Dobry den, rozbil se mi notebook, tak jsem sahla po svem starem. Je sice uz starsi, ale vzdy pracoval rychle a plynule. Asi po hodine pouzivani, nahle zpomalil a kazdy krok trva minuty.Zkusila jsem smazat programy vcetne antiviru, ale nic. Prosím o kontrolu. Dekuji
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2021
Ran by Jana (administrator) on PC (Dell Inc. Latitude D620) (02-12-2021 17:49:40)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser not detected!
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\stacsv.exe
(Mozilla Corporation -> Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe <28>
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [501104 2011-04-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare software CO., LIMITED -> Wondershare)
HKU\S-1-5-21-560006340-2725996611-51377079-1000\...\MountPoints2: E - E:\AutoRun.exe
HKLM\...\Windows NT x86\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppWN7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\OneNotePrint2007: C:\Windows\System32\spool\prtprocs\W32X86\msonpppr.dll [33104 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Send To Microsoft OneNote Monitor: C:\Windows\system32\msonpmon.dll [31640 2009-02-27] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-04-14]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {3911C8E5-0532-4CCD-BA60-FD2B45DA3156} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(1): %windir%\system32\GWX\GWXUXWorker.exe -> /ScheduleUpgradeReminderTime
Task: {3911C8E5-0532-4CCD-BA60-FD2B45DA3156} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [286720 [2016-07-14]] (Microsoft Windows -> Microsoft Corporation)
Task: {4FEE4CE6-E361-438D-B991-5D8E314B35EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [1210560 2016-08-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6D86C9A1-ADF8-47DA-97D0-7E2A61D3A245} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\avast software\overseer\overseer.exe [1546480 2021-12-02] (Avast Software s.r.o. -> Avast Software)
Task: {6F28E318-2EB2-431A-8507-1A55C3EED50D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-08-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {753DABCD-4D24-4DE3-BB21-DF9A7C9D3564} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {753DABCD-4D24-4DE3-BB21-DF9A7C9D3564} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {753DABCD-4D24-4DE3-BB21-DF9A7C9D3564} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\Windows\system32\GWX\GWXDetector.exe [286720 [2016-07-14]] (Microsoft Windows -> Microsoft Corporation)
Task: {79B1EAD3-3217-4631-A02B-AF61C5FDB4BA} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {83679098-4963-401B-9092-874E3A0B308C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {83679098-4963-401B-9092-874E3A0B308C} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [286720 [2016-07-14]] (Microsoft Windows -> Microsoft Corporation)
Task: {93364301-5D80-42C1-A11D-0D62AED37E66} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3227912 2016-03-01] (McAfee, Inc. -> McAfee, Inc.)
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {A4075D72-138B-4B51-A3E5-E85BC2C7B03B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [652816 2016-03-05] (AVAST Software a.s. -> AVAST Software)
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {E3D05AB9-0F9B-4E54-B2C0-DF23FF234F98} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {E3D05AB9-0F9B-4E54-B2C0-DF23FF234F98} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\Windows\system32\GWX\GWXDetector.exe [286720 [2016-07-14]] (Microsoft Windows -> Microsoft Corporation)
Task: {EB5DDC0B-688A-4B61-AB62-D01377CDFCF7} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2021
Ran by Jana (02-12-2021 18:16:33)
Running from C:\Users\Jana\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-02-26 09:03:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-560006340-2725996611-51377079-500 - Administrator - Disabled)
Guest (S-1-5-21-560006340-2725996611-51377079-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-560006340-2725996611-51377079-1002 - Limited - Enabled)
Jana (S-1-5-21-560006340-2725996611-51377079-1000 - Administrator - Enabled) => C:\Users\Jana
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.118 - ALPS ELECTRIC CO., LTD.)
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
K-Lite Codec Pack 11.8.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.0.6.4 - PandoraTV)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x86 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-04-11 10:41 - 2014-05-19 16:19 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-04-11 10:41 - 2014-06-04 09:21 - 000571904 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-02-27 03:43 - 2016-02-27 03:43 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL
2016-04-11 10:41 - 2014-06-04 09:21 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> DefaultScope {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {4111143A-CBED-4750-993A-9501F2E03EC3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=0f4b67be-001f ... 6e225e7e56
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2016-08-13 12:35 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-560006340-2725996611-51377079-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A755098D-1AD3-4747-A4E0-1A82A38A2CC0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1757EFD5-A68E-449F-85A8-C772F89543C9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (PandoraTV -> Pandora.TV)
FirewallRules: [{EB5814D2-DE12-481C-B887-15805E251DD9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe (PandoraTV -> Pandora.TV)
FirewallRules: [TCP Query User{D0E62C06-799A-4FFB-A529-426A439D5AE7}C:\users\jana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jana\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{7127F019-7081-466A-AA17-9B3CF3E9FEF1}C:\users\jana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jana\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{6FA3195B-F889-4BD9-92CB-6BFA93031227}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{E8810B38-3F2B-419E-BD34-B0DCB97892E9}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{6879D589-C82E-4B22-AEFF-57EBD6B7E88D}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe => No File
FirewallRules: [{D061EBF4-2F13-4D05-BF63-D1CA2468E5EC}] => (Allow) C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe => No File
==================== Restore Points =========================
02-12-2021 15:17:30 Removed Adobe Reader XI - Czech.
