VIRY.CZ

Dobrý den,

prosím o kontrolu logu z tchánova počítače. Stěžuje si, že mu to běhá pomalu a občas vypadává internet. Nemohl by tam mít nějaký sajrajt?

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 06-12-2024
Ran by 42077 (administrator) on VAŐKµTOVI (Gigabyte Technology Co., Ltd. A320M-S2H) (08-12-2024 15:20:23)
Running from C:\Users\42077\Desktop\FRST64.exe
Loaded Profiles: 42077
Platform: Microsoft Windows 11 Home Version 23H2 22631.4460 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastUI.exe <4>
(C:\Program Files\Avast Software\Avast\AvastSvc.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswEngSrv.exe
(C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\Updates\16.0.18227.20152\OfficeClickToRun.exe
(C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe <13>
(DriverStore\FileRepository\u0389592.inf_amd64_402e259562886e49\B386218\atiesrxx.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0389592.inf_amd64_402e259562886e49\B386218\atieclxx.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <12>
(Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\UUS\Packages\Preview\amd64\MoNotificationUx.exe
(services.exe ->) (Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0389592.inf_amd64_402e259562886e49\B386218\atiesrxx.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\aswidsagent.exe
(services.exe ->) (Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Avast\wsc_proxy.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
(services.exe ->) (Avast Software s.r.o. -> Gen Digital Inc.) C:\Program Files\Avast Software\Avast\AvastSvc.exe
(services.exe ->) (Gen Digital Inc. -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
(services.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(services.exe ->) (Monet+, a.s. -> Monet+, a.s.) C:\Windows\SysWOW64\xmesrv.exe
(services.exe ->) (Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe <2>
(sihost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.StartExperiencesApp_1.1.200.0_x64__8wekyb3d8bbwe\MicrosoftStartFeedProvider\MicrosoftStartFeedProvider.exe
(sihost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.CrossDevice_1.24102.48.0_x64__cw5n1h2txyewy\CrossDeviceService.exe
(svchost.exe ->) (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> ) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\SpotifyWidgetProvider.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\root\Office16\SDXHelper.exe
(svchost.exe ->) (Microsoft Corporation -> Microsoft Corporation) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teamsupdate.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Program Files\WindowsApps\MicrosoftWindows.Client.WebExperience_524.30502.30.0_x64__cw5n1h2txyewy\WidgetBoard.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtkAudUService] => C:\Windows\System32\DriverStore\FileRepository\realtekservice.inf_amd64_f82b8b1a0b601f77\RtkAudUService64.exe [1343072 2021-08-22] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\Avast Software\Avast\AvLaunch.exe [427816 2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\Run: [MicrosoftEdgeAutoLaunch_7C937BDA9CCA925841CFA41A86124D8B] => "C:\Program Files (x86)\Microsoft\Edge\Application\msedge.exe" --no-startup-window --win-session-start [3911232 2024-12-05] (Microsoft Corporation -> Microsoft Corporation)
HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [45359408 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\131.0.6778.109\Installer\chrmstp.exe [2024-12-06] (Google LLC -> Google LLC)
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {5FC60FA8-DE45-41E8-B757-2DBF53FB1B88} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1574856 2024-09-25] (Adobe Inc. -> Adobe Inc.)
Task: {7FEB80A6-8C62-4E06-9D3B-B4BD56ADB211} - System32\Tasks\AMDInstallLauncher => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {B59C2444-7D43-429B-BEEF-FFCDD2EC5D19} - System32\Tasks\AMDLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {DB8073F2-B09F-4813-A129-D78EE3DB434F} - System32\Tasks\AMDRyzenMasterSDKTask => C:\Program Files\AMD\CNext\CNext\cpumetricsserver.exe [183232 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {99057BB6-0A3D-45F9-A79C-E194F5C37086} - System32\Tasks\Avast Software\Avast Emergency Update => C:\Program Files\Avast Software\Avast\AvEmUpdate.exe [5209384 2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {64929CD8-7F63-44D5-93FB-77777100216F} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\Avast Software\Overseer\overseer.exe [2564904 2024-11-20] (Avast Software s.r.o. -> Gen Digital Inc.)
Task: {C1CBF51D-FA79-46F1-893B-D0C929C97862} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [829408 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.)
Task: {7F409ACB-FB7A-4A4D-B8D8-065AAFAC3496} - System32\Tasks\CCleanerCrashReporting => C:\Program Files\CCleaner\CCleanerBugReport.exe [5983536 2024-11-06] (Gen Digital Inc. -> Gen Digital Inc.) -> --product 90 --send dumps|report --path "C:\Program Files\CCleaner\LOG" --programpath "C:\Program Files\CCleaner" --guid "09276cbb-f247-48a2-9d6b-505b0aa2c2ef" --version "6.30.11385" --silent
Task: {C806E3E8-719F-409D-AE09-55E6B37DFCD0} - System32\Tasks\CCleanerSkipUAC - 42077 => C:\Program Files\CCleaner\CCleaner.exe [39135536 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
Task: {2D38CBB0-4F10-4657-A2CC-FDF8B0277695} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{56890929-C0CB-4CA9-8C92-4E4DFB5708E2} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
Task: {A294E502-BE5B-442B-B309-0E9B397E3201} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {C661C1E1-F10F-4AF9-8101-996052F8B028} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [28644032 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
Task: {DEDB50F0-5674-4895-8AEC-E91778C99959} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {E788B53C-8DC4-4A3B-B1A2-D376D8D6364D} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files\Microsoft Office\root\Office16\sdxhelper.exe [312408 2024-11-16] (Microsoft Corporation -> Microsoft Corporation)
Task: {312175DF-788F-49DF-8E4B-B3927A051EFA} - System32\Tasks\Microsoft\Office\Office Performance Monitor => C:\Program Files\Microsoft Office\root\vfs\ProgramFilesCommonX64\Microsoft Shared\OFFICE16\operfmon.exe [187600 2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Task: {9FEABC16-5755-48B0-99D6-B148CFE89627} - System32\Tasks\ModifyLinkUpdate => C:\Program Files\AMD\CIM\Bin64\InstallManagerApp.exe [954816 2022-08-19] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
Task: {20F2E7E7-1F77-425D-A0B6-764E00946088} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-26] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {51C0393A-4235-4918-999E-9E6AB05B6511} - System32\Tasks\Mozilla\Firefox Background Update S-1-5-21-3530414869-3745828373-2086365394-1001 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe [671808 2024-11-26] (Mozilla Corporation -> Mozilla Corporation) -> C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\--MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask background (the data entry has 6 more characters).
Task: {567A83DC-E806-41E9-9341-852A23E3C2A5} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [34368 2024-11-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {10DFE8EA-94B6-4CF2-B848-AB56C26760B9} - System32\Tasks\Optimize Push Notification Data File-S-1-5-21-3530414869-3745828373-2086365394-1001 => {201600D8-6EFF-48CE-B842-E14D37A0682D} C:\Windows\System32\wpninprc.dll [65536 2024-05-15] (Microsoft Windows -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\CCleanerCrashReporting.job => C:\Program Files\CCleaner\CCleanerBugReport.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31dcafae-bdd3-4c69-a058-5110397a2552}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{31dcafae-bdd3-4c69-a058-5110397a2552}\8416D6D65627F66796C4: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{d38e5474-a5c1-403d-a3bb-e6fd444634a9}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{d38e5474-a5c1-403d-a3bb-e6fd444634a9}\8416D6D65627F66796C4: [DhcpNameServer] 77.48.254.254 77.48.100.254
Tcpip\..\Interfaces\{d38e5474-a5c1-403d-a3bb-e6fd444634a9}\F423D294E6475627E65647D2530333: [DhcpNameServer] 10.0.0.138

