Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Pomaly počítač, mrzne už dlhšiu dobu

Máte problém s virem? Vložte sem log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Pomaly počítač, mrzne už dlhšiu dobu

#1 Příspěvek od onlinetip »

Prosím o kontrolu logu, ďakujem.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by peter (17-09-2021 16:44:31)
Running from C:\Users\peter\Desktop
Windows 10 Home Version 20H2 19042.1165 (X64) (2021-03-14 15:16:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-123821111-4108638035-923771172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-123821111-4108638035-923771172-503 - Limited - Disabled)
Guest (S-1-5-21-123821111-4108638035-923771172-501 - Limited - Disabled)
peter (S-1-5-21-123821111-4108638035-923771172-1000 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-123821111-4108638035-923771172-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
ALFA plus 7.52.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{EB0F418B-0C48-4F31-A02E-5C56A6AE9307}) (Version: 7.52.00 - KROS a.s.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez (HKLM-x32\...\Call of Juarez_is1) (Version: 1.0 - US-Action, s.r.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Colora (HKLM-x32\...\{7B8239D5-22CC-49CF-86BA-FBB205042AF6}) (Version: 0.1.0 - Bluegrams)
Commandos: Behind Enemy Lines SK (HKLM-x32\...\Commandos: Behind Enemy Lines SK) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
f.lux (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Flux) (Version: - f.lux Software LLC)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.89.530 - Digital Wave Ltd)
Free Video Cutter Joiner 10.6 (HKLM-x32\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.6 - DVDVideoMedia, Inc.)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Kodi) (Version: - XBMC-Foundation)
Lexmark Universal v2 XL Print Driver (HKLM\...\{2A0FA2A8-C235-4B4D-B4E1-5487A1E83847}) (Version: 2.12.0.0 - Lexmark International, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.47 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 92.0 (x64 sk)) (Version: 92.0 - Mozilla)
Mozilla Firefox 56.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 56.0.2 (x64 sk)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
MP3Resizer 1.9.2 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Packeta Device Server (HKLM-x32\...\PacketaDeviceServer) (Version: 1.1.1.0 - Packeta s.r.o.)
Podpora pre zákazníkov (HKLM-x32\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTime Picture Convertor 6 verzia 6.92 (HKLM-x32\...\{5462C7B2-78DE-4924-9978-516F0CC47D41}_is1) (Version: 6.92 - DExUS - Dalibor Bartoš)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - Lexmark International Printer (01/10/2016 2.12.0.0) (HKLM\...\A304A687939DA8C7818531866D7836BC794F8545) (Version: 01/10/2016 2.12.0.0 - Lexmark International)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xerox WorkCentre 3045NI (HKLM-x32\...\{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox)
Zoom (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\ZoomUMX) (Version: 5.5.0 (12454.0131) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2017-03-10 01:56 - 2017-03-10 01:56 - 000210944 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoJSON.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000728064 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNet.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000324096 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoUtil.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000413696 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoXML.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000088064 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoCrypto.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoFoundation.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000187392 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNetSSL.dll
2010-12-17 15:46 - 2010-12-17 15:46 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2015-08-31 20:57 - 2015-10-12 05:04 - 001710752 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2017-03-10 01:15 - 2017-03-10 01:15 - 000111104 _____ (Opticon Sensors Europe BV) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\CSP2.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001367552 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\LIBEAY32.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000337408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-123821111-4108638035-923771172-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2010-12-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: FirebirdServerKROS_20400 => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: XRNADB => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ALFA plus - rýchle spustenie.lnk => C:\Windows\pss\ALFA plus - rýchle spustenie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odmenovac.appref-ms => C:\Windows\pss\Odmenovac.appref-ms.Startup
MSCONFIG\startupreg: 3045NI RUN => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Launcher3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 3045NI
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StatusAutoRun3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 3045NI,hide,\S
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D1444CF2-B193-4F97-A3E8-AB4700E2C575}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F07C5565-98A1-43C4-BE66-92D04C3D3E06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D0C285D3-4F8F-41E6-8C09-E14726071C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6B92E39-774D-4438-A672-7A6FC468B808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CEA2E11-4FD7-4AF8-B1A3-7C53B3DEBE9E}] => (Allow) C:\Users\peter\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{337765A6-0DFB-41BF-B536-F8D881523CCE}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [TCP Query User{EDFE2DC2-7FE2-4EFB-9D65-9ABC718559B6}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [{62A42806-980B-4137-BBE0-6546E1A9B12A}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{3C405C40-6FAC-4096-BA70-5C88FD177165}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{E74C37A9-6E7F-490E-ADC2-1FF074210E2D}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{520B6119-79C6-4E1B-9A15-597F12FA28B3}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FF3006EF-8101-4F17-8EBC-6A9AF154508B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{B8EAFE19-EBF5-42E9-873F-D3918D4F943B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FA2D393C-DA42-4327-BFE1-6EE18CEA3AAA}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{F4EB0303-4783-4238-91C7-3C04751B4B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B28866B-C3CA-4CEF-B96D-8BACE06D0367}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF99A901-57B8-4615-91D9-CE40EC1E32D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{C2477080-E51A-464C-96D4-6FF046713CEB}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{611508AB-D3FD-472D-95C3-967B084BED56}] => (Allow) LPort=20402
FirewallRules: [{D157DB10-A53B-4A9C-803B-854F85B446FF}] => (Allow) LPort=20401
FirewallRules: [{D6726B64-0E08-4502-9744-C8B68020E9CA}] => (Allow) LPort=20400
FirewallRules: [{E69BE5B5-DC56-4CE5-9656-8A83310AF8C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9A905B47-FD48-4B18-A684-FF699CC93730}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{3302DEDE-B04D-441B-8668-BECF29BB7B34}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{5927547F-AA6A-466B-BC9D-82B43C412F17}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{110DDE8E-B954-4197-8257-91DB3D361F68}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0E2CE7F1-35BA-4066-AA92-6E58BFF305D5}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{90E66651-F8F2-484D-BFAA-4056BA6F7A78}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [{3748C6E9-87E8-491F-99B8-9628F13FB2C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{451D44B1-FBB5-4E20-A769-C461A0BB3533}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDA9A3DB-2E6F-4C21-97D8-80AD523FB158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D826451-9CE6-471D-A763-65440CAFCFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E180BE5C-FE22-461C-BF9E-ADE295424D99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1854D8B6-0C4C-46FE-9DD7-59E4A0645ECF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BE152E5-1D09-4E24-B367-4EC5D4B88E14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C448ED72-1356-4EFA-B615-A583736A0086}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B47D21F-C9FD-4431-8EFB-C93F56F38309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{493EB774-B831-48D0-A695-58A08469BF28}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [UDP Query User{F1140574-703D-47F9-8B6A-84B9A22E3DBF}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [{B6A37A52-4A75-4EC5-87AC-3B4DCF152275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88868B2-37E8-44D1-8A54-BB2426689FCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF2515A5-F688-49C7-91F9-A1E4D5D052DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632BA697-41F2-436E-85C0-7E94FD403CC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:112.18 GB) (Free:52.58 GB) (47%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/17/2021 04:31:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SecHealthUI.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 26a4

Start Time: 01d7abd09fb1f0a4

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

Report Id: 164c5dd8-a9ae-4461-882f-a8d8bde074bc

Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: SecHealthUI

Hang type: Cross-process

Error: (09/17/2021 04:26:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (09/17/2021 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23d3213e
Faulting process id: 0x17b0
Faulting application start time: 0x01d7abc5636074d7
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 62ef59dc-ff7c-4690-a488-83f0b23e6d15
Faulting package full name:
Faulting package-relative application ID:

Error: (09/17/2021 08:22:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Faulting module name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Exception code: 0xc0000409
Fault offset: 0x0000000000c4c455
Faulting process id: 0xcf8
Faulting application start time: 0x01d7ab8c46d24028
Faulting application path: C:\Program Files\CCleaner\CCleaner64.exe
Faulting module path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: b1f3092d-7b21-41ee-8ca8-d9d5f012f93c
Faulting package full name:
Faulting package-relative application ID:

Error: (09/17/2021 08:19:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23cd20d6
Faulting process id: 0x17b8
Faulting application start time: 0x01d7ab8bea244097
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 8b7c4f6c-22c6-4d12-be8d-3d4b37bc643a
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 08:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23b523ae
Faulting process id: 0x15c0
Faulting application start time: 0x01d7ab254305d36d
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 4107a3d4-c152-4c0a-97e1-5c1433952be2
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 11:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23bc2306
Faulting process id: 0x175c
Faulting application start time: 0x01d7aaddbc8bb1d1
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 40641643-a1c1-493d-b8b3-ed70b6b373f1
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 09:04:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Program Files\Microsoft Security Client\Antimalware\NisPerformanceProvider.dll" (Win32 error code 126).


System errors:
=============
Error: (09/16/2021 08:51:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.

Error: (09/12/2021 08:35:54 PM) (Source: DCOM) (EventID: 10010) (User: peter-PC)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (09/09/2021 07:36:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/08/2021 07:57:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/07/2021 08:59:26 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (09/07/2021 07:22:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2021-09-16 12:04:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 19:47:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 09:19:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 08:42:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-12 20:24:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-15 11:51:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.464.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-13 08:39:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.325.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2021-09-17 16:01:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A09 11/18/2011
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 6038.16 MB
Available physical RAM: 2199.48 MB
Total Virtual: 12182.16 MB
Available Virtual: 7384.31 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:112.18 GB) (Free:52.58 GB) NTFS
Drive d: () (Fixed) (Total:585.84 GB) (Free:32.74 GB) NTFS

\\?\Volume{5f14c644-c575-11e4-a57f-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{07f2837e-0000-0000-0000-6087ae000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=532 MB) - (Type=27)

==================== End of Addition.txt =======================

onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Re: Pomaly počítač, mrzne už dlhšiu dobu

#2 Příspěvek od onlinetip »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by peter (17-09-2021 16:57:15)
Running from C:\Users\peter\Desktop
Windows 10 Home Version 20H2 19042.1165 (X64) (2021-03-14 15:16:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-123821111-4108638035-923771172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-123821111-4108638035-923771172-503 - Limited - Disabled)
Guest (S-1-5-21-123821111-4108638035-923771172-501 - Limited - Disabled)
peter (S-1-5-21-123821111-4108638035-923771172-1000 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-123821111-4108638035-923771172-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
ALFA plus 7.52.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{EB0F418B-0C48-4F31-A02E-5C56A6AE9307}) (Version: 7.52.00 - KROS a.s.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez (HKLM-x32\...\Call of Juarez_is1) (Version: 1.0 - US-Action, s.r.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Colora (HKLM-x32\...\{7B8239D5-22CC-49CF-86BA-FBB205042AF6}) (Version: 0.1.0 - Bluegrams)
Commandos: Behind Enemy Lines SK (HKLM-x32\...\Commandos: Behind Enemy Lines SK) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
f.lux (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Flux) (Version: - f.lux Software LLC)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.89.530 - Digital Wave Ltd)
Free Video Cutter Joiner 10.6 (HKLM-x32\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.6 - DVDVideoMedia, Inc.)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Kodi) (Version: - XBMC-Foundation)
Lexmark Universal v2 XL Print Driver (HKLM\...\{2A0FA2A8-C235-4B4D-B4E1-5487A1E83847}) (Version: 2.12.0.0 - Lexmark International, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.47 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 92.0 (x64 sk)) (Version: 92.0 - Mozilla)
Mozilla Firefox 56.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 56.0.2 (x64 sk)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
MP3Resizer 1.9.2 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Packeta Device Server (HKLM-x32\...\PacketaDeviceServer) (Version: 1.1.1.0 - Packeta s.r.o.)
Podpora pre zákazníkov (HKLM-x32\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTime Picture Convertor 6 verzia 6.92 (HKLM-x32\...\{5462C7B2-78DE-4924-9978-516F0CC47D41}_is1) (Version: 6.92 - DExUS - Dalibor Bartoš)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - Lexmark International Printer (01/10/2016 2.12.0.0) (HKLM\...\A304A687939DA8C7818531866D7836BC794F8545) (Version: 01/10/2016 2.12.0.0 - Lexmark International)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xerox WorkCentre 3045NI (HKLM-x32\...\{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox)
Zoom (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\ZoomUMX) (Version: 5.5.0 (12454.0131) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2017-03-10 01:56 - 2017-03-10 01:56 - 000210944 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoJSON.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000728064 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNet.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000324096 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoUtil.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000413696 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoXML.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000088064 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoCrypto.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoFoundation.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000187392 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNetSSL.dll
2010-12-17 15:46 - 2010-12-17 15:46 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2015-08-31 20:57 - 2015-10-12 05:04 - 001710752 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2017-03-10 01:15 - 2017-03-10 01:15 - 000111104 _____ (Opticon Sensors Europe BV) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\CSP2.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001367552 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\LIBEAY32.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000337408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-123821111-4108638035-923771172-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2010-12-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: FirebirdServerKROS_20400 => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: XRNADB => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ALFA plus - rýchle spustenie.lnk => C:\Windows\pss\ALFA plus - rýchle spustenie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odmenovac.appref-ms => C:\Windows\pss\Odmenovac.appref-ms.Startup
MSCONFIG\startupreg: 3045NI RUN => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Launcher3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 3045NI
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StatusAutoRun3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 3045NI,hide,\S
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D1444CF2-B193-4F97-A3E8-AB4700E2C575}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F07C5565-98A1-43C4-BE66-92D04C3D3E06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D0C285D3-4F8F-41E6-8C09-E14726071C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6B92E39-774D-4438-A672-7A6FC468B808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CEA2E11-4FD7-4AF8-B1A3-7C53B3DEBE9E}] => (Allow) C:\Users\peter\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{337765A6-0DFB-41BF-B536-F8D881523CCE}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [TCP Query User{EDFE2DC2-7FE2-4EFB-9D65-9ABC718559B6}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [{62A42806-980B-4137-BBE0-6546E1A9B12A}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{3C405C40-6FAC-4096-BA70-5C88FD177165}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{E74C37A9-6E7F-490E-ADC2-1FF074210E2D}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{520B6119-79C6-4E1B-9A15-597F12FA28B3}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FF3006EF-8101-4F17-8EBC-6A9AF154508B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{B8EAFE19-EBF5-42E9-873F-D3918D4F943B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FA2D393C-DA42-4327-BFE1-6EE18CEA3AAA}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{F4EB0303-4783-4238-91C7-3C04751B4B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B28866B-C3CA-4CEF-B96D-8BACE06D0367}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF99A901-57B8-4615-91D9-CE40EC1E32D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{C2477080-E51A-464C-96D4-6FF046713CEB}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{611508AB-D3FD-472D-95C3-967B084BED56}] => (Allow) LPort=20402
FirewallRules: [{D157DB10-A53B-4A9C-803B-854F85B446FF}] => (Allow) LPort=20401
FirewallRules: [{D6726B64-0E08-4502-9744-C8B68020E9CA}] => (Allow) LPort=20400
FirewallRules: [{E69BE5B5-DC56-4CE5-9656-8A83310AF8C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9A905B47-FD48-4B18-A684-FF699CC93730}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{3302DEDE-B04D-441B-8668-BECF29BB7B34}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{5927547F-AA6A-466B-BC9D-82B43C412F17}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{110DDE8E-B954-4197-8257-91DB3D361F68}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0E2CE7F1-35BA-4066-AA92-6E58BFF305D5}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{90E66651-F8F2-484D-BFAA-4056BA6F7A78}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [{3748C6E9-87E8-491F-99B8-9628F13FB2C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{451D44B1-FBB5-4E20-A769-C461A0BB3533}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDA9A3DB-2E6F-4C21-97D8-80AD523FB158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D826451-9CE6-471D-A763-65440CAFCFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E180BE5C-FE22-461C-BF9E-ADE295424D99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1854D8B6-0C4C-46FE-9DD7-59E4A0645ECF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BE152E5-1D09-4E24-B367-4EC5D4B88E14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C448ED72-1356-4EFA-B615-A583736A0086}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B47D21F-C9FD-4431-8EFB-C93F56F38309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{493EB774-B831-48D0-A695-58A08469BF28}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [UDP Query User{F1140574-703D-47F9-8B6A-84B9A22E3DBF}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [{B6A37A52-4A75-4EC5-87AC-3B4DCF152275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88868B2-37E8-44D1-8A54-BB2426689FCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF2515A5-F688-49C7-91F9-A1E4D5D052DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632BA697-41F2-436E-85C0-7E94FD403CC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:112.18 GB) (Free:52.58 GB) (47%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/17/2021 04:31:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SecHealthUI.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 26a4