02-12-2021 15:24:02 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/02/2021 05:32:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x64c
Čas spuštění chybující aplikace: 0x01d7e799f1365b41
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: 78cda62b-538d-11ec-8e65-00188bd36d1e
Error: (12/02/2021 05:32:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 05:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x6e0
Čas spuštění chybující aplikace: 0x01d7e7956ee3499e
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: f5b09318-5388-11ec-8f14-00188bd36d1e
Error: (12/02/2021 04:59:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 03:05:56 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x7b0
Čas spuštění chybující aplikace: 0x01d7e7854093b7e8
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: f7acc4c6-5378-11ec-8d11-00188bd36d1e
Error: (12/02/2021 03:05:23 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (04/03/2007 01:14:34 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x6e0
Čas spuštění chybující aplikace: 0x01c77584c60b9f34
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: 4c648ba3-e178-11db-8e4c-00188bd36d1e
Error: (04/03/2007 01:13:18 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/02/2021 06:11:38 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/02/2021 05:32:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MustangService DispalyName byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/02/2021 05:30:39 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/02/2021 05:16:17 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Avast Antivirus byla neočekávaně ukončena. Tento stav nastal již 4krát.
Error: (12/02/2021 05:00:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba MustangService DispalyName byla neočekávaně ukončena. Tento stav nastal již 1krát.
Error: (12/02/2021 04:58:46 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 3 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Spustit nakonfigurovaný program pro obnovení.
Error: (12/02/2021 04:58:40 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 2 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Error: (12/02/2021 04:58:33 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Avast Antivirus byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 5000 milisekund: Restartovat službu.
Windows Defender:
================
Date: 2016-04-14 05:00:08.450
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\RayDld\DuiLib.dll;file:C:\Program Files\RayDld\ihpmServer.exe;file:C:\Program Files\RayDld\msvcp110.dll;file:C:\Program Files\RayDld\msvcr110.dll;file:C:\Program Files\RayDld\Ray.ini;file:C:\Program Files\RayDld\Raydld.exe;file:C:\Program Files\RayDld\skin\About.xml;file:C:\Program Files\RayDld\skin\about_banner.png;file:C:\Program Files\RayDld\skin\animate_history.png;file:C:\Program Files\RayDld\skin\animate_portal.png;file:C:\Program Files\RayDld\skin\animate_recent.png;file:C:\Program Files\RayDld\skin\big_button_down.png;file:C:\Program Files\RayDld\skin\bk_shadow.png;file:C:\Program Files\RayDld\skin\bottom_toolbar_bk.png;file:C:\Program Files\RayDld\skin\brower_back.png;file:C:\Program Files\RayDld\skin\brower_refresh.png;file:C:\Program Files\RayDld\skin\btn.png;file:C:\Program Files\RayDld\skin\btn_browser_dir.png;file:C:\Program Files\RayDld\skin\ck_box.png;file:C:\Program Files\RayDld\skin\ck_check.png;file:C:\Program Files\RayDld\skin\close.png;file:C:\Program Files\RayDld\s
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Event[0]:
Date: 2016-09-23 16:49:44.712
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.229.18.0
Verze modulu:1.1.13103.0
Date: 2016-09-07 01:34:28.195
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.227.1695.0
Verze modulu:1.1.13000.0
Date: 2016-08-26 12:55:08.635
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.227.706.0
Verze modulu:1.1.13000.0
Date: 2016-08-13 02:32:35.276
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.225.3703.0
Verze modulu:1.1.12902.0
==================== Memory info ===========================
BIOS: Dell Inc. A08 04/03/2007
Motherboard: Dell Inc. 0FT292
Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Percentage of memory in use: 86%
Total physical RAM: 1014.12 MB
Available physical RAM: 141.54 MB
Total Virtual: 3041.85 MB
Available Virtual: 248.77 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:36.92 GB) (Free:10.82 GB) NTFS
\\?\Volume{5307798e-94cf-11e5-8215-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 37.3 GB) (Disk ID: DDCA4F8C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=36.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
zpomaleni notebooku
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomaleni notebooku
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomaleni notebooku
Posilam.