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default [2024-12-08]
Edge HomePage: Default -> hxxp://www.seznam.cz/
Edge StartupUrls: Default -> "hxxp://www.seznam.cz/"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\bojobppfploabceghnmlahpoonbcbacn [2024-10-23]
Edge Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-14]
Edge Extension: (Edge relevant text changes) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\jmjflgjpcpepeafmmgdpfkogkghcpiha [2024-02-03]
Edge Extension: (Komponenta pro aplikaci BUSINESS 24) - C:\Users\42077\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\koefoniljlakompjaegmdiemdajkhccp [2024-03-14]
Edge HKLM\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]
Edge HKLM-x32\...\Edge\Extension: [bojobppfploabceghnmlahpoonbcbacn]

FireFox:
========
FF DefaultProfile: e655tqi8.default
FF ProfilePath: C:\Users\42077\AppData\Roaming\Mozilla\Firefox\Profiles\e655tqi8.default [2024-05-23]
FF ProfilePath: C:\Users\42077\AppData\Roaming\Mozilla\Firefox\Profiles\y2v8wuvr.default-release [2024-12-08]
FF Homepage: Mozilla\Firefox\Profiles\y2v8wuvr.default-release -> www.seznam.cz
FF Extension: (Malwarebytes Browser Guard) - C:\Users\42077\AppData\Roaming\Mozilla\Firefox\Profiles\y2v8wuvr.default-release\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2024-09-05]
FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\Office16\NPSPWRAP.DLL [2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: Adobe Acrobat -> C:\Program Files\Adobe\Acrobat DC\Acrobat\Air\nppdf32.dll [2024-11-13] (Adobe Inc. -> Adobe Systems Inc.)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\NPSPWRAP.DLL [2024-04-13] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin HKU\S-1-5-21-3530414869-3745828373-2086365394-1001: @servis24.cz/PKIComponent -> C:\Users\42077\AppData\Roaming\CSAS\lib\x86\npPKIComponentNPAPI.dll [2023-03-24] (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
FF Plugin HKU\S-1-5-21-3530414869-3745828373-2086365394-1001: @servis24.cz/PKIComponent-x64 -> C:\Users\42077\AppData\Roaming\CSAS\lib\x64\npPKIComponentNPAPI.dll [2023-03-24] (Česká spořitelna a.s. -> Česká spořitelna, a.s.)

Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default [2024-12-08]
CHR Notifications: Default -> hxxps://cs.avktarget.com; hxxps://nisfarm.ru
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR DefaultSearchURL: Default -> hxxps://search.seznam.cz/?q={searchTerms}
CHR DefaultSearchKeyword: Default -> seznam.cz
CHR DefaultNewTabURL: Default -> hxxps://search.seznam.cz/?sourceid=chromechoice
CHR DefaultSuggestURL: Default -> hxxps://suggest.seznam.cz/fulltext_ff?phrase={searchTerms}
CHR Extension: (Dokumenty Google offline) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2024-11-29]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2024-10-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\42077\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2023-03-05]
CHR HKLM\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [172992 2024-09-25] (Adobe Inc. -> Adobe Inc.)
R3 aswbIDSAgent; C:\Program Files\Avast Software\Avast\aswidsagent.exe [7308072 2024-11-21] (Avast Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\Avast Software\Avast\AvastSvc.exe [776488 2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 avast! Tools; C:\Program Files\Avast Software\Avast\aswToolsSvc.exe [1222952 2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
R2 AvastWscReporter; C:\Program Files\Avast Software\Avast\wsc_proxy.exe [56912 2024-05-23] (Avast Software s.r.o. -> AVAST Software)
R3 CCleanerPerformanceOptimizerService; C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe [1087792 2024-11-06] (Gen Digital Inc. -> Piriform Software Ltd)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [13652176 2024-11-09] (Microsoft Corporation -> Microsoft Corporation)
S3 MDCoreSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MpDefenderCoreService.exe [1489000 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\NisSrv.exe [3236840 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.24040.4-0\MsMpEng.exe [133704 2024-05-17] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 xmengine service; C:\Windows\SysWOW64\xmesrv.exe [34696 2009-10-09] (Monet+, a.s. -> Monet+, a.s.)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 amdfendrmgr; C:\Windows\System32\drivers\amdfendrmgr.sys [35360 2022-06-01] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 amdgpio3; C:\Windows\System32\drivers\amdgpio3.sys [27256 2022-01-27] (ASMedia Technology Inc. -> Advanced Micro Devices, Inc)
R3 AMDSAFD; C:\Windows\System32\DriverStore\FileRepository\amdsafd.inf_amd64_1a1a381a2c0e293c\amdsafd.sys [113056 2022-08-25] (Advanced Micro Devices Inc. -> Advanced Micro Devices)
R3 amdwddmg; C:\Windows\System32\DriverStore\FileRepository\u0389592.inf_amd64_402e259562886e49\B386218\amdkmdag.sys [94464432 2023-03-17] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R3 AMDXE; C:\Windows\System32\drivers\amdxe.sys [59920 2022-05-31] (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.)
R0 aswArDisk; C:\Windows\System32\drivers\aswArDisk.sys [20552 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswArPot; C:\Windows\System32\drivers\aswArPot.sys [234056 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswbidsdriver; C:\Windows\System32\drivers\aswbidsdriver.sys [383040 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbidsh; C:\Windows\System32\drivers\aswbidsh.sys [296008 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswbuniv; C:\Windows\System32\drivers\aswbuniv.sys [84552 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswElam; C:\Windows\System32\drivers\aswElam.sys [28280 2024-11-21] (Microsoft Windows Early Launch Anti-malware Publisher -> Gen Digital Inc.)
R1 aswKbd; C:\Windows\System32\drivers\aswKbd.sys [28736 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswMonFlt; C:\Windows\System32\drivers\aswMonFlt.sys [274504 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswNetHub; C:\Windows\System32\drivers\aswNetHub.sys [550984 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswRdr; C:\Windows\System32\drivers\aswRdr2.sys [97864 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswRvrt; C:\Windows\System32\drivers\aswRvrt.sys [69184 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSnx; C:\Windows\System32\drivers\aswSnx.sys [954944 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R1 aswSP; C:\Windows\System32\drivers\aswSP.sys [1424448 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R2 aswStm; C:\Windows\System32\drivers\aswStm.sys [203848 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
R0 aswVmm; C:\Windows\System32\drivers\aswVmm.sys [381512 2024-11-21] (Microsoft Windows Hardware Compatibility Publisher -> Gen Digital Inc.)
S3 BthA2dp; C:\Windows\System32\drivers\BthA2dp.sys [532480 2022-05-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\Windows\System32\drivers\bthhfenum.sys [184320 2022-05-07] (Microsoft Corporation) [File not signed]
S3 BTHMODEM; C:\Windows\System32\drivers\bthmodem.sys [106496 2022-05-07] (Microsoft Corporation) [File not signed]
S3 GemCCID; C:\Windows\System32\drivers\GemCCID.sys [137712 2016-10-17] (Microsoft Windows Hardware Compatibility Publisher -> Gemalto)
R3 RtlWlanu; C:\Windows\System32\drivers\rtwlanu.sys [12444968 2024-10-24] (Realtek Semiconductor Corp. -> Realtek Semiconductor Corporation)
S3 WdBoot; C:\Windows\system32\drivers\wd\WdBoot.sys [21056 2024-05-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
U5 WdDevFlt; C:\Windows\System32\Drivers\WdDevFlt.sys [169232 2022-05-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\wd\WdFilter.sys [601496 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [105880 2024-05-17] (Microsoft Windows -> Microsoft Corporation)
S3 DIRECTIO; \??\C:\Users\Administrator\Desktop\BurnInTest\DirectIo64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-08 15:20 - 2024-12-08 15:20 - 000023011 _____ C:\Users\42077\Desktop\FRST.txt
2024-12-08 15:20 - 2024-12-08 15:20 - 000000000 ____D C:\Users\42077\Desktop\FRST-OlderVersion
2024-12-08 10:38 - 2024-12-08 10:38 - 000725758 _____ C:\Windows\system32\perfh005.dat
2024-12-08 10:38 - 2024-12-08 10:38 - 000151026 _____ C:\Windows\system32\perfc005.dat
2024-12-03 10:04 - 2024-12-03 10:04 - 000316459 _____ C:\Users\42077\Downloads\Uživatelská příručka BUSINESS 24.pdf
2024-11-26 17:05 - 2024-11-28 10:30 - 000000000 ____D C:\Program Files\Mozilla Firefox
2024-11-21 20:03 - 2024-11-21 20:03 - 000315688 _____ (Gen Digital Inc.) C:\Windows\system32\aswBoot.exe
2024-11-19 19:02 - 2024-11-19 19:02 - 004407331 _____ C:\Users\42077\Downloads\prilohy_268482.zip
2024-11-19 19:02 - 2024-11-19 19:02 - 004407331 _____ C:\Users\42077\Downloads\prilohy_268482 (2).zip
2024-11-19 19:02 - 2024-11-19 19:02 - 004407331 _____ C:\Users\42077\Downloads\prilohy_268482 (1).zip
2024-11-15 16:42 - 2024-11-15 16:42 - 000026650 _____ C:\Windows\SysWOW64\IntegratedServicesRegionPolicySet.json
2024-11-15 16:40 - 2024-11-15 16:40 - 000026650 _____ C:\Windows\system32\IntegratedServicesRegionPolicySet.json
2024-11-13 14:24 - 2024-12-08 15:15 - 000000000 ____D C:\Users\42077\AppData\Local\CrashDumps