Start Time: 01d7abd09fb1f0a4

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

Report Id: 164c5dd8-a9ae-4461-882f-a8d8bde074bc

Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: SecHealthUI

Hang type: Cross-process

Error: (09/17/2021 04:26:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (09/17/2021 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23d3213e
Faulting process id: 0x17b0
Faulting application start time: 0x01d7abc5636074d7
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 62ef59dc-ff7c-4690-a488-83f0b23e6d15
Faulting package full name:
Faulting package-relative application ID:

Error: (09/17/2021 08:22:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Faulting module name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Exception code: 0xc0000409
Fault offset: 0x0000000000c4c455
Faulting process id: 0xcf8
Faulting application start time: 0x01d7ab8c46d24028
Faulting application path: C:\Program Files\CCleaner\CCleaner64.exe
Faulting module path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: b1f3092d-7b21-41ee-8ca8-d9d5f012f93c
Faulting package full name:
Faulting package-relative application ID:

Error: (09/17/2021 08:19:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23cd20d6
Faulting process id: 0x17b8
Faulting application start time: 0x01d7ab8bea244097
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 8b7c4f6c-22c6-4d12-be8d-3d4b37bc643a
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 08:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23b523ae
Faulting process id: 0x15c0
Faulting application start time: 0x01d7ab254305d36d
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 4107a3d4-c152-4c0a-97e1-5c1433952be2
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 11:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23bc2306
Faulting process id: 0x175c
Faulting application start time: 0x01d7aaddbc8bb1d1
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 40641643-a1c1-493d-b8b3-ed70b6b373f1
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 09:04:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Program Files\Microsoft Security Client\Antimalware\NisPerformanceProvider.dll" (Win32 error code 126).


System errors:
=============
Error: (09/16/2021 08:51:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.

Error: (09/12/2021 08:35:54 PM) (Source: DCOM) (EventID: 10010) (User: peter-PC)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (09/09/2021 07:36:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/08/2021 07:57:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/07/2021 08:59:26 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (09/07/2021 07:22:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2021-09-16 12:04:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 19:47:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 09:19:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 08:42:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-12 20:24:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-15 11:51:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.464.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-13 08:39:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.325.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2021-09-17 16:01:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A09 11/18/2011
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 65%
Total physical RAM: 6038.16 MB
Available physical RAM: 2090.04 MB
Total Virtual: 12182.16 MB
Available Virtual: 7283.81 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:112.18 GB) (Free:52.58 GB) NTFS
Drive d: () (Fixed) (Total:585.84 GB) (Free:32.74 GB) NTFS

\\?\Volume{5f14c644-c575-11e4-a57f-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{07f2837e-0000-0000-0000-6087ae000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=532 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly počítač, mrzne už dlhšiu dobu

#3 Příspěvek od Rudy »

Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Re: Pomaly počítač, mrzne už dlhšiu dobu

#4 Příspěvek od onlinetip »

Urobil som chybu, nakoľko som dal repair and clean a potom som odinštaloval program. Následne už nový scan nedáva žiadne chyby. "Log "AdwCleaner[Cxx].txt)" sa nenachádza v zložke. Je možné teraz ešte nejak sa k tomu dostať? Prípadne vyskúšať niečo iné? Ďakujem za bližšie info

Rudy píše: 17 zář 2021 16:50 Zdravím!
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly počítač, mrzne už dlhšiu dobu

#5 Příspěvek od Rudy »

OK, netřeba. Dejte ale pro jistotu nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Re: Pomaly počítač, mrzne už dlhšiu dobu

#6 Příspěvek od onlinetip »