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-02-2021
# Duration: 00:00:15
# OS: Windows 7 Home Premium
# Cleaned: 18
# Failed: 0
***** [ Services ] *****
Deleted MustangService_2015_10_10
***** [ Folders ] *****
Deleted C:\Program Files\PANDORA.TV
Deleted C:\Program Files\Seznam.cz
Deleted C:\ProgramData\TempMoudleSet
Deleted C:\ProgramData\apn
Deleted C:\Users\Jana\AppData\Roaming\Seznam.cz
***** [ Files ] *****
Deleted C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\gd46pvie.default\searchplugins\omniboxes.xml
Deleted C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\gd46pvie.default\searchplugins\so-v.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Mozilla\Extends
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Deleted HKLM\Software\RayDld
Deleted HKLM\Software\ihpmserver
Deleted HKLM\Software\omniboxesSoftware
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Deleted omniboxes
Deleted so-v
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
# -------------------------------
# Malwarebytes AdwCleaner 8.3.1.0
# -------------------------------
# Build: 11-18-2021
# Database: 2021-12-02.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 12-02-2021
# Duration: 00:00:15
# OS: Windows 7 Home Premium
# Cleaned: 18
# Failed: 0
***** [ Services ] *****
Deleted MustangService_2015_10_10
***** [ Folders ] *****
Deleted C:\Program Files\PANDORA.TV
Deleted C:\Program Files\Seznam.cz
Deleted C:\ProgramData\TempMoudleSet
Deleted C:\ProgramData\apn
Deleted C:\Users\Jana\AppData\Roaming\Seznam.cz
***** [ Files ] *****
Deleted C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\gd46pvie.default\searchplugins\omniboxes.xml
Deleted C:\Users\Jana\AppData\Roaming\Mozilla\Firefox\Profiles\gd46pvie.default\searchplugins\so-v.xml
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\castplatform.com
Deleted HKCU\Software\Microsoft\Internet Explorer\DOMStorage\cdn.castplatform.com
Deleted HKCU\Software\Mozilla\Extends
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\Software\Classes\AppID\{85198F55-85AC-498A-BFE4-BBC33840F4AB}
Deleted HKLM\Software\RayDld
Deleted HKLM\Software\ihpmserver
Deleted HKLM\Software\omniboxesSoftware
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
Deleted omniboxes
Deleted so-v
***** [ Hosts File Entries ] *****
No malicious hosts file entries cleaned.
***** [ Preinstalled Software ] *****
No Preinstalled Software cleaned.
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomaleni notebooku
OK. Dejte nové logy FRST+Addition.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomaleni notebooku
Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 01-12-2021
Ran by Jana (administrator) on PC (Dell Inc. Latitude D620) (03-12-2021 00:12:54)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\stacsv.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [501104 2011-04-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare software CO., LIMITED -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-560006340-2725996611-51377079-1000\...\MountPoints2: E - E:\AutoRun.exe
HKLM\...\Windows NT x86\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppWN7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\OneNotePrint2007: C:\Windows\System32\spool\prtprocs\W32X86\msonpppr.dll [33104 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Send To Microsoft OneNote Monitor: C:\Windows\system32\msonpmon.dll [31640 2009-02-27] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-04-14]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {4FEE4CE6-E361-438D-B991-5D8E314B35EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [1210560 2016-08-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6F28E318-2EB2-431A-8507-1A55C3EED50D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-08-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {93364301-5D80-42C1-A11D-0D62AED37E66} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3227912 2016-03-01] (McAfee, Inc. -> McAfee, Inc.)
Task: {9CABB18C-35A3-4479-98ED-B06725FD0239} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {A4075D72-138B-4B51-A3E5-E85BC2C7B03B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {EBA2B9F9-40B2-46EA-B2C8-F26F6402772A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{08432897-5109-4FBB-9BBF-D621377FC173}: [DhcpNameServer] 10.0.0.138
FireFox:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2021
Ran by Jana (03-12-2021 00:21:18)
Running from C:\Users\Jana\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-02-26 09:03:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-560006340-2725996611-51377079-500 - Administrator - Disabled)
Guest (S-1-5-21-560006340-2725996611-51377079-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-560006340-2725996611-51377079-1002 - Limited - Enabled)
Jana (S-1-5-21-560006340-2725996611-51377079-1000 - Administrator - Enabled) => C:\Users\Jana
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.118 - ALPS ELECTRIC CO., LTD.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
K-Lite Codec Pack 11.8.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.0.6.4 - PandoraTV)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x86 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-04-11 10:41 - 2014-05-19 16:19 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-04-11 10:41 - 2014-06-04 09:21 - 000571904 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-02-27 03:43 - 2016-02-27 03:43 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL
2016-04-11 10:41 - 2014-06-04 09:21 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> DefaultScope {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {4111143A-CBED-4750-993A-9501F2E03EC3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=0f4b67be-001f ... 6e225e7e56
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2016-08-13 12:35 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-560006340-2725996611-51377079-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A755098D-1AD3-4747-A4E0-1A82A38A2CC0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1757EFD5-A68E-449F-85A8-C772F89543C9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{EB5814D2-DE12-481C-B887-15805E251DD9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [TCP Query User{D0E62C06-799A-4FFB-A529-426A439D5AE7}C:\users\jana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jana\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{7127F019-7081-466A-AA17-9B3CF3E9FEF1}C:\users\jana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jana\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{933E2E5A-60AD-4D0B-87F1-9C65BC8EA0E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB55793C-14B1-422E-834B-65A2F591C051}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
02-12-2021 15:17:30 Removed Adobe Reader XI - Czech.