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2024-12-08 15:20 - 2024-05-23 15:23 - 000000000 ____D C:\FRST
2024-12-08 15:20 - 2024-05-23 14:25 - 002402304 _____ (Farbar) C:\Users\42077\Desktop\FRST64.exe
2024-12-08 15:16 - 2023-03-05 13:54 - 000000000 ____D C:\Users\42077\AppData\Local\D3DSCache
2024-12-08 15:15 - 2024-05-23 15:09 - 000000000 ____D C:\Program Files\CCleaner
2024-12-08 15:15 - 2023-03-05 14:02 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2024-12-08 14:33 - 2022-08-03 22:21 - 000000000 ____D C:\Windows\system32\SleepStudy
2024-12-08 10:48 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2024-12-08 10:38 - 2022-08-03 13:29 - 001718036 _____ C:\Windows\system32\PerfStringBackup.INI
2024-12-08 10:38 - 2022-05-07 06:22 - 000000000 ____D C:\Windows\INF
2024-12-08 10:36 - 2024-05-23 15:09 - 000004210 _____ C:\Windows\system32\Tasks\CCleaner Update
2024-12-08 10:34 - 2022-11-29 18:12 - 000003106 _____ C:\Windows\system32\Tasks\AMDInstallLauncher
2024-12-08 10:34 - 2022-11-29 18:12 - 000003078 _____ C:\Windows\system32\Tasks\AMDLinkUpdate
2024-12-08 10:33 - 2024-05-23 15:09 - 000000666 _____ C:\Windows\Tasks\CCleanerCrashReporting.job
2024-12-08 10:33 - 2024-05-23 14:14 - 000000000 ____D C:\ProgramData\Avast Software
2024-12-08 10:33 - 2022-11-29 18:12 - 000065536 _____ C:\Windows\system32\spu_storage.bin
2024-12-08 10:33 - 2022-08-03 22:21 - 000012288 ___SH C:\DumpStack.log.tmp
2024-12-08 10:33 - 2022-08-03 22:21 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2024-12-08 10:33 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemTemp
2024-12-08 10:33 - 2022-05-07 06:17 - 000524288 _____ C:\Windows\system32\config\BBI
2024-12-08 09:09 - 2024-05-23 14:17 - 000000000 ____D C:\Users\42077\AppData\Local\Avast Software
2024-12-07 18:39 - 2024-05-23 15:09 - 000002954 _____ C:\Windows\system32\Tasks\CCleanerCrashReporting
2024-12-07 18:39 - 2024-05-23 15:09 - 000002254 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC - 42077
2024-12-07 18:39 - 2024-05-23 14:15 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2024-12-07 18:39 - 2023-03-05 14:09 - 000003482 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2024-12-07 18:39 - 2023-03-05 13:55 - 000003066 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3530414869-3745828373-2086365394-1001
2024-12-07 18:39 - 2023-03-05 13:55 - 000002862 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3530414869-3745828373-2086365394-1001
2024-12-07 18:39 - 2023-03-05 10:05 - 000003062 _____ C:\Windows\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3530414869-3745828373-2086365394-500
2024-12-07 18:39 - 2023-03-05 10:05 - 000002858 _____ C:\Windows\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3530414869-3745828373-2086365394-500
2024-12-07 18:39 - 2022-11-29 18:12 - 000002672 _____ C:\Windows\system32\Tasks\ModifyLinkUpdate
2024-12-07 18:39 - 2022-11-29 18:12 - 000002402 _____ C:\Windows\system32\Tasks\AMDRyzenMasterSDKTask
2024-12-07 18:39 - 2022-08-03 22:22 - 000003568 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2024-12-07 18:39 - 2022-08-03 22:22 - 000003344 _____ C:\Windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2024-12-07 13:48 - 2023-03-05 13:54 - 000000000 ____D C:\Users\42077\AppData\Local\Packages
2024-12-07 13:25 - 2023-03-05 13:55 - 000002381 _____ C:\Users\42077\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2024-12-07 12:38 - 2022-08-03 22:22 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2024-12-07 12:38 - 2022-08-03 22:22 - 000002274 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2024-12-06 10:46 - 2022-05-07 06:24 - 000000000 ___HD C:\Program Files\WindowsApps
2024-12-06 10:46 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\AppReadiness
2024-12-06 08:39 - 2023-03-05 14:05 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2024-12-06 08:39 - 2023-03-05 14:05 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2024-11-28 20:53 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\LiveKernelReports
2024-11-28 10:30 - 2023-03-05 14:02 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2024-11-26 22:27 - 2023-03-05 14:02 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2024-11-26 22:27 - 2023-03-05 14:02 - 000000000 ____D C:\Windows\system32\Tasks\Mozilla
2024-11-21 20:03 - 2024-05-23 14:15 - 001424448 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSP.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000954944 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswSnx.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000550984 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswNetHub.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000383040 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsdriver.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000381512 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswVmm.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000296008 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbidsh.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000274504 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswMonFlt.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000234056 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArPot.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000097864 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRdr2.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000084552 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswbuniv.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000069184 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswRvrt.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000028736 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswKbd.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000028280 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswElam.sys
2024-11-21 20:03 - 2024-05-23 14:15 - 000020552 _____ (Gen Digital Inc.) C:\Windows\system32\Drivers\aswArDisk.sys
2024-11-21 20:03 - 2022-05-07 06:24 - 000000000 ___HD C:\Windows\ELAMBKUP
2024-11-16 15:52 - 2022-08-03 13:26 - 000000000 ____D C:\Program Files\Microsoft Office
2024-11-16 15:52 - 2022-05-07 06:24 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2024-11-16 02:58 - 2022-05-07 06:24 - 000000000 ____D C:\ProgramData\USOPrivate
2024-11-16 02:42 - 2022-08-03 22:21 - 000653816 _____ C:\Windows\system32\FNTCACHE.DAT
2024-11-16 02:41 - 2023-10-11 20:22 - 000000000 ____D C:\Windows\system32\Microsoft-Edge-WebView
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ___SD C:\Windows\system32\UNP
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\PrintDialog
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ___RD C:\Windows\ImmersiveControlPanel
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\setup
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SysWOW64\Dism
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\SystemResources
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\WinBioPlugIns
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\ShellExperiences
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Sgrm
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\setup
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\SecureBootUpdates
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\PerceptionSimulation
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\oobe
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\HealthAttestationClient
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\Dism
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\system32\appraiser
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellExperiences
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\ShellComponents
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\DiagTrack
2024-11-16 02:41 - 2022-05-07 06:24 - 000000000 ____D C:\Windows\bcastdvr
2024-11-16 02:41 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\servicing
2024-11-15 16:46 - 2022-05-07 06:25 - 000077312 _____ (Khronos Group) C:\Windows\SysWOW64\opencl.dll
2024-11-15 16:46 - 2022-05-07 06:24 - 000118784 _____ (Khronos Group) C:\Windows\system32\opencl.dll
2024-11-15 16:46 - 2022-05-07 06:17 - 000000000 ____D C:\Windows\CbsTemp
2024-11-15 16:38 - 2023-08-09 11:58 - 000000000 ____H C:\$WINRE_BACKUP_PARTITION.MARKER
2024-11-15 16:27 - 2023-03-05 16:37 - 000002073 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Acrobat.lnk
2024-11-15 16:27 - 2023-03-05 16:37 - 000002061 _____ C:\Users\Public\Desktop\Adobe Acrobat.lnk
2024-11-14 07:37 - 2023-03-07 19:07 - 000000000 ____D C:\Windows\system32\MRT
2024-11-14 07:36 - 2023-03-07 19:07 - 202035632 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by 42077 (08-12-2024 15:21:16)
Running from C:\Users\42077\Desktop
Microsoft Windows 11 Home Version 23H2 22631.4460 (X64) (2023-03-05 09:06:04)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

