Zamrzání ntb a prohlížeče, problém s tiskem a restartem ntb

Zpráva

Hanke · #1 Příspěvek od **Hanke** » 23 úno 2020 13:11

Dobrý den,

Již delší dobu nemůžu plynule restartovat ntb, jde jen vyndat a zandat baterii, pak to jde. Jinak se ntb zasekne na černé obrazovce. Dále ntb zamrzá i prohlížeč většinou při načítání videí a banerů. Aktuálně se objevil i problém v komunikaci s tiskárnou u tisku, nejde tisknout. Díky za možnou pomoc.

Logfile of random's system information tool 1.10 (written by random/random)
Run by DELL at 2020-02-23 12:53:49
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 86 GB (75%) free of 114 GB
Total RAM: 1936 MB (45% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:55:23, on 23.2.2020
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.19597)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
C:\Program Files\Unlocker\UnlockerAssistant.exe
C:\Program Files\Common Files\Java\Java Update\jusched.exe
C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
C:\Windows\system32\taskeng.exe
C:\Program Files\CCleaner\CCleaner.exe
C:\Program Files\HP\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
C:\Windows\system32\Rundll32.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\DELL\Desktop\RSIT.exe
C:\Program Files\trend micro\DELL.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Spybot-S&D IE Protection - {53707962-6F74-2D53-2644-206D7942484F} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O4 - HKLM\..\Run: [hpqSRMon] C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe
O4 - HKLM\..\Run: [HP Software Update] C:\Program Files\HP\HP Software Update\HPWuSchd2.exe
O4 - HKLM\..\Run: [UnlockerAssistant] "C:\Program Files\Unlocker\UnlockerAssistant.exe"
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [SpybotSD TeaTimer] C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner.exe" /MONITOR
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Global Startup: HP Digital Imaging Monitor.lnk = C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
O9 - Extra button: Zdroje informací - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\OFFICE11\REFIEBAR.DLL
O9 - Extra button: Zobrazit nebo skrýt HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O9 - Extra button: (no name) - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O9 - Extra 'Tools' menuitem: Spybot - Search && Destroy Configuration - {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\Program Files\IDT\WDM\aestsrv.exe
O23 - Service: Credential Vault Host Control Service - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
O23 - Service: Credential Vault Host Storage - Broadcom Corporation - C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: SBSD Security Center Service (SBSDWSCService) - Safer Networking Ltd. - C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe
O23 - Service: @%SystemRoot%\system32\stlang.dll,-10122 (STacSV) - IDT, Inc. - C:\Program Files\IDT\WDM\STacSV.exe

--
End of file - 5805 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\nk4efx2i.default-1483376918740-1550152235918

prefs.js - "browser.search.suggest.enabled" - false
prefs.js - "browser.startup.homepage" - "https://www.seznam.cz/"

"smartwebprinting@hp.com"=C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 32.0.0.330 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_330.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.241.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.241.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.4]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.7.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=3.0.8]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll

C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\nk4efx2i.default-1483376918740-1550152235918\extensions\
staged

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0347C33E-8762-4905-BF09-768834316C61}]
HP Print Enhancer - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20 328248]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{53707962-6F74-2D53-2644-206D7942484F}]
Spybot-S&D IE Protection - C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26 1879896]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-21 480320]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-21 194624]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856}]
HP Smart BHO Class - C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20 509496]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"hpqSRMon"=C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [2008-07-22 150528]
"HP Software Update"=C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [2007-05-08 54840]
"UnlockerAssistant"=C:\Program Files\Unlocker\UnlockerAssistant.exe [2010-07-04 17408]
"SunJavaUpdateSched"=C:\Program Files\Common Files\Java\Java Update\jusched.exe [2019-12-11 646160]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"SpybotSD TeaTimer"=C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2009-01-26 2144088]
"CCleaner Smart Cleaning"=C:\Program Files\CCleaner\CCleaner.exe [2019-10-16 18458752]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
HP Digital Imaging Monitor.lnk - C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Notify\igfxcui]
C:\Windows\system32\igfxdev.dll [2011-02-11 228864]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{46C3BB2C-CC38-11E6-8704-64006A5CFC23}"= []

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Wdf01000.sys]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=l3codecp.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"VIDC.XVID"=xvidvfw.dll
"VIDC.YV12"=xvidvfw.dll
"msacm.ac3acm"=ac3acm.acm
"msacm.lameacm"=lameACM.acm
"VIDC.FFDS"=ff_vfw.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"aux1"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2020-02-23 12:53:50 ----D---- C:\Program Files\trend micro
2020-02-23 12:53:49 ----D---- C:\rsit
2020-02-21 19:51:23 ----A---- C:\Windows\system32\user32.dll

======List of files/folders modified in the last 1 month======

2020-02-23 12:54:01 ----D---- C:\Windows\Prefetch
2020-02-23 12:53:54 ----D---- C:\Windows\Temp
2020-02-23 12:53:50 ----RD---- C:\Program Files
2020-02-23 11:37:20 ----D---- C:\Windows\system32\config
2020-02-23 11:26:47 ----D---- C:\Windows
2020-02-23 11:05:04 ----D---- C:\ProgramData\HP
2020-02-23 10:49:17 ----D---- C:\Windows\inf
2020-02-23 09:22:09 ----D---- C:\Windows\debug
2020-02-23 00:14:40 ----D---- C:\Users\DELL\AppData\Roaming\vlc
2020-02-22 23:41:31 ----D---- C:\Windows\System32
2020-02-22 23:41:31 ----A---- C:\Windows\system32\PerfStringBackup.INI
2020-02-21 20:13:06 ----D---- C:\Windows\winsxs
2020-02-21 20:12:15 ----D---- C:\Program Files\Mozilla Maintenance Service
2020-02-21 20:12:15 ----D---- C:\Program Files\Mozilla Firefox
2020-02-21 19:47:08 ----D---- C:\Windows\system32\catroot2
2020-02-20 22:20:39 ----D---- C:\Users\DELL\AppData\Roaming\uTorrent
2020-02-14 09:37:54 ----SHD---- C:\Windows\Installer
2020-02-14 09:37:53 ----HD---- C:\Config.Msi
2020-02-12 13:08:46 ----D---- C:\Windows\system32\MRT
2020-02-12 13:00:43 ----AC---- C:\Windows\system32\MRT.exe
2020-02-11 19:59:12 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2020-02-11 19:59:06 ----D---- C:\Windows\system32\Macromed