02-12-2021 15:24:02 Windows Update
02-12-2021 23:20:32 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/03/2021 12:09:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 11:22:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexování nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Kontext: aplikace , katalog SystemIndex
Error: (12/02/2021 08:21:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 07:11:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 05:32:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x64c
Čas spuštění chybující aplikace: 0x01d7e799f1365b41
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: 78cda62b-538d-11ec-8e65-00188bd36d1e
Error: (12/02/2021 05:32:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 05:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x6e0
Čas spuštění chybující aplikace: 0x01d7e7956ee3499e
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: f5b09318-5388-11ec-8f14-00188bd36d1e
Error: (12/02/2021 04:59:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/03/2021 12:30:31 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/03/2021 12:08:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/03/2021 12:08:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/03/2021 12:06:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/03/2021 12:06:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/02/2021 11:30:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 (KB4535102).
Error: (12/02/2021 08:45:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/02/2021 08:20:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2016-04-14 05:00:08.450
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\RayDld\DuiLib.dll;file:C:\Program Files\RayDld\ihpmServer.exe;file:C:\Program Files\RayDld\msvcp110.dll;file:C:\Program Files\RayDld\msvcr110.dll;file:C:\Program Files\RayDld\Ray.ini;file:C:\Program Files\RayDld\Raydld.exe;file:C:\Program Files\RayDld\skin\About.xml;file:C:\Program Files\RayDld\skin\about_banner.png;file:C:\Program Files\RayDld\skin\animate_history.png;file:C:\Program Files\RayDld\skin\animate_portal.png;file:C:\Program Files\RayDld\skin\animate_recent.png;file:C:\Program Files\RayDld\skin\big_button_down.png;file:C:\Program Files\RayDld\skin\bk_shadow.png;file:C:\Program Files\RayDld\skin\bottom_toolbar_bk.png;file:C:\Program Files\RayDld\skin\brower_back.png;file:C:\Program Files\RayDld\skin\brower_refresh.png;file:C:\Program Files\RayDld\skin\btn.png;file:C:\Program Files\RayDld\skin\btn_browser_dir.png;file:C:\Program Files\RayDld\skin\ck_box.png;file:C:\Program Files\RayDld\skin\ck_check.png;file:C:\Program Files\RayDld\skin\close.png;file:C:\Program Files\RayDld\s
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Event[0]:
Date: 2016-09-23 16:49:44.712
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.229.18.0
Verze modulu:1.1.13103.0
Date: 2016-09-07 01:34:28.195
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.227.1695.0
Verze modulu:1.1.13000.0
Date: 2016-08-26 12:55:08.635
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.227.706.0
Verze modulu:1.1.13000.0
Date: 2016-08-13 02:32:35.276
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.225.3703.0
Verze modulu:1.1.12902.0
==================== Memory info ===========================
BIOS: Dell Inc. A08 04/03/2007
Motherboard: Dell Inc. 0FT292
Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Percentage of memory in use: 93%
Total physical RAM: 1014.12 MB
Available physical RAM: 63.06 MB
Total Virtual: 2038.12 MB
Available Virtual: 496.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:36.92 GB) (Free:13.37 GB) NTFS
\\?\Volume{5307798e-94cf-11e5-8215-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 37.3 GB) (Disk ID: DDCA4F8C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=36.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
Ran by Jana (administrator) on PC (Dell Inc. Latitude D620) (03-12-2021 00:12:54)
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Alps Electric Co., LTD. -> Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wbem\WMIADAP.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\Sigmatel\C-Major Audio\WDM\sttray.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Windows\System32\stacsv.exe
(Wondershare software CO., LIMITED -> Wondershare) C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [501104 2011-04-05] (Alps Electric Co., LTD. -> Alps Electric Co., Ltd.)