(If an entry is included in the fixlist, it will be removed.)

42077 (S-1-5-21-3530414869-3745828373-2086365394-1001 - Administrator - Enabled) => C:\Users\42077
Administrator (S-1-5-21-3530414869-3745828373-2086365394-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3530414869-3745828373-2086365394-503 - Limited - Disabled)
Guest (S-1-5-21-3530414869-3745828373-2086365394-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3530414869-3745828373-2086365394-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Avast Antivirus (Enabled - Up to date) {EB19B86E-3998-C706-90EF-92B41EB091AF}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat (64-bit) (HKLM\...\{AC76BA86-1029-1033-7760-BC15014EA700}) (Version: 24.004.20272 - Adobe)
Adobe Refresh Manager (HKLM-x32\...\{AC76BA86-0804-1033-1959-018244601102}) (Version: 1.8.0 - Adobe Systems Incorporated) Hidden
AMD GPIO2 Driver (HKLM-x32\...\{E9DD399F-21A3-479E-A7DF-D6CF4B2ADBF3}) (Version: 2.2.0.130 - Advanced Micro Devices, Inc.) Hidden
AMD Chipset Software (HKLM-x32\...\AMD_Chipset_IODrivers) (Version: 4.03.03.431 - Advanced Micro Devices, Inc.)
AMD PCI Driver (HKLM-x32\...\{80EC3CEE-2940-42A1-A776-B5D810D39F1E}) (Version: 1.0.0.87 - Advanced Micro Devices, Inc.) Hidden
AMD PSP Driver (HKLM-x32\...\{988F14B8-79A8-475D-BAC7-83F96AD3D821}) (Version: 5.18.0.0 - Advanced Micro Devices, Inc.) Hidden
AMD Ryzen Balanced Driver (HKLM-x32\...\{A171D320-C42C-4F3B-A2D8-C6A09F6788CC}) (Version: 7.0.4.4 - Advanced Micro Devices, Inc.) Hidden
AMD SBxxx SMBus Driver (HKLM-x32\...\{AAE0E27D-C88A-49BA-8715-77ADCD4286A3}) (Version: 5.12.0.38 - Advanced Micro Devices, Inc.) Hidden
AMD Software (HKLM\...\AMD Catalyst Install Manager) (Version: 22.8.2 - Advanced Micro Devices, Inc.)
AMD_Chipset_Drivers (HKLM-x32\...\{0fd12917-eb35-466f-b411-02c45a8a505d}) (Version: 4.03.03.431 - Advanced Micro Devices, Inc.) Hidden
Avast Free Antivirus (HKLM\...\Avast Antivirus) (Version: 24.11.6137 - Avast Software)
Branding64 (HKLM\...\{0DB6E0DC-607A-42C1-A3CE-7567A9F85AF4}) (Version: 1.00.0008 - Advanced Micro Devices, Inc.) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 6.30 - Piriform)
CryptoPlus CS v1.0e (HKLM-x32\...\CryptoPlus CS v1.0e) (Version: 2.0.16 - Monet+,a.s.)
CryptoPlus CS v1.0e x64 (HKLM\...\CryptoPlus CS v1.0e) (Version: 2.0.16 - Monet+,a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 131.0.6778.109 - Google LLC)
LibreOffice 7.5.1.2 (HKLM\...\{BFAC9A9B-8A3E-47A6-97AE-53DC3266ACE1}) (Version: 7.5.1.2 - The Document Foundation)
Microsoft 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.18129.20158 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 131.0.2903.86 - Microsoft Corporation)
Microsoft Edge WebView2 Runtime (HKLM-x32\...\Microsoft EdgeWebView) (Version: 131.0.2903.86 - Microsoft Corporation) Hidden
Microsoft OneDrive (HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\OneDriveSetup.exe) (Version: 24.226.1110.0003 - Microsoft Corporation)
Microsoft Teams Meeting Add-in for Microsoft Office (HKLM\...\{A7AB73A3-CB10-4AA5-9D38-6AEFFBDE4C91}) (Version: 1.24.28402 - Microsoft)
Microsoft Update Health Tools (HKLM\...\{C6FD611E-7EFE-488C-A0E0-974C09EF6473}) (Version: 5.72.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2015-2019 Redistributable (x64) - 14.29.30133 (HKLM-x32\...\{295d1583-fdb9-414b-a4c8-da539362a26b}) (Version: 14.29.30133.0 - Microsoft Corporation)
Microsoft Visual C++ 2019 X64 Additional Runtime - 14.29.30133 (HKLM\...\{E699E009-1C3C-4E50-9B57-2B39F0954C7F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Microsoft Visual C++ 2019 X64 Minimum Runtime - 14.29.30133 (HKLM\...\{6CD9E9ED-906D-4196-8DC3-F987D2F6615F}) (Version: 14.29.30133 - Microsoft Corporation) Hidden
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 133.0 (x64 cs)) (Version: 133.0 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 110.0.1 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM\...\{90160000-008C-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20100 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-007E-0000-1000-0000000FF1CE}) (Version: 16.0.18129.20158 - Microsoft Corporation) Hidden
Promontory_GPIO Driver (HKLM-x32\...\{B5512BCC-F4CD-4159-86A4-B2AD7D38FFA9}) (Version: 3.0.0.0 - Advanced Micro Devices, Inc.) Hidden
Realtek Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.9225.1 - Realtek Semiconductor Corp.)
RyzenMasterSDK (HKLM\...\{0B945CE6-14BB-4EDF-874D-37850349036B}) (Version: 1.2.3.5 - Advanced Micro Devices, Inc.) Hidden