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 15-09-2021
Ran by peter (administrator) on PETER-PC (Dell Inc. Dell System Inspiron N7110) (17-09-2021 18:55:24)
Running from C:\Users\peter\Desktop
Loaded Profiles: peter
Platform: Windows 10 Home Version 20H2 19042.1165 (X64) Language: English (United States)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files (x86)\Packeta\Watcher\PacketaWatcher.exe
(Adobe Inc. -> Adobe Inc.) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Andrea Electronics -> Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(F.lux Software LLC -> f.lux Software LLC) C:\Users\peter\AppData\Local\FluxSoftware\Flux\flux.exe
(Firebird Project) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe
(Hewlett-Packard Company -> HP) C:\Windows\System32\HPSIsvc.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe <2>
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.MSPaint_6.2105.4017.0_x64__8wekyb3d8bbwe\PaintStudio.View.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\oobe\UserOOBEBroker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <14>
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvtray.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display\nvxdsync.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Windows\System32\nvvsvc.exe
(Packeta s.r.o. -> ) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6561384 2010-12-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [708952 2013-07-08] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [PacketaWatcher] => C:\Program Files (x86)\Packeta\Watcher\PacketaWatcher.exe [1505280 2017-06-25] () [File not signed]
HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Run: [f.lux] => C:\Users\peter\AppData\Local\FluxSoftware\Flux\flux.exe [1515848 2021-06-18] (F.lux Software LLC -> f.lux Software LLC)
HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIR4E.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\...\Windows x64\Print Processors\HPM1210PrintProc: C:\Windows\System32\spool\prtprocs\x64\HPM1210PP.dll [74240 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Windows x64\Print Processors\LMABBM4C: C:\Windows\System32\spool\prtprocs\x64\LMABBM4C.DLL [72192 2007-05-21] (Microsoft Windows Hardware Compatibility Publisher -> Lexmark International Inc.)
HKLM\...\Windows x64\Print Processors\xrfr4aPPS: C:\Windows\System32\spool\prtprocs\x64\xrfr4aPP.dll [32256 2011-05-10] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Windows x64\Print Processors\xrhr4apps: C:\Windows\System32\spool\prtprocs\x64\xrhr4apps.dll [33280 2012-03-15] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Brother QL-700 Monitor: C:\Windows\system32\BSQ70L.DLL [68608 2017-03-01] (Microsoft Windows Hardware Compatibility Publisher -> Brother Industries, Ltd.)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [183296 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\HPM1210LM: C:\Windows\system32\HPM1210LM.DLL [409088 2012-09-29] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\...\Print\Monitors\Xerox WorkCentre 3045NI FAX Language Monitor: C:\Windows\system32\xrfr4aLM.DLL [29696 2011-10-11] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox WorkCentre 3045NI Language Monitor: C:\Windows\system32\xrhr4aLM.DLL [22528 2012-03-09] (Microsoft Windows Hardware Compatibility Publisher -> )
HKLM\Software\Microsoft\Active Setup\Installed Components: [{2D46B6DC-2207-486B-B523-A557E6D54B47}] -> C:\Windows\system32\cmd.exe /D /C start C:\Windows\system32\ie4uinit.exe -ClearIconCache
HKLM\Software\Wow6432Node\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2021-09-09] (Adobe Inc. -> Adobe Systems, Inc.)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04604254-4173-43EC-B2FE-33F7006440A0} - System32\Tasks\Microsoft\Windows\Media Center\PvrRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {050E8B03-367E-47F8-9C86-69FF1ED79B57} - System32\Tasks\Microsoft\Windows\Media Center\ActivateWindowsSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {06E82414-87AC-4E36-B659-DEE0A44E9F39} - System32\Tasks\Microsoft\Windows\Media Center\SqlLiteRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {080FCFD3-DB33-409A-BDDB-5CF0CD2A4FC3} - System32\Tasks\Microsoft\Windows\Media Center\MediaCenterRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {09CB426B-5304-4698-B68E-057A48A362BC} - System32\Tasks\Microsoft\Windows\SideShow\SessionAgent => {45F26E9E-6199-477F-85DA-AF1EDfE067B1}
Task: {15E2888D-D2B8-46D7-9396-6732D68B2209} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {24A00206-8A2E-43BB-B472-29E3C554526E} - System32\Tasks\Microsoft\Microsoft Antimalware\MP Scheduled Scan => C:\Program Files\Microsoft Security Client\Antimalware\MpCmdRun.exe
Task: {384BD940-F1F3-4082-A41D-D5CE2835CC99} - System32\Tasks\Microsoft\Windows\Media Center\OCURActivate => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {3CC30511-B071-41E1-B46A-1A63659CAAA0} - System32\Tasks\Microsoft\Windows\End Of Support\Notify1 => C:\WINDOWS\system32\sipnotify.exe
Task: {3E1ADC47-227F-4BEE-8F53-34ED8D178F67} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {486D715E-6AA2-44CF-BC48-B6990CBB53C6} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControlsMigration => {343D770D-7788-47c2-B62A-B7C4CED925CB}
Task: {48F6F25F-82BA-460D-BA28-1EDD8AE0AC6A} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {4CE9CA18-F04B-41DF-8871-A55A9262884E} - System32\Tasks\Microsoft\Windows\Media Center\RecordingRestart => C:\WINDOWS\ehome\ehrec.exe
Task: {505DDA16-97FB-4E08-92BD-CF163A2FD152} - System32\Tasks\Microsoft\Windows\MobilePC\HotStart => {06DA0625-9701-43da-BFD7-FBEEA2180A1E}
Task: {538049FE-5EDA-4C46-B6C1-0BBFD91485E4} - System32\Tasks\Microsoft\Windows\End Of Support\Notify2 => C:\WINDOWS\system32\sipnotify.exe
Task: {592E0091-87B9-4C8E-887A-61A0F5C07839} - System32\Tasks\Microsoft\Windows\Media Center\ehDRMInit => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {5B42DD9C-5A26-4F27-BB95-34603F0997E5} - System32\Tasks\Microsoft\Windows\Shell\WindowsParentalControls => {DFA14C43-F385-4170-99CC-1B7765FA0E4A}
Task: {5FF97D41-2953-49D5-B77B-A6D3C0A81FC5} - System32\Tasks\{E2BE5565-3DC8-0D54-24BE-E0FC76387163} => C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe [167988224 2017-02-23] () [File not signed] <==== ATTENTION
Task: {617FEB59-96EA-41E1-AEAE-FE24E88530CA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {663E390A-2F61-4022-BFFA-451A39ECB612} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {69BACDB3-5860-459B-87A5-C90B48AE197B} - System32\Tasks\Microsoft\Windows\SideShow\SystemDataProviders => {7CCA6768-8373-4D28-8876-83E8B4E3A969}
Task: {6BF294AF-4A16-4CAF-BEEC-4310FC63D905} - System32\Tasks\Microsoft\Windows\Media Center\RegisterSearch => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7062160A-2841-4B71-BDC0-274D3688C3B4} - System32\Tasks\Microsoft\Windows\Media Center\PeriodicScanRetry => C:\WINDOWS\ehome\MCUpdate.exe
Task: {74628EDB-6894-4043-ACB2-5F77B0147B61} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-09-10] (Piriform Software Ltd -> Piriform)
Task: {7A64EB59-9A3F-444C-B222-E00915A016AB} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {7A686E2D-58D4-4F38-A194-A1F0BA0C906E} - System32\Tasks\CCleanerSkipUAC - peter => C:\Program Files\CCleaner\CCleaner.exe [29155968 2021-09-10] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {93756C0A-8C70-403C-8C96-EB27AF047E0F} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW2 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A24A966C-E343-4240-B7E4-A32378CF4644} - System32\Tasks\Microsoft\Windows\Media Center\OCURDiscovery => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {A8BD117F-E9A7-49B4-B344-D5474D134C9F} - System32\Tasks\Microsoft\Windows\Media Center\PvrScheduleTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {ADA4CBFB-AD7E-476A-8CF6-9E94765945E3} - System32\Tasks\Microsoft\Windows\Media Center\InstallPlayReady => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B0CBAB43-44FC-469B-A4CE-87426761FDCE} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40b4-8963-D3C761B18371}
Task: {B13CAAB3-298C-4043-BC40-5D71C2A19548} - System32\Tasks\Microsoft\Windows\Media Center\ReindexSearchRoot => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {B2575889-26F3-4C68-B5FB-26467A351164} - System32\Tasks\Microsoft\Windows\Media Center\StartRecording => C:\WINDOWS\ehome\ehrec.exe
Task: {B95B70A6-C4D3-42F9-9784-A39B14288EEE} - System32\Tasks\EPSON L3050 Series Update {424BC924-CAB7-40B9-9CB2-FEAAEFD91C9C} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {BA348972-E5E5-43E4-8979-DF79218C4730} - System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-123821111-4108638035-923771172-500 => C:\Users\peter\AppData\Local\Microsoft\OneDrive\OneDriveStandaloneUpdater.exe
Task: {BA6CB2EC-E371-4DBE-AEB0-0C8FEFBA10F1} - System32\Tasks\Microsoft\Windows\SideShow\GadgetManager => {FF87090D-4A9A-4f47-879B-29A80C355D61}
Task: {BAE5646D-5635-4A98-81C3-01C28EC6B0E9} - System32\Tasks\Microsoft\Windows\Media Center\UpdateRecordPath => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {BBB73C6A-2B5D-4A4A-843D-DCAA71415DCE} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
Task: {D0B4D8E6-C925-42E9-9D35-39F3D1A1A24A} - System32\Tasks\Microsoft\Windows\SideShow\AutoWake => {E51DFD48-AA36-4B45-BB52-E831F02E8316}
Task: {D6AFDAC9-E4C0-42CB-8F8D-A9D6CD9D1EA0} - System32\Tasks\Microsoft\Windows\Media Center\mcupdate => C:\WINDOWS\ehome\mcupdate.exe
Task: {E00FE3ED-FF01-4632-A0EF-9377008F7405} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1562376 2021-08-16] (Adobe Inc. -> Adobe Inc.)
Task: {E59C6282-4FB7-46F2-BF8A-0F9165E71D53} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MpCmdRun.exe [851472 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E81536D1-B687-4815-B912-BB59E3C65A6E} - System32\Tasks\Microsoft\Windows\Media Center\PBDADiscoveryW1 => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {E8B74A20-ADD0-444C-9186-A718609FE74E} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [680888 2021-09-08] (Mozilla Corporation -> Mozilla Foundation)
Task: {F446A45F-FE80-4B6A-B481-85302FF5A3F3} - System32\Tasks\Microsoft\Windows\Media Center\DispatchRecoveryTasks => C:\WINDOWS\ehome\ehPrivJob.exe
Task: {F9B0C78A-1284-40E5-ABB3-5122345E6BC4} - System32\Tasks\Microsoft\Windows\Media Center\ObjectStoreRecoveryTask => C:\WINDOWS\ehome\mcupdate.exe
Task: {FD620719-62D0-45FC-A494-D42F52938A3D} - System32\Tasks\Microsoft\Windows\Media Center\ConfigureInternetTimeService => C:\WINDOWS\ehome\ehPrivJob.exe