HKLM\...\Run: [SigmatelSysTrayApp] => C:\Program Files\SigmaTel\C-Major Audio\WDM\sttray.exe [405504 2007-09-13] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [Wondershare Helper Compact.exe] => C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe [2024800 2014-06-04] (Wondershare software CO., LIMITED -> Wondershare)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-560006340-2725996611-51377079-1000\...\MountPoints2: E - E:\AutoRun.exe
HKLM\...\Windows NT x86\Print Processors\hpzppWN7: C:\Windows\System32\spool\prtprocs\W32X86\hpzppWN7.dll [90624 2009-07-14] (Microsoft Windows -> Hewlett-Packard Corporation)
HKLM\...\Windows NT x86\Print Processors\OneNotePrint2007: C:\Windows\System32\spool\prtprocs\W32X86\msonpppr.dll [33104 2006-10-26] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Print\Monitors\Send To Microsoft OneNote Monitor: C:\Windows\system32\msonpmon.dll [31640 2009-02-27] (Microsoft Corporation -> Microsoft Corporation)
Startup: C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk [2016-04-14]
ShortcutTarget: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk -> C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE (Microsoft Corporation -> Microsoft Corporation)
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {4FEE4CE6-E361-438D-B991-5D8E314B35EA} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [1210560 2016-08-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {6F28E318-2EB2-431A-8507-1A55C3EED50D} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [270016 2016-08-13] (Adobe Systems Incorporated -> Adobe Systems Incorporated)
Task: {93364301-5D80-42C1-A11D-0D62AED37E66} - System32\Tasks\McAfee Remediation (Prepare) => C:\Program Files\Common Files\AV\McAfee Anti-Virus And Anti-Spyware\upgrade.exe [3227912 2016-03-01] (McAfee, Inc. -> McAfee, Inc.)
Task: {9CABB18C-35A3-4479-98ED-B06725FD0239} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {A4075D72-138B-4B51-A3E5-E85BC2C7B03B} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe /backup /iavs (No File)
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
Task: {EBA2B9F9-40B2-46EA-B2C8-F26F6402772A} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\system32\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{08432897-5109-4FBB-9BBF-D621377FC173}: [DhcpNameServer] 10.0.0.138
FireFox:
Additional scan result of Farbar Recovery Scan Tool (x86) Version: 01-12-2021
Ran by Jana (03-12-2021 00:21:18)
Running from C:\Users\Jana\Downloads
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2016-02-26 09:03:32)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-560006340-2725996611-51377079-500 - Administrator - Disabled)
Guest (S-1-5-21-560006340-2725996611-51377079-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-560006340-2725996611-51377079-1002 - Limited - Enabled)
Jana (S-1-5-21-560006340-2725996611-51377079-1000 - Administrator - Enabled) => C:\Users\Jana
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AS: Windows Defender (Disabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Flash Player 22 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Adobe Flash Player 22 PPAPI (HKLM\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
Aktualizace produktu Microsoft Office Excel 2007 Help (KB963678) (HKLM\...\{90120000-0016-0405-0000-0000000FF1CE}_ENTERPRISER_{0A1FAC46-B899-421D-B1A2-470896DC45DB}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Powerpoint 2007 Help (KB963669) (HKLM\...\{90120000-0018-0405-0000-0000000FF1CE}_ENTERPRISER_{5260BB53-C1F7-4A3B-9AEB-3EC9B37FF194}) (Version: - Microsoft)
Aktualizace produktu Microsoft Office Word 2007 Help (KB963665) (HKLM\...\{90120000-001B-0405-0000-0000000FF1CE}_ENTERPRISER_{E68DD413-B834-4923-8181-0A03B7555187}) (Version: - Microsoft)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1208.101.118 - ALPS ELECTRIC CO., LTD.)