Packages:
=========
Adobe Acrobat Reader -> C:\Program Files\Adobe\Acrobat DC [2024-06-16] ()
Microsoft Defender -> C:\Program Files\WindowsApps\Microsoft.6365217CE6EB4_102.2410.16002.0_x64__8wekyb3d8bbwe [2024-11-12] (Microsoft Corporation) [Startup Task]
Microsoft Family -> C:\Program Files\WindowsApps\MicrosoftCorporationII.MicrosoftFamily_0.2.40.0_x64__8wekyb3d8bbwe [2023-09-14] (Microsoft Corp.)
Microsoft Whiteboard -> C:\Program Files\WindowsApps\Microsoft.Whiteboard_54.20907.567.0_x64__8wekyb3d8bbwe [2024-09-09] (Microsoft Corporation)
Realtek Audio Control -> C:\Program Files\WindowsApps\RealtekSemiconductorCorp.RealtekAudioControl_1.27.254.0_x64__dt26b99r8h8gj [2023-11-11] (Realtek Semiconductor Corp)
SpotifyAB.SpotifyMusic -> C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0 [2024-12-06] (Spotify AB) [Startup Task]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{13357088-9834-0409-1600-134951500000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\42077\AppData\Local\Microsoft\TeamsMeetingAdd-in\1.24.28402\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{38142727-3008-9161-1521-349515000000}\localserver32 -> C:\Program Files\Adobe\Acrobat DC\Acrobat\ADNotificationManager.exe (Adobe Inc. -> Adobe)
CustomCLSID: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001_Classes\CLSID\{8616ED07-7CEA-47D2-912D-79BF20C02290}\InprocServer32 -> C:\Users\42077\AppData\Roaming\CSAS\lib\x64\PKIComponentAX.dll (Česká spořitelna a.s. -> Česká spořitelna, a.s.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
ShellIconOverlayIdentifiers-x32: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\Avast Software\Avast\ashShell.dll [2024-11-21] (Avast Software s.r.o. -> Gen Digital Inc.)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2022-08-03 13:28 - 2022-08-03 13:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\AppvIsvSubsystems64.dll] C:\Program Files\Microsoft Office\Root\Office16\AppVIsvSubsystems64.dll
2022-08-03 13:28 - 2022-08-03 13:28 - 000000000 ____L (Microsoft Corporation) [symlink -> C:\Program Files\Common Files\Microsoft Shared\ClickToRun\C2R64.dll] C:\Program Files\Microsoft Office\Root\Office16\c2r64.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Users\42077\Desktop\adwcleaner_8.4.2.exe:MBAM.Zone.Identifier [156]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\aswSP.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\aswSP.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) =============

HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\Software\Microsoft\Internet Explorer\Main,Start Page = www.hal3000.cz
HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.hal3000.cz
BHO-x32: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll [2024-10-01] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL [2024-10-31] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, it will be removed from the registry.)

IE trusted site: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\business24.cz -> hxxps://www.business24.cz
IE trusted site: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\csas.cz -> hxxps://bezpecnost.csas.cz
IE trusted site: HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\...\servis24.cz -> hxxps://www.servis24.cz

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2022-05-07 06:24 - 2022-05-07 06:22 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3530414869-3745828373-2086365394-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\42077\AppData\Local\Packages\MicrosoftWindows.Client.CBS_cw5n1h2txyewy\LocalCache\Microsoft\IrisService\1828323362403036744\133780573832134766.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

Network Binding:
=============
Wi-Fi: TP-Link Wireless N PCI Express Adapter -> rtwlane01.sys
Wi-Fi 2: Realtek RTL8188EU Wireless LAN 802.11n USB 2.0 Network Adapter -> rtwlanu.sys
Ethernet: Realtek PCIe GbE Family Controller -> rt640x64.sys