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\EPSON L3050 Series Update {424BC924-CAB7-40B9-9CB2-FEAAEFD91C9C}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE:/EXE:{424BC924-CAB7-40B9-9CB2-FEAAEFD91C9C} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

ProxyServer: [S-1-5-21-123821111-4108638035-923771172-1000] => http=127.0.0.1:8877;https=127.0.0.1:8877
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{0EB422EC-4A63-4C9E-9213-D442414AB01E}: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{D5150284-5E31-4BE8-BEBC-68711F036588}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{ED8B0971-15E8-42DF-9DE5-97642CA2997D}: [DhcpNameServer] 192.168.0.1

Edge:
=======
Edge Profile: C:\Users\peter\AppData\Local\Microsoft\Edge\User Data\Default [2021-09-17]

FireFox:
========
FF DefaultProfile: sol0vxul.default-1549525750002
FF ProfilePath: C:\Users\peter\AppData\Roaming\TomTom\HOME\Profiles\2wxoacwh.default [2015-09-29]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\sol0vxul.default-1549525750002 [2021-09-17]
FF Homepage: Mozilla\Firefox\Profiles\sol0vxul.default-1549525750002 -> hxxps://sk.wikipedia.org/wiki/Hlavn%C3%A1_str%C3%A1nka
FF Session Restore: Mozilla\Firefox\Profiles\sol0vxul.default-1549525750002 -> is enabled.
FF Extension: (To Google Translate) - C:\Users\peter\AppData\Roaming\Mozilla\Firefox\Profiles\sol0vxul.default-1549525750002\Extensions\jid1-93WyvpgvxzGATw@jetpack.xpi [2021-08-31]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_27_0_0_130.dll [2017-09-16] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_27_0_0_130.dll [2017-09-16] (Adobe Systems Incorporated -> )
FF Plugin-x32: @java.com/DTPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\dtplugin\npDeployJava1.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.121.2 -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\plugin2\npjp2.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-09-09] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169728 2021-08-16] (Adobe Inc. -> Adobe Inc.)
R2 AERTFilters; C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe [98208 2009-11-17] (Andrea Electronics -> Andrea Electronics Corporation)
S4 Atheros Bt&Wlan Coex Agent; C:\Program Files (x86)\Dell Wireless\Ath_CoexAgent.exe [151552 2010-10-01] (Atheros) [File not signed]
S4 DigitalWave.Update.Service; C:\Program Files (x86)\Common Files\DVDVideoSoft\lib\app_updater.exe [387944 2016-05-30] (Digital Wave Ltd -> Digital Wave Ltd.) [File not signed]
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 FirebirdServerKROS_20400; C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\fbserver.exe [3764224 2011-10-11] (Firebird Project) [File not signed]
R2 HPSIService; C:\Windows\system32\HPSIsvc.exe [126856 2012-11-08] (Hewlett-Packard Company -> HP)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7785656 2021-09-17] (Malwarebytes Inc -> Malwarebytes)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12835096 2021-01-28] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\NisSrv.exe [2772856 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2108.7-0\MsMpEng.exe [136640 2021-09-08] (Microsoft Windows Publisher -> Microsoft Corporation)
S4 XRNADB; C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmdb.exe [95744 2012-01-03] () [File not signed]
S4 uhssvc; "C:\Program Files\Microsoft Update Health Tools\uhssvc.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-09-17] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
S3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-09-17] (Malwarebytes Inc -> Malwarebytes)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [48536 2021-09-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [433384 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [86264 2021-09-08] (Microsoft Windows -> Microsoft Corporation)
U3 idsvc; no ImagePath

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 18:55 - 2021-09-17 19:01 - 000020929 _____ C:\Users\peter\Desktop\FRST.txt
2021-09-17 17:57 - 2021-09-17 17:57 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-09-17 17:57 - 2021-09-17 17:57 - 000002033 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-09-17 17:57 - 2021-09-17 17:57 - 000002021 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2021-09-17 17:56 - 2021-09-17 17:55 - 000160176 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2021-09-17 17:56 - 2021-09-17 17:55 - 000019912 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2021-09-17 17:55 - 2021-09-17 17:55 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-09-17 17:54 - 2021-09-17 17:54 - 002101944 _____ (Malwarebytes) C:\Users\peter\Desktop\MBSetup-119967.119967-consumer.exe
2021-09-17 16:32 - 2021-09-17 19:00 - 000000000 ____D C:\FRST
2021-09-17 16:29 - 2021-09-17 16:29 - 002304000 _____ (Farbar) C:\Users\peter\Desktop\FRST64.exe
2021-09-17 16:01 - 2021-09-17 16:01 - 000000000 ____D C:\Users\peter\AppData\Local\mbam
2021-09-17 15:58 - 2021-09-17 15:58 - 000000000 ____D C:\Program Files\Malwarebytes
2021-09-17 13:14 - 2021-09-17 13:15 - 000000000 ____D C:\Users\peter\Desktop\kniznica-krusetnica-2021
2021-09-17 13:06 - 2021-09-17 13:06 - 000528347 _____ C:\Users\peter\Desktop\obj10210403.Obec-Krušetnica.PDF
2021-09-16 14:03 - 2021-09-16 14:03 - 000526268 _____ C:\Users\peter\Desktop\obj10210401.Považská-knižnica.PDF
2021-09-16 08:42 - 2021-09-16 08:42 - 000000000 ___HD C:\$WinREAgent
2021-09-08 22:03 - 2021-09-09 21:41 - 000024800 _____ C:\Users\peter\Desktop\kniznica-zakamenne-leto-finalna-verzia.xlsx
2021-09-08 08:04 - 2021-09-08 08:04 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-09-07 21:36 - 2021-09-07 21:36 - 000000000 ____D C:\Users\peter\Desktop\foto1
2021-09-07 18:38 - 2021-09-17 18:03 - 000000000 ____D C:\Program Files\CCleaner
2021-09-07 18:38 - 2021-09-14 18:02 - 000003936 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-09-07 18:38 - 2021-09-07 19:17 - 000000000 ____D C:\ProgramData\AVG
2021-09-07 18:38 - 2021-09-07 18:38 - 000002890 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC - peter
2021-09-07 18:38 - 2021-09-07 18:38 - 000000863 _____ C:\Users\Public\Desktop\CCleaner.lnk
2021-09-07 18:38 - 2021-09-07 18:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-09-07 18:23 - 2021-09-07 18:23 - 036337176 _____ (Piriform Software Ltd) C:\Users\peter\Desktop\ccsetup584.exe
2021-09-05 16:03 - 2021-09-16 14:03 - 000013617 _____ C:\Users\peter\Desktop\Považská-knižnica-september-2021.xlsx
2021-09-05 10:45 - 2021-09-05 10:45 - 000018679 _____ C:\Users\peter\Desktop\nekrova.gp5
2021-09-04 10:54 - 2005-06-11 14:47 - 000002774 _____ C:\Users\peter\Desktop\song2.gp4
2021-09-04 10:52 - 2008-09-28 16:24 - 000062400 _____ C:\Users\peter\Desktop\serenity.gp5
2021-09-01 19:08 - 2021-09-13 08:11 - 000000000 ____D C:\Users\peter\Desktop\Ten-z-mesta
2021-08-30 11:23 - 2021-08-30 11:23 - 000034678 _____ C:\Users\peter\Desktop\borgun_virtuemart3_v2.1.10.zip
2021-08-24 16:13 - 2021-08-24 16:13 - 000606487 _____ C:\Users\peter\Desktop\ING.Peter Balko_encrypted_.pdf
2021-08-23 13:43 - 2021-08-23 13:43 - 000000000 ___SD C:\Users\peter\Documents\Zdroje dat
2021-08-19 14:33 - 2021-08-19 14:34 - 000000053 _____ C:\Users\peter\Desktop\New Text Document.txt