Google Update Helper (HKLM\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.13 - Google LLC) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\HDMI) (Version: 8.15.10.1930 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.4 - Intel)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
K-Lite Codec Pack 11.8.5 Full (HKLM\...\KLiteCodecPack_is1) (Version: 11.8.5 - KLCP)
KMPlayer (remove only) (HKLM\...\The KMPlayer) (Version: 4.0.6.4 - PandoraTV)
Microsoft .NET Framework 4.6.1 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.6.01055 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office Enterprise 2007 (HKLM\...\ENTERPRISER) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Mozilla Firefox (x86 cs) (HKLM\...\Mozilla Firefox 94.0.2 (x86 cs)) (Version: 94.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 94.0.2 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
Update for 2007 Microsoft Office System (KB967642) (HKLM\...\{91120000-0030-0000-0000-0000000FF1CE}_ENTERPRISER_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version: - Microsoft)
WinRAR 5.31 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2217832 2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2009-09-23] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2016-02-04] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32: [VIDC.VP80] => vp8vfw.dll
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2016-04-11 10:41 - 2014-05-19 16:19 - 000137728 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSCreateVC.dll
2016-04-11 10:41 - 2014-06-04 09:21 - 000571904 _____ () [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\DAQExp.dll
2016-02-27 03:43 - 2016-02-27 03:43 - 000096256 _____ (Microsoft Corporation) [File not signed] C:\Windows\WinSxS\x86_microsoft.vc80.atl_1fc8b3b9a1e18e3b_8.0.50727.762_none_11ecb0ab9b2caf3c\ATL80.DLL
2016-04-11 10:41 - 2014-06-04 09:21 - 000708608 _____ (Wondershare) [File not signed] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\CBSProducstInfo.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Version 11) (Whitelisted) ==========
SearchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> DefaultScope {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {4111143A-CBED-4750-993A-9501F2E03EC3} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_16194
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2009-02-26] (Microsoft Corporation -> Microsoft Corporation)
StartMenuInternet: IEXPLORE.EXE - C:\Program Files\Internet Explorer\iexplore.exe hxxp://www.so-v.com/?type=ll&uid=0f4b67be-001f ... 6e225e7e56
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 03:04 - 2016-08-13 12:35 - 000000824 _____ C:\Windows\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-560006340-2725996611-51377079-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Jana\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A755098D-1AD3-4747-A4E0-1A82A38A2CC0}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{1757EFD5-A68E-449F-85A8-C772F89543C9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{EB5814D2-DE12-481C-B887-15805E251DD9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [TCP Query User{D0E62C06-799A-4FFB-A529-426A439D5AE7}C:\users\jana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jana\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{7127F019-7081-466A-AA17-9B3CF3E9FEF1}C:\users\jana\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\jana\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{933E2E5A-60AD-4D0B-87F1-9C65BC8EA0E1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{CB55793C-14B1-422E-834B-65A2F591C051}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
==================== Restore Points =========================
02-12-2021 15:17:30 Removed Adobe Reader XI - Czech.
02-12-2021 15:24:02 Windows Update
02-12-2021 23:20:32 Windows Update
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (12/03/2021 12:09:37 AM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 11:22:27 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexování nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.
Kontext: aplikace , katalog SystemIndex
Error: (12/02/2021 08:21:27 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 07:11:42 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 05:32:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x64c
Čas spuštění chybující aplikace: 0x01d7e799f1365b41
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: 78cda62b-538d-11ec-8e65-00188bd36d1e
Error: (12/02/2021 05:32:00 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
Error: (12/02/2021 05:00:25 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Název chybujícího modulu: MustangSer520.exe, verze: 1.0.0.6, časové razítko: 0x567001d1
Kód výjimky: 0x40000015
Posun chyby: 0x00012d34
ID chybujícího procesu: 0x6e0
Čas spuštění chybující aplikace: 0x01d7e7956ee3499e
Cesta k chybující aplikaci: C:\ProgramData\TempMoudleSet\MustangSer520.exe
Cesta k chybujícímu modulu: C:\ProgramData\TempMoudleSet\MustangSer520.exe
ID zprávy: f5b09318-5388-11ec-8f14-00188bd36d1e
Error: (12/02/2021 04:59:36 PM) (Source: WinMgmt) (EventID: 10) (User: )
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.
System errors:
=============
Error: (12/03/2021 12:30:31 AM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/03/2021 12:08:44 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/03/2021 12:08:40 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/03/2021 12:06:11 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/03/2021 12:06:08 AM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AvastWscReporter neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Error: (12/02/2021 11:30:35 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80092004): 2020-01, kum. akt. zab. a kval. pro .NET Framework 3.5.1, 4.5.2, 4.6, 4.6.1, 4.6.2, 4.7, 4.7.1, 4.7.2, 4.8 pro Windows 7 (KB4535102).
Error: (12/02/2021 08:45:52 PM) (Source: DCOM) (EventID: 10010) (User: )
Description: Server {BB6DF56B-CACE-11DC-9992-0019B93A3A84} se v daném časovém limitu neregistroval u služby DCOM.
Error: (12/02/2021 08:20:08 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Service Installer TrueKey neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.