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2018-01-01 173288]
R1 HWiNFO32;HWiNFO32/64 Kernel Driver; \??\C:\Windows\system32\drivers\HWiNFO32.SYS [2016-12-28 23840]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 rimmptsk;rimmptsk; C:\Windows\system32\DRIVERS\rimmptsk.sys [2009-09-07 48128]
R3 ApfiltrService;Alps Touch Pad Filter Driver for Windows x86; C:\Windows\system32\DRIVERS\Apfiltr.sys [2011-01-05 284792]
R3 cvusbdrv;Dell ControlVault; C:\Windows\System32\Drivers\cvusbdrv.sys [2011-12-02 40040]
R3 Dot4;MS IEEE-1284.4 Driver; C:\Windows\system32\DRIVERS\Dot4.sys [2009-07-14 131072]
R3 Dot4Print;Print Class Driver for IEEE-1284.4; C:\Windows\system32\DRIVERS\Dot4Prt.sys [2010-11-20 16384]
R3 dot4usb;MS Dot4USB Filter Dot4USB Filter; C:\Windows\system32\DRIVERS\dot4usb.sys [2009-07-14 36864]
R3 e1yexpress;Intel(R) Gigabit Network Connections Driver; C:\Windows\system32\DRIVERS\e1y6232.sys [2011-08-23 233688]
R3 HECI;Intel(R) Management Engine Interface; C:\Windows\system32\DRIVERS\HECI.sys [2009-06-23 40832]
R3 igfx;igfx; C:\Windows\system32\DRIVERS\igdkmd32.sys [2011-02-11 9036800]
R3 IntcHdmiAddService;Intel(R) High Definition Audio HDMI; C:\Windows\system32\drivers\IntcHdmi.sys [2010-02-21 126976]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series – ovladač adaptéru pro 32bitový systém Windows Vista; C:\Windows\system32\DRIVERS\netw5v32.sys [2009-07-13 4231168]
R3 sdbus;sdbus; C:\Windows\system32\DRIVERS\sdbus.sys [2010-11-20 84992]
R3 STHDA;@%SystemRoot%\system32\stlang.dll,-10322; C:\Windows\system32\DRIVERS\stwrt.sys [2010-07-22 431616]
R3 usbscan;Ovladač skeneru USB; C:\Windows\system32\drivers\usbscan.sys [2019-12-10 36352]
R3 WinUsb;Ovladač WinUSB; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]
S0 Partizan;Partizan; C:\Windows\system32\drivers\Partizan.sys []
S0 prohlp02;StarForce Protection Helper Driver v2; C:\Windows\System32\drivers\prohlp02.sys [2004-08-09 114016]
S0 prosync1;StarForce Protection Synchronization Driver v1; C:\Windows\System32\drivers\prosync1.sys [2004-07-19 7040]
S0 sfhlp01;StarForce Protection Helper Driver; C:\Windows\System32\drivers\sfhlp01.sys [2003-12-01 4832]
S1 prodrv06;StarForce Protection Environment Driver v6; C:\Windows\System32\drivers\prodrv06.sys [2004-08-09 53920]
S2 Parvdm;Parvdm; C:\Windows\system32\drivers\parvdm.sys [2009-07-14 8704]
S3 acpials;Filtr zařízení ALS Sensor; C:\Windows\system32\DRIVERS\acpials.sys [2009-07-14 7680]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\Windows\system32\drivers\amdagp.sys [2019-04-19 52968]
S3 athr;Atheros – ovladač pro zařízení pro rozšiřitelnou bezdrátovou síť LAN; C:\Windows\system32\DRIVERS\athr.sys [2009-07-13 1096704]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 MBAMWebProtection;MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys []
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2014-06-28 14848]
S3 sisagp;Filtr SIS sběrnice AGP; C:\Windows\system32\drivers\sisagp.sys [2019-04-19 51944]
S3 SrvHsfHDA;SrvHsfHDA; C:\Windows\system32\DRIVERS\VSTAZL3.SYS [2009-07-13 207360]
S3 SrvHsfV92;SrvHsfV92; C:\Windows\system32\DRIVERS\VSTDPV3.SYS [2009-07-13 980992]
S3 SrvHsfWinac;SrvHsfWinac; C:\Windows\system32\DRIVERS\VSTCNXT3.SYS [2009-07-13 661504]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2014-06-28 49152]
S3 TsUsbGD;%TsUsbGD.DeviceDesc.Generic%; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 viaagp;Filtr VIA sběrnice AGP; C:\Windows\system32\drivers\viaagp.sys [2019-04-19 52968]
S3 ViaC7;Ovladač procesoru VIA C7; C:\Windows\system32\drivers\viac7.sys [2020-01-03 53248]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2019-09-10 88136]
R2 AESTFilters;Andrea ST Filters Service; C:\Program Files\IDT\WDM\aestsrv.exe [2009-03-03 81920]
R2 Credential Vault Host Control Service;Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [2011-12-02 826272]
R2 Credential Vault Host Storage;Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [2011-12-02 31648]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 hpqddsvc;Služba HP CUE DeviceDiscovery; C:\Windows\system32\svchost.exe [2009-07-14 20992]
R2 Net Driver HPZ12;Net Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 Pml Driver HPZ12;Pml Driver HPZ12; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 SBSDWSCService;SBSD Security Center Service; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [2009-01-26 1153368]
R2 STacSV;@%SystemRoot%\system32\stlang.dll,-10122; C:\Program Files\IDT\WDM\STacSV.exe [2010-07-22 245842]
R3 hpqcxs08;hpqcxs08; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2019-03-28 132792]
S2 Griveried;Griveried; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-03-11 203296]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2020-02-11 335416]
S3 aspnet_state;Stavová služba ASP.NET; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2019-03-28 47960]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2019-12-17 104960]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2020-02-20 223432]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2003-07-28 89136]
S3 WiaRpc;@%SystemRoot%\system32\wiarpc.dll,-2; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2019-03-28 136256]

-----------------EOF-----------------

#2 Příspěvek od **Rudy** » 23 úno 2020 17:57

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

Hanke · #3 Příspěvek od **Hanke** » 23 úno 2020 22:33

-------------------------------
# Malwarebytes AdwCleaner 8.0.2.0
# -------------------------------
# Build: 01-27-2020
# Database: 2020-02-17.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 02-23-2020
# Duration: 00:00:06
# OS: Windows 7 Home Premium
# Cleaned: 44
# Failed: 0

***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Users\DELL\AppData\Roaming\SPI

***** [ Files ] *****

Deleted C:\Users\DELL\AppData\Roaming\Installer.dat
Deleted C:\Users\DELL\AppData\Roaming\Main.dat
Deleted C:\Users\DELL\AppData\Roaming\agent.dat
Deleted C:\Windows\Reimage.ini