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-09-17 18:54 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-09-17 17:56 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2021-09-17 17:53 - 2020-11-19 09:30 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-09-17 16:50 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2021-09-17 15:36 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-09-17 15:36 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-09-17 15:25 - 2015-03-08 12:09 - 000000000 ____D C:\ProgramData\Mozilla
2021-09-17 15:24 - 2016-11-16 15:06 - 000000000 ____D C:\Users\peter\AppData\LocalLow\Mozilla
2021-09-17 15:21 - 2021-03-15 10:36 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-09-17 15:14 - 2015-03-16 21:59 - 000000000 ____D C:\Users\peter\AppData\Local\CrashDumps
2021-09-17 15:12 - 2021-03-14 17:41 - 000000000 ____D C:\Users\peter\AppData\Local\Deployment
2021-09-17 15:10 - 2021-03-14 16:45 - 000008192 ___SH C:\DumpStack.log.tmp
2021-09-17 15:10 - 2020-11-19 09:30 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-09-17 13:20 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-09-17 13:16 - 2015-03-08 12:45 - 000000000 ____D C:\ProgramData\firebird
2021-09-16 09:04 - 2015-03-09 22:50 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-09-16 08:52 - 2015-03-09 22:50 - 135637312 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-09-16 08:46 - 2021-03-14 17:14 - 000004562 _____ C:\WINDOWS\system32\Tasks\Adobe Acrobat Update Task
2021-09-16 08:43 - 2015-11-17 10:58 - 000002136 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-09-13 21:17 - 2021-03-14 16:58 - 000938358 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-09-13 18:23 - 2020-11-19 09:32 - 000002438 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-09-13 18:23 - 2020-11-19 09:32 - 000002276 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-09-13 07:59 - 2021-03-14 17:16 - 000000000 ____D C:\Users\peter\AppData\Local\ConnectedDevicesPlatform
2021-09-12 19:10 - 2015-07-08 16:44 - 000065199 _____ C:\Users\peter\Desktop\vysledky_aktualizovane_2-3-2021.xlsx
2021-09-12 19:05 - 2020-11-19 09:33 - 000000000 __RHD C:\Users\Public\AccountPictures
2021-09-08 19:24 - 2020-11-19 09:30 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-09-08 12:30 - 2017-10-31 13:01 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-09-08 12:30 - 2016-10-10 08:27 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-09-08 08:04 - 2016-10-10 08:27 - 000000936 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-09-07 19:05 - 2021-02-01 11:57 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-09-07 19:05 - 2015-03-13 20:34 - 000000000 ____D C:\Users\peter\AppData\Roaming\Media Player Classic
2021-09-07 18:58 - 2021-03-14 14:03 - 000000000 ___DC C:\WINDOWS\Panther
2021-09-07 18:54 - 2016-11-16 12:26 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-09-07 18:46 - 2021-03-14 17:17 - 000000000 ____D C:\Users\peter\AppData\Local\Packages
2021-09-02 11:54 - 2016-01-20 19:08 - 000000477 _____ C:\Users\peter\Desktop\auraknihy_websuport.txt
2021-08-31 20:02 - 2016-09-09 09:48 - 000000600 _____ C:\Users\peter\AppData\Roaming\winscp.rnd
2021-08-31 13:06 - 2010-11-21 05:27 - 000803176 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2021-08-18 07:52 - 2020-11-19 09:32 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-08-18 07:52 - 2020-11-19 09:32 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore

==================== Files in the root of some directories ========

2019-10-06 13:16 - 2019-10-06 13:19 - 029662072 _____ (Microsoft Corporation) C:\Users\peter\IE7-WindowsServer2003-x64-enu.exe
2019-10-06 13:21 - 2019-10-06 13:21 - 014773280 _____ (Microsoft Corporation) C:\Users\peter\IE7-WindowsXP-x86-csy.exe
2019-08-29 15:15 - 2019-08-29 15:15 - 001556553 _____ (DExUS - Dalibor Bartoš ) C:\Users\peter\install.exe
2019-10-06 13:26 - 2019-10-06 13:27 - 016939888 _____ (Microsoft Corporation) C:\Users\peter\Internet Explorer 8.0 RC1.exe
2019-10-06 13:59 - 2019-10-06 14:00 - 044335120 _____ (Microsoft Corporation) C:\Users\peter\internet-explorer-10_1064-bit.exe
2015-03-13 20:09 - 2015-03-13 20:09 - 000559524 _____ (Top Games) C:\Users\peter\Return_to_Castle_Wolfenstein_Cz_Patch_1_1.exe
2017-01-18 20:29 - 2017-01-18 20:29 - 003351566 _____ () C:\Users\peter\AppData\Roaming\tor.exe
2016-09-09 09:48 - 2021-08-31 20:02 - 000000600 _____ () C:\Users\peter\AppData\Roaming\winscp.rnd

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================

onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Re: Pomaly počítač, mrzne už dlhšiu dobu

#7 Příspěvek od onlinetip »

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by peter (17-09-2021 19:05:35)
Running from C:\Users\peter\Desktop
Windows 10 Home Version 20H2 19042.1165 (X64) (2021-03-14 15:16:01)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


(If an entry is included in the fixlist, it will be removed.)