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{5E56A17F-625F-4836-B6DC-7083FAE237C0}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6AED0569-A71D-4480-9534-21EF9BF98ABD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{26172A6B-68B9-4BE5-A5E9-5E3882ECA651}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{A9D69ECB-3749-4F92-B4B5-CF5DD4CF8E02}] => (Allow) C:\Program Files\Avast Software\Avast\AvastUI.exe (Avast Software s.r.o. -> Gen Digital Inc.)
FirewallRules: [{5CFC91C6-7CE9-47AD-AF26-0FF74CD67DD8}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24151.2105.2943.2101_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DD74325C-34AF-4BD9-B1AA-763848BFCB01}] => (Allow) C:\Program Files\WindowsApps\MicrosoftTeams_24151.2105.2943.2101_x64__8wekyb3d8bbwe\msteams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{E08DDBAD-EB46-48E6-8F73-51347D94F9B7}] => (Allow) C:\Program Files\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{72062E17-3D81-4B75-90D3-861DEB183E6D}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{DC88A791-11EB-44EE-B855-BF7B7B71CFFC}] => (Allow) C:\Program Files\WindowsApps\MSTeams_24295.605.3225.8804_x64__8wekyb3d8bbwe\ms-teams.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{4F0F949D-9062-4B03-B01D-51206121727D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{FD56B91F-8162-49F6-82DA-EF7763A08C17}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{995398CB-E3D7-4E1E-8546-0C54335BADB1}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{4CF8DB34-088B-40A8-9DFC-F726E332C077}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{780482A1-B968-4AB4-A8BD-8FAFDE919C18}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{179809A7-E943-4577-A524-8A3E607ECD63}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{719596AB-8AED-4EDB-AD23-B32C351A4A81}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{1F818430-92DF-4100-8272-41BF71840A44}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{D7A2A3DF-006D-4E92-ADEA-51F3228A59FD}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{CE7E81C5-0D63-43FB-99AE-0EFDD449F27D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.252.442.0_x64__zpdnekdrzrea0\Spotify.exe (453637B3-4E12-4CDF-B0D3-2A3C863BF6EF -> Spotify Ltd)
FirewallRules: [{8020B933-FB76-4DD7-9C3E-B4F5F05C4B96}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{795E7567-3F09-499D-9E64-20F43AD9D81B}] => (Allow) C:\Program Files (x86)\Microsoft\EdgeWebView\Application\131.0.2903.86\msedgewebview2.exe (Microsoft Corporation -> Microsoft Corporation)

==================== Restore Points =========================

20-11-2024 20:19:27 Windows Update
24-11-2024 13:42:28 Windows Update
04-12-2024 17:38:00 Windows Update

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (12/08/2024 10:34:01 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VAŐKµTOVI$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(0ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (12/08/2024 10:34:01 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(15ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (12/07/2024 01:48:17 PM) (Source: Microsoft Office 16) (EventID: 2011) (User: )
Description: Office Subscription licensing exception: Error Code: 0x305; CorrelationId: {BBD6B2C7-31C3-4BC0-86B2-3E7A1068AB36}

Error: (12/05/2024 04:33:42 PM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VAŐKµTOVI$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(15ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (12/05/2024 09:36:21 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VAŐKµTOVI$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(16ms)
Fáze: GetCACaps
Nelze rozpoznat název nebo adresu serveru. 0x80072ee7 (WinHttp: 12007 ERROR_WINHTTP_NAME_NOT_RESOLVED)

Error: (12/05/2024 09:36:21 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps

Metoda: GET(34172ms)
Fáze: GetCACaps
Spojení se serverem bylo nenormálně ukončeno. 0x80072efe (WinHttp: 12030 ERROR_WINHTTP_CONNECTION_ERROR)

Error: (11/28/2024 10:31:11 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro WORKGROUP\VAŐKµTOVI$ přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 28 Nov 2024 09:31:14 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 75956f26-c290-4cd1-b50c-71667ada5e1b

Metoda: GET(969ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)

Error: (11/28/2024 10:31:10 AM) (Source: CertEnroll) (EventID: 86) (User: NT AUTHORITY)
Description: Inicializace registrace certifikátu SCEP pro Místní systém přes https://AMD-KeyId-52fb59e29aa83a962fb9e ... s/Aik/scep se nepovedla:

GetCACaps
GetCACaps: Not Found
{"Message":"The authority \"amd-keyid-52fb59e29aa83a962fb9eef0fe5b4811de6b751e.microsoftaik.azure.net\" does not exist."}
HTTP/1.1 404 Not Found
Date: Thu, 28 Nov 2024 09:31:12 GMT
Content-Length: 121
Content-Type: application/json; charset=utf-8
X-Content-Type-Options: nosniff
Strict-Transport-Security: max-age=31536000;includeSubDomains
x-ms-request-id: 0d8dfa6a-4026-4c7a-bce2-bc988420b5e6

Metoda: GET(26265ms)
Fáze: GetCACaps
Nenalezeno (404) 0x80190194 (-2145844844 HTTP_E_STATUS_NOT_FOUND)


System errors:
=============
Error: (12/08/2024 03:15:10 PM) (Source: DCOM) (EventID: 10000) (User: VAŐKµTOVI)
Description: Nelze spustit server DCOM: {0358B920-0AC7-461F-98F4-58E32CD89148}. Došlo k chybě:
2147942767
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}

Error: (12/08/2024 10:35:55 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Služba Aktualizace Google (gupdate) neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (12/08/2024 10:35:55 AM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Služba Aktualizace Google (gupdate) bylo dosaženo časového limitu (30000 ms).

Error: (12/08/2024 10:35:54 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (12/08/2024 08:44:37 AM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (12/07/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (12/07/2024 12:12:48 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931

Error: (12/06/2024 06:00:01 PM) (Source: Microsoft-Windows-TPM-WMI) (EventID: 1796) (User: NT AUTHORITY)
Description: The Secure Boot update failed to update a Secure Boot variable with error (-2147020471 = Zabezpečené spouštění není v tomto počítači zapnuto.). For more information, please see https://go.microsoft.com/fwlink/?linkid=2169931


Windows Defender:
================
Date: 2024-05-21 09:24:51
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {459E1882-7241-4DB4-8228-D0914A2F2C32}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-20 09:21:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {397B2414-9066-4E19-8DA4-3809B33D273C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-19 09:20:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7C1CC8BD-73F0-4C70-B0A4-50BFB11B71EC}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-18 18:02:18
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {2690D70A-54EB-40B1-81F5-A55E6E30A598}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2024-05-16 20:01:20
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {7B5B56E2-800C-4AB3-9212-57ACA5D3A532}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]

Date: 2024-03-01 18:00:25
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.405.792.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.24010.10
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-03-15 19:44:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1797.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-03-15 19:44:27
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1797.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x80070102
Popis chyby: Vypršel časový limit operace čekání.