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\SOFTWARE\40B74A02C9FED9AD0F86F3C17EBB0076
Deleted HKCU\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted HKCU\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted HKCU\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted HKCU\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted HKCU\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted HKCU\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted HKCU\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted HKCU\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted HKCU\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\UCBrowser.exe
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKCU\Software\Microsoft\{cc6eb6d8-85b7-435p-8b86-51e4d16ea76d}
Deleted HKCU\Software\NetBox
Deleted HKCU\Software\PopWnd
Deleted HKCU\Software\UpgSvr
Deleted HKCU\Software\dlr
Deleted HKLM\SOFTWARE\40B74A02C9FED9AD0F86F3C17EBB0076
Deleted HKLM\SOFTWARE\Classes\.crx\OpenWithProgids|UCHTML.AssocFile.CRX
Deleted HKLM\SOFTWARE\Classes\.htm\OpenWithProgids|UCHTML.AssocFile.HTM
Deleted HKLM\SOFTWARE\Classes\.html\OpenWithProgids|UCHTML.AssocFile.HTML
Deleted HKLM\SOFTWARE\Classes\.mht\OpenWithProgids|UCHTML.AssocFile.MHT
Deleted HKLM\SOFTWARE\Classes\.shtm\OpenWithProgids|UCHTML.AssocFile.SHTM
Deleted HKLM\SOFTWARE\Classes\.shtml\OpenWithProgids|UCHTML.AssocFile.SHTML
Deleted HKLM\SOFTWARE\Classes\.webp\OpenWithProgids|UCHTML.AssocFile.WEBP
Deleted HKLM\SOFTWARE\Classes\.xht\OpenWithProgids|UCHTML.AssocFile.XHT
Deleted HKLM\SOFTWARE\Classes\.xhtml\OpenWithProgids|UCHTML.AssocFile.XHTML
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{8A01FA53-571F-4AE4-BAB0-C44BF0920EE5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8A01FA53-571F-4AE4-BAB0-C44BF0920EE5}
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\Multimedia\Manager
Deleted HKLM\Software\Microsoft\DMunversion
Deleted HKLM\Software\Microsoft\{6711eba6-cf08-4edw-9528-86004fa424bb}
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\.DEFAULT\Software\UpgSvr
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\dospop.com
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\zonemap\domains\incredibar.com
Deleted HKU\S-1-5-18\Software\UpgSvr

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.

*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5533 octets] - [23/02/2020 22:25:53]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

#4 Příspěvek od **Rudy** » 24 úno 2020 10:25

OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 . Jsou podrobnější, než RSIT.

Hanke · #5 Příspěvek od **Hanke** » 24 úno 2020 10:40

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 23-02-2020
Ran by DELL (administrator) on DELL-PC (Dell Inc. Latitude E6500) (24-02-2020 10:36:24)
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Unlocker\UnlockerAssistant.exe
(Adobe Inc. -> Adobe Systems) C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
(Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe
(Broadcom Corp -> Broadcom Corporation) C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqbam08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe
(Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe
(Hewlett-Packard Company -> Hewlett-Packard) C:\Program Files\HP\HP Software Update\hpwuSchd2.exe
(Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation) C:\Program Files\IDT\WDM\AEstSrv.exe
(Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.) C:\Program Files\IDT\WDM\stacsv.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Ltd) C:\Program Files\CCleaner\CCleaner.exe
(Safer Networking Ltd. -> Safer Networking Limited) C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe
(Safer Networking Ltd. -> Safer Networking Ltd.) C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [hpqSRMon] => C:\Program Files\HP\Digital Imaging\bin\hpqSRMon.exe [150528 2008-07-22] (Hewlett-Packard) [File not signed]
HKLM\...\Run: [HP Software Update] => C:\Program Files\HP\HP Software Update\HPWuSchd2.exe [54840 2007-05-08] (Hewlett-Packard Company -> Hewlett-Packard)
HKLM\...\Run: [UnlockerAssistant] => C:\Program Files\Unlocker\UnlockerAssistant.exe [17408 2010-07-04] () [File not signed]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\Run: [SpybotSD TeaTimer] => C:\Program Files\Spybot - Search & Destroy\TeaTimer.exe [2144088 2009-01-26] (Safer Networking Ltd. -> Safer Networking Limited)
HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\MountPoints2: {58525d18-527c-11e7-a4d6-002170efe099} - E:\HiSuiteDownLoader.exe
HKLM\...\Providers\imyftx0k: C:\Program Files\Drertatain Center\local32spl.dll <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{65122CB0-EA0F-47DF-A953-017170ED12F9}] -> "C:\Program Files\UCBrowser\Application\6.0.1121.13\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files\UCBrowser"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
HKLM\Software\Microsoft\Active Setup\Installed Components: [{A6EADE66-0000-0000-484E-7E8A45000000}] -> C:\Program Files\Adobe\Acrobat Reader DC\Esl\AiodLite.dll [2019-05-03] (Adobe Inc. -> Adobe Systems, Inc.)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk [2017-08-28]
ShortcutTarget: HP Digital Imaging Monitor.lnk -> C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {164429F7-4C20-41D4-BC91-573A6DA28AAD} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [18458752 2019-10-16] (Piriform Software Ltd -> Piriform Ltd)
Task: {33B2A3EF-13D6-4C3C-B37B-E822832F310B} - System32\Tasks\{FFF8F18C-AB44-470B-A6F9-874710E6ECD3} => C:\Windows\system32\pcalua.exe -a "C:\Users\DELL\Desktop\Nová složka (2)\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe" -d "C:\Users\DELL\Desktop\Nová složka (2)\FreeRapid-0.9u4\FreeRapid-0.9u4"
Task: {4B374104-9697-4E22-B0F7-0240AB256F09} - System32\Tasks\{EBCEEA2E-E875-4F47-90EE-9AB942FFE53C} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {5D4A6C3E-5D4D-41FD-AAE2-AD02103936D9} - System32\Tasks\{68E6284A-5E4B-4D47-A4F9-3CB7150435A9} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\DELL\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4
Task: {62576272-8198-4295-A292-EF40E0BCA2FD} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\system32\Macromed\Flash\FlashUtil32_32_0_0_330_Plugin.exe [1458232 2020-02-11] (Adobe Inc. -> Adobe)
Task: {66B7EA1A-6CCE-45AE-BE0B-96246A24D3E2} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-02-11] (Adobe Inc. -> Adobe)
Task: {A496B268-E156-41D6-B4AE-BBB7D28D2848} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [608384 2019-10-16] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {B9267CE0-4F44-4E7B-AD0C-FA0F101E1965} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1240656 2019-09-10] (Adobe Inc. -> Adobe Systems)
Task: {BBE6A629-6056-45F0-8213-D40DDCC2B42D} - System32\Tasks\{37D9CCAD-CD8A-44A0-9CA1-D381326DEC5D} => C:\Windows\system32\pcalua.exe -a "C:\Program Files\Common Files\Blackdex\uninstall.exe" -c shuz -f "C:\Program Files\Common Files\Blackdex\uninstall.dat" -a uninstallme 186A3CB1-ED2D-43F2-8ACB-78E0B778482B DeviceId=e51a325d-6eb7-87e8-5388-05f79bc2428c BarcodeId=50027003 ChannelId=3 DistributerName=APSnapdoAMRev
Task: {EBD9F4EC-51B5-4FFC-A7BF-153A3AA6C72B} - System32\Tasks\MEGA\MEGAsync Update Task S-1-5-21-1807591487-907479674-276054972-1001 => C:\Users\DELL\AppData\Local\MEGAsync\MEGAupdater.exe [615160 2019-10-26] (Mega Limited -> Mega Limited)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Hosts: There are more than one entry in Hosts. See Hosts section of Addition.txt
Tcpip\Parameters: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{0561AA36-A5F8-4FCC-B37D-209C45002F4F}: [DhcpNameServer] 213.46.172.36 213.46.172.37
Tcpip\..\Interfaces\{98B7C35B-06C6-4E77-8112-0C91F7872AC6}: [DhcpNameServer] 192.168.137.1 127.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1807591487-907479674-276054972-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.seznam.cz/
DownloadDir: C:\Users\DELL\Desktop
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1807591487-907479674-276054972-1001 -> DefaultScope {C7C9B273-7521-42DA-91E3-06101CECB253} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
SearchScopes: HKU\S-1-5-21-1807591487-907479674-276054972-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1807591487-907479674-276054972-1001 -> {C7C9B273-7521-42DA-91E3-06101CECB253} URL = hxxps://www.google.com/search?q={searchTerms}&s ... utEncoding?}
BHO: HP Print Enhancer -> {0347C33E-8762-4905-BF09-768834316C61} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)
BHO: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Ltd. -> Safer Networking Limited)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_241\bin\ssv.dll [2020-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_241\bin\jp2ssv.dll [2020-01-21] (Oracle America, Inc. -> Oracle Corporation)
BHO: HP Smart BHO Class -> {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} -> C:\Program Files\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll [2009-09-20] (Hewlett-Packard Company -> Hewlett-Packard Co.)

