32:16)
C:\WINDOWS\system32\5E37410B-D6F1-471D-AE27-563CEAC0D6B2 => Is moved successfully
==== End of Fixlog 22:32:16 ====
-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakujúce upozornenia na vírus
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: Vyskakujúce upozornenia na vírus
Áno, už nič nevyskakuje, všetko vyzerá byť v poriadku 
Ďakujem krásne za pomoc
Ďakujem krásne za pomoc-
Rudy
- Site Admin
- Příspěvky: 119309
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: Vyskakujúce upozornenia na vírus
Rádo se stalo!
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?