Administrator (S-1-5-21-123821111-4108638035-923771172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-123821111-4108638035-923771172-503 - Limited - Disabled)
Guest (S-1-5-21-123821111-4108638035-923771172-501 - Limited - Disabled)
peter (S-1-5-21-123821111-4108638035-923771172-1000 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-123821111-4108638035-923771172-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
ALFA plus 7.52.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{EB0F418B-0C48-4F31-A02E-5C56A6AE9307}) (Version: 7.52.00 - KROS a.s.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez (HKLM-x32\...\Call of Juarez_is1) (Version: 1.0 - US-Action, s.r.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Colora (HKLM-x32\...\{7B8239D5-22CC-49CF-86BA-FBB205042AF6}) (Version: 0.1.0 - Bluegrams)
Commandos: Behind Enemy Lines SK (HKLM-x32\...\Commandos: Behind Enemy Lines SK) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
f.lux (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Flux) (Version: - f.lux Software LLC)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.89.530 - Digital Wave Ltd)
Free Video Cutter Joiner 10.6 (HKLM-x32\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.6 - DVDVideoMedia, Inc.)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Kodi) (Version: - XBMC-Foundation)
Lexmark Universal v2 XL Print Driver (HKLM\...\{2A0FA2A8-C235-4B4D-B4E1-5487A1E83847}) (Version: 2.12.0.0 - Lexmark International, Inc.)
Malwarebytes version 4.4.6.132 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.4.6.132 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.47 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 92.0 (x64 sk)) (Version: 92.0 - Mozilla)
Mozilla Firefox 56.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 56.0.2 (x64 sk)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
MP3Resizer 1.9.2 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Packeta Device Server (HKLM-x32\...\PacketaDeviceServer) (Version: 1.1.1.0 - Packeta s.r.o.)
Podpora pre zákazníkov (HKLM-x32\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTime Picture Convertor 6 verzia 6.92 (HKLM-x32\...\{5462C7B2-78DE-4924-9978-516F0CC47D41}_is1) (Version: 6.92 - DExUS - Dalibor Bartoš)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - Lexmark International Printer (01/10/2016 2.12.0.0) (HKLM\...\A304A687939DA8C7818531866D7836BC794F8545) (Version: 01/10/2016 2.12.0.0 - Lexmark International)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xerox WorkCentre 3045NI (HKLM-x32\...\{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox)
Zoom (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\ZoomUMX) (Version: 5.5.0 (12454.0131) - Zoom Video Communications, Inc.)

Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-13] (Microsoft Corporation)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-09-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-09-17] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]

==================== Loaded Modules (Whitelisted) =============

2017-03-10 01:56 - 2017-03-10 01:56 - 000210944 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoJSON.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000728064 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNet.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000324096 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoUtil.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000413696 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoXML.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000088064 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoCrypto.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoFoundation.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000187392 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNetSSL.dll
2010-12-17 15:46 - 2010-12-17 15:46 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2015-08-31 20:57 - 2015-10-12 05:04 - 001710752 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2017-03-10 01:15 - 2017-03-10 01:15 - 000111104 _____ (Opticon Sensors Europe BV) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\CSP2.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001367552 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\LIBEAY32.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000337408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\SSLEAY32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-123821111-4108638035-923771172-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2010-12-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(If an entry is included in the fixlist, it will be removed.)

MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: FirebirdServerKROS_20400 => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: XRNADB => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ALFA plus - rýchle spustenie.lnk => C:\Windows\pss\ALFA plus - rýchle spustenie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odmenovac.appref-ms => C:\Windows\pss\Odmenovac.appref-ms.Startup
MSCONFIG\startupreg: 3045NI RUN => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Launcher3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 3045NI
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StatusAutoRun3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 3045NI,hide,\S
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{D1444CF2-B193-4F97-A3E8-AB4700E2C575}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F07C5565-98A1-43C4-BE66-92D04C3D3E06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D0C285D3-4F8F-41E6-8C09-E14726071C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6B92E39-774D-4438-A672-7A6FC468B808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CEA2E11-4FD7-4AF8-B1A3-7C53B3DEBE9E}] => (Allow) C:\Users\peter\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{337765A6-0DFB-41BF-B536-F8D881523CCE}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [TCP Query User{EDFE2DC2-7FE2-4EFB-9D65-9ABC718559B6}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [{62A42806-980B-4137-BBE0-6546E1A9B12A}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{3C405C40-6FAC-4096-BA70-5C88FD177165}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{E74C37A9-6E7F-490E-ADC2-1FF074210E2D}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{520B6119-79C6-4E1B-9A15-597F12FA28B3}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FF3006EF-8101-4F17-8EBC-6A9AF154508B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{B8EAFE19-EBF5-42E9-873F-D3918D4F943B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FA2D393C-DA42-4327-BFE1-6EE18CEA3AAA}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{F4EB0303-4783-4238-91C7-3C04751B4B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B28866B-C3CA-4CEF-B96D-8BACE06D0367}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF99A901-57B8-4615-91D9-CE40EC1E32D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{C2477080-E51A-464C-96D4-6FF046713CEB}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{611508AB-D3FD-472D-95C3-967B084BED56}] => (Allow) LPort=20402
FirewallRules: [{D157DB10-A53B-4A9C-803B-854F85B446FF}] => (Allow) LPort=20401
FirewallRules: [{D6726B64-0E08-4502-9744-C8B68020E9CA}] => (Allow) LPort=20400
FirewallRules: [{E69BE5B5-DC56-4CE5-9656-8A83310AF8C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9A905B47-FD48-4B18-A684-FF699CC93730}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{3302DEDE-B04D-441B-8668-BECF29BB7B34}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{5927547F-AA6A-466B-BC9D-82B43C412F17}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{110DDE8E-B954-4197-8257-91DB3D361F68}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0E2CE7F1-35BA-4066-AA92-6E58BFF305D5}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{90E66651-F8F2-484D-BFAA-4056BA6F7A78}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [{3748C6E9-87E8-491F-99B8-9628F13FB2C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{451D44B1-FBB5-4E20-A769-C461A0BB3533}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDA9A3DB-2E6F-4C21-97D8-80AD523FB158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D826451-9CE6-471D-A763-65440CAFCFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E180BE5C-FE22-461C-BF9E-ADE295424D99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1854D8B6-0C4C-46FE-9DD7-59E4A0645ECF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BE152E5-1D09-4E24-B367-4EC5D4B88E14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C448ED72-1356-4EFA-B615-A583736A0086}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B47D21F-C9FD-4431-8EFB-C93F56F38309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{493EB774-B831-48D0-A695-58A08469BF28}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [UDP Query User{F1140574-703D-47F9-8B6A-84B9A22E3DBF}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [{B6A37A52-4A75-4EC5-87AC-3B4DCF152275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88868B2-37E8-44D1-8A54-BB2426689FCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF2515A5-F688-49C7-91F9-A1E4D5D052DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632BA697-41F2-436E-85C0-7E94FD403CC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)

==================== Restore Points =========================

ATTENTION: System Restore is disabled (Total:112.18 GB) (Free:52.15 GB) (46%)

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (09/17/2021 04:31:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SecHealthUI.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.

Process ID: 26a4

Start Time: 01d7abd09fb1f0a4

Termination Time: 4294967295

Application Path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe

Report Id: 164c5dd8-a9ae-4461-882f-a8d8bde074bc

Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.19041.1023_neutral__cw5n1h2txyewy

Faulting package-relative application ID: SecHealthUI

Hang type: Cross-process

Error: (09/17/2021 04:26:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.