Windows Defender:
================
Date: 2016-04-14 05:00:08.450
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=214126
Název:BrowserModifier:Win32/SupTab
Závažnost:Vysoké
Kategorie:Program měnící nastavení prohlížeče
Nalezeno v cestě:file:C:\Program Files\RayDld\DuiLib.dll;file:C:\Program Files\RayDld\ihpmServer.exe;file:C:\Program Files\RayDld\msvcp110.dll;file:C:\Program Files\RayDld\msvcr110.dll;file:C:\Program Files\RayDld\Ray.ini;file:C:\Program Files\RayDld\Raydld.exe;file:C:\Program Files\RayDld\skin\About.xml;file:C:\Program Files\RayDld\skin\about_banner.png;file:C:\Program Files\RayDld\skin\animate_history.png;file:C:\Program Files\RayDld\skin\animate_portal.png;file:C:\Program Files\RayDld\skin\animate_recent.png;file:C:\Program Files\RayDld\skin\big_button_down.png;file:C:\Program Files\RayDld\skin\bk_shadow.png;file:C:\Program Files\RayDld\skin\bottom_toolbar_bk.png;file:C:\Program Files\RayDld\skin\brower_back.png;file:C:\Program Files\RayDld\skin\brower_refresh.png;file:C:\Program Files\RayDld\skin\btn.png;file:C:\Program Files\RayDld\skin\btn_browser_dir.png;file:C:\Program Files\RayDld\skin\ck_box.png;file:C:\Program Files\RayDld\skin\ck_check.png;file:C:\Program Files\RayDld\skin\close.png;file:C:\Program Files\RayDld\s
Typ zjišťování:Konkrétní
Zdroj zjišťování:Systém
Stav:Neznámý
Uživatel:NT AUTHORITY\NETWORK SERVICE
Název procesu:c:\program files\windows defender\MpCmdRun.exe
Event[0]:
Date: 2016-09-23 16:49:44.712
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.229.18.0
Verze modulu:1.1.13103.0
Date: 2016-09-07 01:34:28.195
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.227.1695.0
Verze modulu:1.1.13000.0
Date: 2016-08-26 12:55:08.635
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.227.706.0
Verze modulu:1.1.13000.0
Date: 2016-08-13 02:32:35.276
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst:Aktuální
Kód chyby:0x8050800d
Popis chyby:Některé položky historie nelze zobrazit. Počkejte několik minut a akci opakujte. Pokud tento postup nefunguje, vymažte historii a opakujte pokus.
Verze podpisu:1.225.3703.0
Verze modulu:1.1.12902.0
==================== Memory info ===========================
BIOS: Dell Inc. A08 04/03/2007
Motherboard: Dell Inc. 0FT292
Processor: Intel(R) Core(TM)2 CPU T5600 @ 1.83GHz
Percentage of memory in use: 93%
Total physical RAM: 1014.12 MB
Available physical RAM: 63.06 MB
Total Virtual: 2038.12 MB
Available Virtual: 496.76 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:36.92 GB) (Free:13.37 GB) NTFS
\\?\Volume{5307798e-94cf-11e5-8215-806e6f6e6963}\ (Rezervováno systémem) (Fixed) (Total:0.34 GB) (Free:0.31 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 37.3 GB) (Disk ID: DDCA4F8C)
Partition 1: (Active) - (Size=350 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=36.9 GB) - (Type=07 NTFS)
==================== End of Addition.txt =======================
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomaleni notebooku
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Jana\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-560006340-2725996611-51377079-1000\...\MountPoints2: E - E:\AutoRun.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9CABB18C-35A3-4479-98ED-B06725FD0239} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
earchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> DefaultScope {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
FirewallRules: [{1757EFD5-A68E-449F-85A8-C772F89543C9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{EB5814D2-DE12-481C-B887-15805E251DD9}] => (Allow) C:\Program FilesC:\Program Files\RayDld\DuiLib.dll\PANDORA.TV\PanService\PandoraService.exe => No File
C:\Program Files\RayDld\DuiLib.dll
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomaleni notebooku
Fix result of Farbar Recovery Scan Tool (x86) Version: 01-12-2021
Ran by Jana (03-12-2021 13:06:05) Run:1
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-560006340-2725996611-51377079-1000\...\MountPoints2: E - E:\AutoRun.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9CABB18C-35A3-4479-98ED-B06725FD0239} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
earchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> DefaultScope {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
FirewallRules: [{1757EFD5-A68E-449F-85A8-C772F89543C9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{EB5814D2-DE12-481C-B887-15805E251DD9}] => (Allow) C:\Program FilesC:\Program Files\RayDld\DuiLib.dll\PANDORA.TV\PanService\PandoraService.exe => No File
C:\Program Files\RayDld\DuiLib.dll
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CABB18C-35A3-4479-98ED-B06725FD0239}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CABB18C-35A3-4479-98ED-B06725FD0239}" => removed successfully.
C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully.
earchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1757EFD5-A68E-449F-85A8-C772F89543C9}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB5814D2-DE12-481C-B887-15805E251DD9}" => removed successfully.