FireFox:
========
FF DefaultProfile: nk4efx2i.default-1483376918740-1550152235918
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\nk4efx2i.default-1483376918740-1550152235918 [2020-02-24]
FF DownloadDir: F:
FF Homepage: Mozilla\Firefox\Profiles\nk4efx2i.default-1483376918740-1550152235918 -> hxxps://www.seznam.cz/
FF Notifications: Mozilla\Firefox\Profiles\nk4efx2i.default-1483376918740-1550152235918 -> hxxps://pdda.valentreport.info
FF HKLM\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Extension: (HP Smart Web Printing) - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2017-08-28] [Legacy] [not signed]
FF HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\Firefox\Extensions: [smartwebprinting@hp.com] - C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_32_0_0_330.dll [2020-02-11] (Adobe Inc. -> )
FF Plugin: @java.com/DTPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\dtplugin\npDeployJava1.dll [2020-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.241.2 -> C:\Program Files\Java\jre1.8.0_241\bin\plugin2\npjp2.dll [2020-01-21] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.8 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2019-08-14] (VideoLAN -> VideoLAN)
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2020-02-04] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdobeARMservice; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [88136 2019-09-10] (Adobe Inc. -> Adobe Systems)
R2 AESTFilters; C:\Program Files\IDT\WDM\aestsrv.exe [81920 2009-03-03] (Microsoft Windows Hardware Compatibility Publisher -> Andrea Electronics Corporation)
R2 Credential Vault Host Control Service; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostControlService.exe [826272 2011-12-02] (Broadcom Corp -> Broadcom Corporation)
R2 Credential Vault Host Storage; C:\Program Files\Broadcom Corporation\Broadcom USH Host Components\CV\bin\HostStorageService.exe [31648 2011-12-02] (Broadcom Corp -> Broadcom Corporation)
R3 hpqcxs08; C:\Program Files\HP\Digital Imaging\bin\hpqcxs08.dll [249344 2009-09-20] (Hewlett-Packard Co.) [File not signed]
R2 hpqddsvc; C:\Program Files\HP\Digital Imaging\bin\hpqddsvc.dll [133120 2009-09-20] (Hewlett-Packard Co.) [File not signed]
S2 Net Driver HPZ12; C:\Windows\system32\HPZinw12.dll [44032 2010-08-06] (Hewlett-Packard) [File not signed]
S2 Pml Driver HPZ12; C:\Windows\system32\HPZipm12.dll [53760 2010-08-06] (Hewlett-Packard) [File not signed]
R2 SBSDWSCService; C:\Program Files\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd. -> Safer Networking Ltd.)
R2 STacSV; C:\Program Files\IDT\WDM\STacSV.exe [245842 2010-07-22] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2014-06-28] (Microsoft Windows -> Microsoft Corporation)
S2 Griveried; C:\Program Files\Delyqgach\Hrtdbg.dll [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 acpials; C:\Windows\System32\DRIVERS\acpials.sys [7680 2009-07-14] (Microsoft Windows -> Microsoft Corporation)
S3 athr; C:\Windows\System32\DRIVERS\athr.sys [1096704 2009-07-13] (Microsoft Windows -> Atheros Communications, Inc.)
R3 cvusbdrv; C:\Windows\System32\Drivers\cvusbdrv.sys [40040 2011-12-02] (Broadcom Corp -> Broadcom Corporation)
R1 HWiNFO32; C:\Windows\system32\drivers\HWiNFO32.SYS [23840 2016-12-28] (Martin Malik - REALiX -> REALiX(tm))
S3 nvlddmkm; C:\Windows\System32\DRIVERS\nvlddmkm.sys [7545216 2009-03-11] (Microsoft Windows Hardware Compatibility Publisher -> NVIDIA Corporation)
S1 prodrv06; C:\Windows\System32\drivers\prodrv06.sys [53920 2004-08-09] (Protection Technology) [File not signed]
S0 prohlp02; C:\Windows\System32\drivers\prohlp02.sys [114016 2004-08-09] (Protection Technology) [File not signed]
S0 prosync1; C:\Windows\System32\drivers\prosync1.sys [7040 2004-07-19] (Protection Technology) [File not signed]
R2 rimmptsk; C:\Windows\System32\DRIVERS\rimmptsk.sys [48128 2009-09-07] (Microsoft Windows Hardware Compatibility Publisher -> REDC)
S0 sfhlp01; C:\Windows\System32\drivers\sfhlp01.sys [4832 2003-12-01] (Protection Technology) [File not signed]
S3 SrvHsfHDA; C:\Windows\System32\DRIVERS\VSTAZL3.SYS [207360 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfV92; C:\Windows\System32\DRIVERS\VSTDPV3.SYS [980992 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
S3 SrvHsfWinac; C:\Windows\System32\DRIVERS\VSTCNXT3.SYS [661504 2009-07-13] (Microsoft Windows -> Conexant Systems, Inc.)
R3 STHDA; C:\Windows\System32\DRIVERS\stwrt.sys [431616 2010-07-22] (Microsoft Windows Hardware Compatibility Publisher -> IDT, Inc.)
S3 MBAMWebProtection; \??\C:\Windows\system32\drivers\mwac.sys [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One month (created) ===================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-24 10:36 - 2020-02-24 10:37 - 000016272 _____ C:\Users\DELL\Desktop\FRST.txt
2020-02-24 10:36 - 2020-02-24 10:36 - 000000000 ____D C:\FRST
2020-02-24 10:33 - 2020-02-24 10:33 - 002008064 _____ (Farbar) C:\Users\DELL\Desktop\FRST.exe
2020-02-23 22:22 - 2020-02-23 22:22 - 008356016 _____ (Malwarebytes) C:\Users\DELL\Desktop\AdwCleaner.exe
2020-02-23 12:53 - 2020-02-23 12:55 - 000000000 ____D C:\rsit
2020-02-23 12:53 - 2020-02-23 12:55 - 000000000 ____D C:\Program Files\trend micro
2020-02-23 12:52 - 2020-02-23 12:52 - 001107968 _____ C:\Users\DELL\Desktop\RSIT.exe
2020-02-23 11:31 - 2020-02-23 11:39 - 002462334 _____ C:\Users\DELL\AppData\Local[j0002]-[p01].bmp
2020-02-23 11:13 - 2020-02-23 12:39 - 000001969 _____ C:\Users\Public\Desktop\HP Print and Scan Doctor.lnk
2020-02-23 11:13 - 2020-02-23 12:39 - 000001969 _____ C:\ProgramData\Desktop\HP Print and Scan Doctor.lnk
2020-02-21 19:51 - 2020-01-30 03:30 - 000813056 _____ (Microsoft Corporation) C:\Windows\system32\user32.dll