Date: 2023-03-11 18:03:04
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1447.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2023-03-11 17:12:18
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.383.1447.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.20000.2
Kód chyby: 0x8024402c
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

CodeIntegrity:
===============
Date: 2024-11-21 20:02:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.

Date: 2024-11-21 19:52:56
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\System32\SecurityHealthService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Avast Software\Avast\aswAMSI.dll that did not meet the Windows signing level requirements.


==================== Memory info ===========================

BIOS: American Megatrends International, LLC. F55 06/07/2022
Motherboard: Gigabyte Technology Co., Ltd. A320M-S2H-CF
Processor: AMD Ryzen 5 4500 6-Core Processor
Percentage of memory in use: 30%
Total physical RAM: 16253.14 MB
Available physical RAM: 11260.4 MB
Total Virtual: 17277.14 MB
Available Virtual: 11321.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:222.47 GB) (Free:129.01 GB) (Model: KINGSTON SA400S37240G) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:931.38 GB) (Model: WDC WD10EZEX-00BBHA0) NTFS

\\?\Volume{f3097d4a-184a-4c48-acd4-21ea9e435f7a}\ (SYSTEM) (Fixed) (Total:0.97 GB) (Free:0.94 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 223.6 GB) (Disk ID: D7DB2986)

Partition: GPT.

==========================================================
Disk: 1 (Size: 931.5 GB) (Disk ID: D7DB29F5)

Partition: GPT.

==================== End of Addition.txt =======================

Zdravím!
Nejprve spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Log z AdwCleaneru:

# -------------------------------
# Malwarebytes AdwCleaner 8.4.2.0
# -------------------------------
# Build: 03-04-2024
# Database: 2024-10-23.4 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 12-08-2024
# Duration: 00:00:03
# OS: Windows 11 (Build 22631.4460)
# Scanned: 32109
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

No Preinstalled Software found.


AdwCleaner[S00].txt - [1420 octets] - [23/05/2024 15:50:41]
AdwCleaner[C00].txt - [1610 octets] - [23/05/2024 15:51:12]
AdwCleaner[S01].txt - [1542 octets] - [23/05/2024 15:51:41]
AdwCleaner[S02].txt - [1603 octets] - [23/05/2024 15:51:53]
AdwCleaner[C02].txt - [1793 octets] - [23/05/2024 15:51:58]
AdwCleaner[S03].txt - [1725 octets] - [23/05/2024 16:01:08]
AdwCleaner[C03].txt - [1915 octets] - [23/05/2024 16:01:13]
AdwCleaner[S04].txt - [1847 octets] - [23/05/2024 16:05:11]
AdwCleaner[S05].txt - [1908 octets] - [23/05/2024 16:07:47]
AdwCleaner[S06].txt - [1969 octets] - [23/05/2024 17:24:23]
AdwCleaner[C06].txt - [2159 octets] - [23/05/2024 17:24:46]
AdwCleaner[S07].txt - [2091 octets] - [23/05/2024 19:50:08]
AdwCleaner[C07].txt - [2281 octets] - [23/05/2024 19:51:11]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S08].txt ##########

Toto je OK.

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2D38CBB0-4F10-4657-A2CC-FDF8B0277695} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{56890929-C0CB-4CA9-8C92-4E4DFB5708E2} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\42077\Desktop\adwcleaner_8.4.2.exe:MBAM.Zone.Identifier [156]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Fix result of Farbar Recovery Scan Tool (x64) Version: 06-12-2024
Ran by 42077 (08-12-2024 18:31:46) Run:2
Running from C:\Users\42077\Desktop
Loaded Profiles: 42077
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2D38CBB0-4F10-4657-A2CC-FDF8B0277695} - System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{56890929-C0CB-4CA9-8C92-4E4DFB5708E2} => C:\Program Files (x86)\Google\GoogleUpdater\132.0.6833.0\updater.exe [5591136 2024-11-11] (Google LLC -> Google LLC)
C:\DumpStack.log.tmp
AlternateDataStreams: C:\Users\42077\Desktop\adwcleaner_8.4.2.exe:MBAM.Zone.Identifier [156]

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2D38CBB0-4F10-4657-A2CC-FDF8B0277695}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2D38CBB0-4F10-4657-A2CC-FDF8B0277695}" => removed successfully
C:\Windows\System32\Tasks\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{56890929-C0CB-4CA9-8C92-4E4DFB5708E2} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleSystem\GoogleUpdater\GoogleUpdaterTaskSystem132.0.6833.0{56890929-C0CB-4CA9-8C92-4E4DFB5708E2}" => removed successfully
Could not move "C:\DumpStack.log.tmp" => Scheduled to move on reboot.
C:\Users\42077\Desktop\adwcleaner_8.4.2.exe => ":MBAM.Zone.Identifier" ADS removed successfully

=========== EmptyTemp: ==========

FlushDNS => completed
BITS transfer queue => 0 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8451572 B
Java, Discord, Steam htmlcache, WinHttpAutoProxySvc/winhttp *.cache => 0 B
Windows/system/drivers => 13638380 B
Edge => 0 B
Chrome => 28923702 B
Firefox => 12637095 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 87 B
systemprofile32 => 87 B
LocalService => 15943 B
NetworkService => 15943 B
42077 => 22916005 B

RecycleBin => 2395136 B
EmptyTemp: => 84.9 MB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-12-2024 18:32:42)

C:\DumpStack.log.tmp => Could not move

==== End of Fixlog 18:32:43 ====

Smazáno. Nastala změna k lepšímu?

Ano, zdá se to být svižnější. Mockrát děkuji.

Rádo se stalo!