"C:\Program Files\RayDld\DuiLib.dll" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34811880 B
Java, Flash, Steam htmlcache => 5244 B
Windows/system/drivers => 62674934 B
Edge => 0 B
Firefox => 154671567 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
LocalService => 16802 B
NetworkService => 117634 B
Jana => 227403887 B
RecycleBin => 0 B
EmptyTemp: => 457.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:09:09 ====
Ran by Jana (03-12-2021 13:06:05) Run:1
Running from C:\Users\Jana\Downloads
Loaded Profiles: Jana
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-560006340-2725996611-51377079-1000\...\MountPoints2: E - E:\AutoRun.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {2BD05BA6-988D-4BD3-A9CD-9A39F80AF524} - \Microsoft\Windows\MemoryDiagnostic\CorruptionDetector -> No File <==== ATTENTION
Task: {5B184694-64C3-4633-94C5-945B3FA561D6} - \Microsoft\Windows\WindowsBackup\ConfigNotification -> No File <==== ATTENTION
Task: {9CABB18C-35A3-4479-98ED-B06725FD0239} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB" <==== ATTENTION
Task: {9F54B95F-5096-4803-AE61-E9B3AC5B616D} - \Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector -> No File <==== ATTENTION
Task: {D21F6024-191F-4454-BBBC-09A650DA2549} - \Microsoft\Windows\Application Experience\AitAgent -> No File <==== ATTENTION
earchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> DefaultScope {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&src ... ORM=IESR02
SearchScopes: HKU\S-1-5-21-560006340-2725996611-51377079-1000 -> {CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} URL = hxxp://www.bing.com/search?q={searchTerms}&form=MSSEDF&pc=MSE1
FirewallRules: [{1757EFD5-A68E-449F-85A8-C772F89543C9}] => (Allow) C:\Program Files\PANDORA.TV\PanService\PandoraService.exe => No File
FirewallRules: [{EB5814D2-DE12-481C-B887-15805E251DD9}] => (Allow) C:\Program FilesC:\Program Files\RayDld\DuiLib.dll\PANDORA.TV\PanService\PandoraService.exe => No File
C:\Program Files\RayDld\DuiLib.dll
EmptyTemp:
End
*****************
Processes closed successfully.
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender => removed successfully.
HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\E => removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
C:\ProgramData\NTUSER.pol => moved successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BD05BA6-988D-4BD3-A9CD-9A39F80AF524}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\CorruptionDetector" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5B184694-64C3-4633-94C5-945B3FA561D6}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\WindowsBackup\ConfigNotification" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9CABB18C-35A3-4479-98ED-B06725FD0239}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9CABB18C-35A3-4479-98ED-B06725FD0239}" => removed successfully.
C:\Windows\System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{9F54B95F-5096-4803-AE61-E9B3AC5B616D}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\MemoryDiagnostic\DecompressionFailureDetector" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{D21F6024-191F-4454-BBBC-09A650DA2549}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Application Experience\AitAgent" => removed successfully.
earchScopes: HKLM -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=IE8SRC => Error: No automatic fix found for this entry.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
"HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully.
HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKU\S-1-5-21-560006340-2725996611-51377079-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{CF1EBE1F-8A6F-4BBF-A9F6-B80D85228F34} => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{1757EFD5-A68E-449F-85A8-C772F89543C9}" => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{EB5814D2-DE12-481C-B887-15805E251DD9}" => removed successfully.
"C:\Program Files\RayDld\DuiLib.dll" => not found
=========== EmptyTemp: ==========
BITS transfer queue => 0 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 34811880 B
Java, Flash, Steam htmlcache => 5244 B
Windows/system/drivers => 62674934 B
Edge => 0 B
Firefox => 154671567 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 16802 B
LocalService => 16802 B
NetworkService => 117634 B
Jana => 227403887 B
RecycleBin => 0 B
EmptyTemp: => 457.5 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 13:09:09 ====
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomaleni notebooku
Smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: zpomaleni notebooku
Hezky den,
kdyz jsem vse provedla a restartovala, byl notebook jeste pomalejsi, ale dnes jsem ho zapla a bezi ok. Tak snad dobry. Dekuji za pomoc.
kdyz jsem vse provedla a restartovala, byl notebook jeste pomalejsi, ale dnes jsem ho zapla a bezi ok. Tak snad dobry. Dekuji za pomoc.
Re: zpomaleni notebooku
Ne, tak po chvili je to stejne. Vypne se windows defender, nejde zapnout a vse se seka. Firefox mi pise, ze neni mozne pouzivat zalozky a historii, protoze nektere soubory aplikace uz jsou pouzivany jinou aplikaci. Nevim, zda to s tim soouvisi.
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: zpomaleni notebooku
Zkuste defragmentovat disk.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Přispějete na provoz fóra?