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2020-02-24 10:35 - 2016-11-22 10:45 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Mozilla
2020-02-24 09:31 - 2009-07-14 05:34 - 000028720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2020-02-24 09:31 - 2009-07-14 05:34 - 000028720 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2020-02-24 00:06 - 2016-10-09 12:28 - 000000000 ____D C:\Users\DELL\AppData\Roaming\vlc
2020-02-23 22:30 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2020-02-23 22:25 - 2017-12-19 15:56 - 000000000 ____D C:\AdwCleaner
2020-02-23 12:48 - 2015-07-02 19:55 - 000000000 ____D C:\Users\DELL\Desktop\Záloha
2020-02-23 11:35 - 2017-11-25 16:16 - 000004128 _____ C:\Windows\system32\Tasks\CCleaner Update
2020-02-23 11:05 - 2017-08-11 19:32 - 000000000 ____D C:\ProgramData\HP
2020-02-23 10:49 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2020-02-23 10:40 - 2015-07-02 18:56 - 000000000 ____D C:\Users\DELL\AppData\Local\ElevatedDiagnostics
2020-02-23 09:22 - 2017-01-01 23:49 - 000000000 ____D C:\Users\DELL\AppData\Local\CrashDumps
2020-02-22 23:41 - 2011-04-12 02:37 - 000669116 _____ C:\Windows\system32\perfh005.dat
2020-02-22 23:41 - 2011-04-12 02:37 - 000141744 _____ C:\Windows\system32\perfc005.dat
2020-02-22 23:41 - 2010-11-20 22:01 - 001584554 _____ C:\Windows\system32\PerfStringBackup.INI
2020-02-21 20:12 - 2019-12-04 12:59 - 000000000 ____D C:\Program Files\Mozilla Firefox
2020-02-21 20:12 - 2017-01-02 01:34 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2020-02-20 22:20 - 2015-07-04 01:52 - 000000000 ____D C:\Users\DELL\AppData\Roaming\uTorrent
2020-02-14 09:37 - 2015-07-31 14:46 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2020-02-12 13:08 - 2015-07-02 18:17 - 000000000 ____D C:\Windows\system32\MRT
2020-02-12 13:00 - 2015-07-02 18:17 - 117211296 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2020-02-11 19:59 - 2018-03-13 20:59 - 000004524 _____ C:\Windows\system32\Tasks\Adobe Flash Player NPAPI Notifier
2020-02-11 19:59 - 2017-01-20 17:20 - 000004396 _____ C:\Windows\system32\Tasks\Adobe Flash Player Updater
2020-02-11 19:59 - 2015-07-02 20:36 - 000842296 _____ (Adobe) C:\Windows\system32\FlashPlayerApp.exe
2020-02-11 19:59 - 2015-07-02 20:36 - 000175160 _____ (Adobe) C:\Windows\system32\FlashPlayerCPLApp.cpl
2020-02-11 19:59 - 2015-07-02 20:36 - 000000000 ____D C:\Windows\system32\Macromed
2020-01-25 01:24 - 2017-03-14 13:26 - 009287680 ___SH C:\Users\DELL\Desktop\Thumbs.db

==================== Files in the root of some directories ========

2015-07-04 01:31 - 2015-04-25 19:30 - 000027702 _____ () C:\Program Files\toolbar.bmp
2015-07-09 14:36 - 2017-08-08 22:12 - 000007597 _____ () C:\Users\DELL\AppData\Local\Resmon.ResmonCfg

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

LastRegBack: 2020-02-17 11:27
==================== End of FRST.txt ========================