Error: (09/17/2021 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23d3213e
Faulting process id: 0x17b0
Faulting application start time: 0x01d7abc5636074d7
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 62ef59dc-ff7c-4690-a488-83f0b23e6d15
Faulting package full name:
Faulting package-relative application ID:

Error: (09/17/2021 08:22:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Faulting module name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Exception code: 0xc0000409
Fault offset: 0x0000000000c4c455
Faulting process id: 0xcf8
Faulting application start time: 0x01d7ab8c46d24028
Faulting application path: C:\Program Files\CCleaner\CCleaner64.exe
Faulting module path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: b1f3092d-7b21-41ee-8ca8-d9d5f012f93c
Faulting package full name:
Faulting package-relative application ID:

Error: (09/17/2021 08:19:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23cd20d6
Faulting process id: 0x17b8
Faulting application start time: 0x01d7ab8bea244097
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 8b7c4f6c-22c6-4d12-be8d-3d4b37bc643a
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 08:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23b523ae
Faulting process id: 0x15c0
Faulting application start time: 0x01d7ab254305d36d
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 4107a3d4-c152-4c0a-97e1-5c1433952be2
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 11:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23bc2306
Faulting process id: 0x175c
Faulting application start time: 0x01d7aaddbc8bb1d1
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 40641643-a1c1-493d-b8b3-ed70b6b373f1
Faulting package full name:
Faulting package-relative application ID:

Error: (09/16/2021 09:04:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Program Files\Microsoft Security Client\Antimalware\NisPerformanceProvider.dll" (Win32 error code 126).


System errors:
=============
Error: (09/16/2021 08:51:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.

Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.

Error: (09/12/2021 08:35:54 PM) (Source: DCOM) (EventID: 10010) (User: peter-PC)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.

Error: (09/09/2021 07:36:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/08/2021 07:57:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.

Error: (09/07/2021 08:59:26 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.

Error: (09/07/2021 07:22:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4


Windows Defender:
================
Date: 2021-09-17 17:10:17
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-17 17:03:07
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-16 12:04:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 19:47:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-13 09:19:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-15 11:51:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.464.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.

Date: 2021-08-13 08:39:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.325.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.

CodeIntegrity:
===============
Date: 2021-09-17 17:57:43
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.

Date: 2021-09-07 18:42:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.

Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Dell Inc. A09 11/18/2011
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 75%
Total physical RAM: 6038.16 MB
Available physical RAM: 1497.91 MB
Total Virtual: 12182.16 MB
Available Virtual: 6384.39 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:112.18 GB) (Free:52.15 GB) NTFS
Drive d: () (Fixed) (Total:585.84 GB) (Free:32.74 GB) NTFS

\\?\Volume{5f14c644-c575-11e4-a57f-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{07f2837e-0000-0000-0000-6087ae000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=532 MB) - (Type=27)

==================== End of Addition.txt =======================

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly počítač, mrzne už dlhšiu dobu

#8 Příspěvek od Rudy »

Otevřte poznámkový blok a zkopírujte do něj:
Start

CloseProcesses:
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {48F6F25F-82BA-460D-BA28-1EDD8AE0AC6A} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {5FF97D41-2953-49D5-B77B-A6D3C0A81FC5} - System32\Tasks\{E2BE5565-3DC8-0D54-24BE-E0FC76387163} => C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe [167988224 2017-02-23] () [File not signed] <==== ATTENTION
Task: {617FEB59-96EA-41E1-AEAE-FE24E88530CA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {BBB73C6A-2B5D-4A4A-843D-DCAA71415DCE} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
U3 idsvc; no ImagePath

EmptyTemp:
End
Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Re: Pomaly počítač, mrzne už dlhšiu dobu

#9 Příspěvek od onlinetip »

Fix result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by peter (20-09-2021 14:42:10) Run:1
Running from C:\Users\peter\Desktop
Loaded Profiles: peter
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
HKLM\Software\...\Authentication\Credential Providers: [{503739d0-4c5e-4cfd-b3ba-d881334f0df2}] ->
AppInit_DLLs: C:\Windows\system32\nvinitx.dll => No File
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {48F6F25F-82BA-460D-BA28-1EDD8AE0AC6A} - System32\Tasks\LaunchPreSignup => C:\Program Files (x86)\OLBPre\OLBPre.exe <==== ATTENTION
Task: {5FF97D41-2953-49D5-B77B-A6D3C0A81FC5} - System32\Tasks\{E2BE5565-3DC8-0D54-24BE-E0FC76387163} => C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe [167988224 2017-02-23] () [File not signed] <==== ATTENTION
Task: {617FEB59-96EA-41E1-AEAE-FE24E88530CA} - \Microsoft\Windows\Setup\EOSNotify2 -> No File <==== ATTENTION
Task: {BBB73C6A-2B5D-4A4A-843D-DCAA71415DCE} - \Microsoft\Windows\Setup\EOSNotify -> No File <==== ATTENTION
U3 idsvc; no ImagePath

EmptyTemp:
End
*****************

Processes closed successfully.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\WondershareVideoConverterFileOpreation => removed successfully
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9} => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{451C804F-C205-4F03-B48E-537EC94937BF} => removed successfully
HKLM\Software\Classes\PROTOCOLS\Handler\WSWSVCUchrome => removed successfully
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File) => Error: No automatic fix found for this entry.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Authentication\Credential Providers\{503739d0-4c5e-4cfd-b3ba-d881334f0df2}" => removed successfully
"C:\Windows\system32\nvinitx.dll" => Value data removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{48F6F25F-82BA-460D-BA28-1EDD8AE0AC6A}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{48F6F25F-82BA-460D-BA28-1EDD8AE0AC6A}" => removed successfully
C:\WINDOWS\System32\Tasks\LaunchPreSignup => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\LaunchPreSignup" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5FF97D41-2953-49D5-B77B-A6D3C0A81FC5}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5FF97D41-2953-49D5-B77B-A6D3C0A81FC5}" => removed successfully
C:\WINDOWS\System32\Tasks\{E2BE5565-3DC8-0D54-24BE-E0FC76387163} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{E2BE5565-3DC8-0D54-24BE-E0FC76387163}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{617FEB59-96EA-41E1-AEAE-FE24E88530CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{617FEB59-96EA-41E1-AEAE-FE24E88530CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify2" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{BBB73C6A-2B5D-4A4A-843D-DCAA71415DCE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{BBB73C6A-2B5D-4A4A-843D-DCAA71415DCE}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Setup\EOSNotify" => removed successfully
HKLM\System\CurrentControlSet\Services\idsvc => removed successfully
idsvc => service removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 10510336 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 55222013 B
Java, Flash, Steam htmlcache => 598 B
Windows/system/drivers => 12366244 B
Edge => 0 B
Firefox => 1120943213 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 33058 B
ProgramData => 33058 B
Public => 33058 B
systemprofile => 33058 B
systemprofile32 => 33058 B
LocalService => 82756 B
NetworkService => 42294838 B
peter => 75361430 B

RecycleBin => 2172457 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 14:44:43 ====

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly počítač, mrzne už dlhšiu dobu

#10 Příspěvek od Rudy »

Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

onlinetip
Návštěvník
Návštěvník
Příspěvky: 137
Registrován: 05 led 2009 20:36

Re: Pomaly počítač, mrzne už dlhšiu dobu

#11 Příspěvek od onlinetip »

Ano, pomohlo. Vďaka :)

Uživatelský avatar
Rudy
Site Admin
Site Admin
Příspěvky: 118192
Registrován: 30 říj 2003 13:42
Bydliště: Plzeň
Kontaktovat uživatele:

Re: Pomaly počítač, mrzne už dlhšiu dobu

#12 Příspěvek od Rudy »

Nemáte zač! :)
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.

Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.

Navštivte: Obrázek

e-mail: rudy(zavináč)forum.viry.cz

Varování:
Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!


Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.

Zamčeno