Hanke · #6 Příspěvek od **Hanke** » 24 úno 2020 10:42

Additional scan result of Farbar Recovery Scan Tool (x86) Version: 23-02-2020
Ran by DELL (24-02-2020 10:37:33)
Running from C:\Users\DELL\Desktop
Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2015-06-16 07:55:47)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-1807591487-907479674-276054972-500 - Administrator - Disabled)
DELL (S-1-5-21-1807591487-907479674-276054972-1001 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-1807591487-907479674-276054972-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1807591487-907479674-276054972-1003 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

32 Bit HP CIO Components Installer (HKLM\...\{A80FA752-C491-4ED9-ABF0-4278563160B2}) (Version: 7.1.8 - Hewlett-Packard) Hidden
7-Zip 19.00 (HKLM\...\7-Zip) (Version: 19.00 - Igor Pavlov)
Adobe Acrobat Reader DC - Czech (HKLM\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.006.20034 - Adobe Systems Incorporated)
Adobe Flash Player 32 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 32.0.0.330 - Adobe)
Adobe Flash Player 32 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 32.0.0.330 - Adobe)
AIO_Scan (HKLM\...\{D86B0E2E-DF9A-441C-AF77-8D1A0FF00FA6}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
Authy Desktop (HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\authy-electron) (Version: 1.5.0 - Twilio Inc.)
BufferChm (HKLM\...\{2EEA7AA4-C203-4b90-A34F-19FB7EF1C81C}) (Version: 130.0.331.000 - Hewlett-Packard) Hidden
CCleaner (HKLM\...\CCleaner) (Version: 5.61 - Piriform)
Copy (HKLM\...\{3C92B2E6-380D-4fef-B4DF-4A3B4B669771}) (Version: 130.0.428.000 - Hewlett-Packard) Hidden
Dell ControlVault Host Components Installer (HKLM\...\{F8CA28C9-6DBA-4910-BECB-1176346A6134}) (Version: 2.2.117.284 - Broadcom Corporation)
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 7.1207.101.108 - ALPS ELECTRIC CO., LTD.)
Destinations (HKLM\...\{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}) (Version: 130.0.0.0 - Hewlett-Packard) Hidden
DeviceDiscovery (HKLM\...\{2FF8C687-DB7D-4adc-A5DC-57983EC25046}) (Version: 130.0.465.000 - Hewlett-Packard) Hidden
DJ_AIO_ProductContext (HKLM\...\{2640314A-2D9A-4F58-B501-DB109CD9DBA2}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software (HKLM\...\{AD99B476-6FB7-4985-A3C3-E40595A7E6DE}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
DJ_AIO_Software_min (HKLM\...\{32DACAC3-6538-405D-915E-8F2D026F199C}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100 (HKLM\...\{33cc8e60-d6db-45be-9276-b6698187688a}) (Version: 130.0.365.000 - Hewlett-Packard) Hidden
F2100_Help (HKLM\...\{C1920D73-7374-49d9-8C37-58A6E49078A5}) (Version: 90.0.222.000 - Hewlett-Packard) Hidden
GPBaseService2 (HKLM\...\{63FF21C9-A810-464F-B60A-3111747B1A6D}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Hidden & Dangerous 2 (HKLM\...\{83437081-8186-4F63-BD39-4BE8A691E055}) (Version: 1.02.0006 - Název společnosti:) Hidden
Hidden & Dangerous 2 (HKLM\...\InstallShield_{83437081-8186-4F63-BD39-4BE8A691E055}) (Version: 1.02.0006 - Název společnosti:)
HP Customer Participation Program 13.0 (HKLM\...\HPExtendedCapabilities) (Version: 13.0 - HP)
HP Deskjet All-In-One Driver Software 13.0 Rel. 1 (HKLM\...\{EB773820-0871-46A8-9B96-F2B04F8B34F0}) (Version: 13.0 - HP)
HP Imaging Device Functions 13.0 (HKLM\...\HP Imaging Device Functions) (Version: 13.0 - HP)
HP Photosmart Essential 3.5 (HKLM\...\HP Photosmart Essential) (Version: 3.5 - HP)
HP Smart Web Printing 4.51 (HKLM\...\HP Smart Web Printing) (Version: 4.51 - HP)
HP Solution Center 13.0 (HKLM\...\HP Solution Center & Imaging Support Tools) (Version: 13.0 - HP)
HP Update (HKLM\...\{7059BDA7-E1DB-442C-B7A1-6144596720A4}) (Version: 4.000.011.006 - Hewlett-Packard)
HPDiagnosticAlert (HKLM\...\{B6465A32-8BE9-4B38-ADC5-4B4BDDC10B0D}) (Version: 1.00.0001 - Microsoft) Hidden
HPPhotoGadget (HKLM\...\{CAE4213F-F797-439D-BD9E-79B71D115BE3}) (Version: 130.0.282.000 - Hewlett-Packard) Hidden
HPPhotoSmartDiscLabelContent1 (HKLM\...\{681B698F-C997-42C3-B184-B489C6CA24C9}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPPhotosmartEssential (HKLM\...\{D79113E7-274C-470B-BD46-01B10219DF6A}) (Version: 2.04.0000 - Hewlett-Packard) Hidden
HPProductAssistant (HKLM\...\{C43326F5-F135-4551-8270-7F7ABA0462E1}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
HPSSupply (HKLM\...\{6B2FFB21-AC88-45C3-9A7D-4BB3E744EC91}) (Version: 130.0.371.000 - Hewlett-Packard) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2040 - Intel Corporation)
Intel(R) TV Wizard (HKLM\...\TVWiz) (Version: - Intel Corporation)
Java 8 Update 241 (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F32180241F0}) (Version: 8.0.2410.7 - Oracle Corporation)
K-Lite Mega Codec Pack 8.4.0 (HKLM\...\KLiteCodecPack_is1) (Version: 8.4.0 - )
MarketResearch (HKLM\...\{175F0111-2968-4935-8F70-33108C6A4DE3}) (Version: 130.0.374.000 - Hewlett-Packard) Hidden
MEGAsync (HKLM\...\MEGAsync) (Version: - Mega Limited)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Office Small Business Edition 2003 (HKLM\...\{91CA0405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.5614.0 - Microsoft Corporation)
Mozilla Firefox 73.0.1 (x86 cs) (HKLM\...\Mozilla Firefox 73.0.1 (x86 cs)) (Version: 73.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 73.0.1.7352 - Mozilla)
MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation)
MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation)
NVIDIA Drivers (HKLM\...\NVIDIA Drivers) (Version: 1.3 - NVIDIA Corporation)
NVIDIA nView Desktop Manager (HKLM\...\nView Desktop Manager) (Version: - )
Scan (HKLM\...\{0F367CA3-3B2F-43F9-A44A-25A8EE69E45D}) (Version: 13.0.0.0 - Hewlett-Packard) Hidden
Shop for HP Supplies (HKLM\...\Shop for HP Supplies) (Version: 13.0 - HP)
SmartWebPrinting (HKLM\...\{DC635845-46D3-404B-BCB1-FC4A91091AFA}) (Version: 130.0.457.000 - Hewlett-Packard) Hidden
SolutionCenter (HKLM\...\{4A70EF07-7F88-4434-BB61-D1DE8AE93DD4}) (Version: 130.0.373.000 - Hewlett-Packard) Hidden
Spybot - Search & Destroy (HKLM\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
Status (HKLM\...\{0EF5BEA9-B9D3-46d7-8958-FB69A0BAEACC}) (Version: 130.0.469.000 - Hewlett-Packard) Hidden
Toolbox (HKLM\...\{6BBA26E9-AB03-4FE7-831A-3535584CA002}) (Version: 130.0.648.000 - Hewlett-Packard) Hidden
TrayApp (HKLM\...\{1EC71BFB-01A3-4239-B6AF-B1AE656B15C0}) (Version: 130.0.422.000 - Hewlett-Packard) Hidden
UnloadSupport (HKLM\...\{4E7C28C7-D5DA-4E9F-A1CA-60490B54AE35}) (Version: 11.0.0 - Hewlett-Packard) Hidden
VLC media player (HKLM\...\VLC media player) (Version: 3.0.8 - VideoLAN)
vs2015_redist x86 (HKLM\...\{BD46163A-0331-4A61-B65A-7B66D7C93F8E}) (Version: 1.0.0.0 - Realnetworks) Hidden
WebReg (HKLM\...\{43CDF946-F5D9-4292-B006-BA0D92013021}) (Version: 130.0.132.017 - Hewlett-Packard) Hidden
Wooky 3.0.1.6 (HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\Wooky) (Version: 3.0.1.6 - Mobilbonus, s.r.o.)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellExecuteHooks: No Name - {46C3BB2C-CC38-11E6-8704-64006A5CFC23} - -> No File
ShellIconOverlayIdentifiers: [ MEGA (Pending)] -> {056D528D-CE28-4194-9BA3-BA2E9197FF8C} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Synced)] -> {05B38830-F4E9-4329-978B-1DD28605D202} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ShellIconOverlayIdentifiers: [ MEGA (Syncing)] -> {0596C850-7BDD-4C9D-AFDF-873BE6890637} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers1: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ContextMenuHandlers2: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ContextMenuHandlers3: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]
ContextMenuHandlers4: [MEGA (Context menu)] -> {0229E5E7-09E9-45CF-9228-0228EC7D5F17} => C:\Users\DELL\AppData\Local\MEGAsync\ShellExtX32.dll [2019-10-26] (Mega Limited -> )
ContextMenuHandlers5: [00nView] -> {1E9B04FB-F9E5-4718-997B-B8DA88302A48} => C:\Windows\System32\nvshell.dll [2009-03-04] () [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-02-11] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {A70C977A-BF00-412C-90B7-034C51DA2439} => C:\Windows\system32\nvcpl.dll [2009-03-11] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => C:\Program Files\7-Zip\7-zip.dll [2019-02-21] (Igor Pavlov) [File not signed]

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [msacm.l3acm] => C:\Windows\system32\l3codecp.acm [220672 2009-07-14] (Microsoft Windows -> Fraunhofer Institut Integrierte Schaltungen IIS)
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [VIDC.YV12] => C:\Windows\system32\xvidvfw.dll [243200 2011-06-24] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [151552 2011-12-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [msacm.lameacm] => C:\Windows\system32\lameACM.acm [839680 2008-09-24] (hxxp://www.mp3dev.org/) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\system32\ff_vfw.dll [79360 2012-02-15] () [File not signed]

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
Shortcut: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories\System Tools\Intеrnet Ехрlorеr (No Add-ons).lnk -> C:\Users\DELL\AppData\Roaming\Browsers\exe.erolpxei.bat (No File) <==== Cyrillic

==================== Loaded Modules (Whitelisted) =============

2010-07-04 22:32 - 2010-07-04 22:32 - 000004608 _____ () [File not signed] C:\Program Files\Unlocker\UnlockerHook.dll
2014-01-29 16:10 - 2009-03-04 22:04 - 000466944 _____ () [File not signed] C:\Windows\System32\nvshell.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000097280 _____ (Hewlett Packard) [File not signed] C:\Program Files\HP\Digital Imaging\Product Assistant\bin\hprbevst.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000629248 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpocxi08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 001171456 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpodio08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000538112 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpotra08.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000032256 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpotra08.rsc
2009-09-20 09:19 - 2009-09-20 09:19 - 000274432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpotradd.dll
2009-09-20 09:19 - 2009-09-20 09:19 - 000293376 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqcob08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000249344 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqcxs08.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000213504 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddcmn.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000133120 _____ (Hewlett-Packard Co.) [File not signed] c:\program files\hp\digital imaging\bin\hpqddsvc.dll
2009-09-20 11:24 - 2009-09-20 11:24 - 000049664 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqddusr.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000338432 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqmif08.dll
2009-05-21 19:05 - 2009-05-21 19:05 - 000326144 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqrif08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000931328 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqsem08.rsc
2009-09-20 11:07 - 2009-09-20 11:07 - 000307712 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqsti08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000285184 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqstp08.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000012288 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqstp08.rsc
2009-09-20 11:36 - 2009-09-20 11:36 - 000150528 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqtao08.dll
2009-09-20 11:36 - 2009-09-20 11:36 - 000048128 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqtra08.rsc
2009-09-20 11:36 - 2009-09-20 11:36 - 000205824 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpquio08.dll
2009-05-21 19:09 - 2009-05-21 19:09 - 000554496 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqusg.dll
2009-09-20 11:07 - 2009-09-20 11:07 - 000485888 _____ (Hewlett-Packard Co.) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqwso08.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000121344 _____ (Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\HpqCPTA.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000040960 _____ (Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqgpb01.dll
2009-05-21 17:57 - 2009-05-21 17:57 - 000038912 _____ (Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqgpreh.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000192000 _____ (Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\HpqSRTA.dll
2008-07-22 17:33 - 2008-07-22 17:33 - 000105472 _____ (Hewlett-Packard) [File not signed] C:\Program Files\HP\Digital Imaging\bin\hpqxml2.dll
2010-08-06 11:13 - 2010-08-06 11:13 - 000034816 _____ (Hewlett-Packard) [File not signed] C:\Windows\system32\hpzipr12.dll
2019-03-14 20:35 - 2019-02-21 17:00 - 000050688 _____ (Igor Pavlov) [File not signed] C:\Program Files\7-Zip\7-zip.dll
2016-03-20 15:56 - 2003-06-19 01:31 - 000017920 _____ (Microsoft Corporation) [File not signed] C:\Windows\System32\mdimon.dll
2016-03-20 15:56 - 2003-06-19 01:31 - 000018944 _____ (Microsoft Corporation) [File not signed] C:\Windows\system32\spool\PRTPROCS\W32X86\mdippr.dll

==================== Alternate Data Streams (Whitelisted) ========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x86.sys [19812]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1205026]

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer trusted/restricted ==========

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com

There are 7922 more sites.

IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\007guard.com -> install.007guard.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\008k.com -> www.008k.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\00hq.com -> www.00hq.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\010402.com -> 010402.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\0scan.com -> www.0scan.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\1-2005-search.com -> www.1-2005-search.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\1-domains-registrations.com -> www.1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\1000gratisproben.com -> www.1000gratisproben.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\1001namen.com -> www.1001namen.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\100888290cs.com -> mir.100888290cs.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\100sexlinks.com -> www.100sexlinks.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\10sek.com -> www.10sek.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\12-26.net -> user1.12-26.net
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\12-27.net -> user1.12-27.net
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\123fporn.info -> www.123fporn.info
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\123moviedownload.com -> www.123moviedownload.com
IE restricted site: HKU\S-1-5-21-1807591487-907479674-276054972-1001\...\123simsen.com -> www.123simsen.com

There are 7922 more sites.

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2009-07-14 03:04 - 2017-01-02 17:35 - 000453915 _____ C:\Windows\system32\drivers\etc\hosts
127.0.0.1 v1.ff.avast.com
127.0.0.1 vlcproxy.ff.avast.com
127.0.0.1 www.007guard.com
127.0.0.1 007guard.com
127.0.0.1 008i.com
127.0.0.1 www.008k.com
127.0.0.1 008k.com
127.0.0.1 www.00hq.com
127.0.0.1 00hq.com
127.0.0.1 010402.com
127.0.0.1 www.032439.com
127.0.0.1 032439.com
127.0.0.1 www.0scan.com
127.0.0.1 0scan.com
127.0.0.1 1000gratisproben.com
127.0.0.1 www.1000gratisproben.com
127.0.0.1 1001namen.com
127.0.0.1 www.1001namen.com
127.0.0.1 100888290cs.com
127.0.0.1 www.100888290cs.com
127.0.0.1 www.100sexlinks.com
127.0.0.1 100sexlinks.com
127.0.0.1 10sek.com
127.0.0.1 www.10sek.com
127.0.0.1 www.1-2005-search.com
127.0.0.1 1-2005-search.com
127.0.0.1 123fporn.info
127.0.0.1 www.123fporn.info
127.0.0.1 123haustiereundmehr.com
127.0.0.1 www.123haustiereundmehr.com

There are 15578 more lines.

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\;%systemroot%\System32\WindowsPowerShell\v1.0\
HKU\S-1-5-21-1807591487-907479674-276054972-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 213.46.172.36 - 213.46.172.37
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{A7A061E0-27B2-480D-AB10-AD0E8CDDBBD2}] => (Allow) C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [TCP Query User{BD14D13D-3AC6-498E-8769-9C25491780E4}C:\users\dell\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dell\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [UDP Query User{B7163F63-D314-41D4-97F9-CD8B6BFA291D}C:\users\dell\appdata\roaming\utorrent\utorrent.exe] => (Allow) C:\users\dell\appdata\roaming\utorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{81EB83A3-B768-41D7-9F06-59D53340A43C}] => (Allow) C:\Users\DELL\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{A3E558B0-66B1-4E88-8336-26CE2225600F}] => (Allow) C:\Users\DELL\AppData\Roaming\uTorrent\utorrent.exe (uTorrent.CZ -> BitTorrent, Inc.) [File not signed]
FirewallRules: [{CB9BEC38-B43B-4749-BAE6-EBD59B829195}] => (Allow) C:\Windows\system32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{43241946-D9D2-461E-9F0C-A422F34E8344}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{1A59C7EF-DE89-4EBB-AC07-EC25B682B3A2}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{B0B52EF7-0740-4044-9597-57629AFC7444}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{EF50EFF3-2B37-4FAD-88D2-C3550C5E14DA}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{1A43C903-C7CB-48ED-8488-64E5417FF4A0}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{870C9D9B-EAE8-4246-99BC-1859BB2D8034}] => (Allow) C:\Windows\System32\rundll32.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{7FAFA42F-4382-4A10-806D-43E3E4B61D41}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqtra08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{0CA6FF46-40BF-4691-83F0-58FFF48C5A0F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqste08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{E2ED4CEE-A0FF-4AF6-880C-BA9247EE1E74}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hposid01.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{850A348E-4E98-4233-92C8-C9D8EFA40725}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqkygrp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{B48DD87C-E63A-4418-8DBD-6A142CE4452D}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqcopy2.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{73E081DB-1B91-4E43-80F5-14BCFF505DA4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpfccopy.exe () [File not signed]
FirewallRules: [{1258E534-8639-4139-B243-7A7B681AA18B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqnrs08.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{3ED25125-4281-4ED0-A15A-5F78FC4E3A2C}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpiscnapp.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{4E4308FB-8CD5-491E-8437-0A1F298169A8}] => (Allow) C:\Program Files\common files\hp\digital imaging\bin\hpqphotocrm.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{0110202B-2F46-403F-BEE2-630775897558}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqsudi.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{7A706834-C30A-49B6-93D3-E42274A7C540}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpsapp.exe (Hewlett-Packard Development Co. L.P.) [File not signed]
FirewallRules: [{AE8C1ED6-F2C0-497C-8495-6F812E2729C4}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqpse.exe (Hewlett Packard -> Hewlett-Packard Development Co. L.P.)
FirewallRules: [{D8F848C3-FBFE-4A73-A324-DD5582BC243F}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgplgtupl.exe (Hewlett-Packard Co.) [File not signed]
FirewallRules: [{2007A38F-5E96-4896-95F1-0DA181F2F8BB}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqgpc01.exe (Hewlett-Packard) [File not signed]
FirewallRules: [{3545B35E-DA32-453A-83C8-D1DA59971508}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgm.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{917B0E2F-F7DD-48DF-B2DF-10CF8FB2484B}] => (Allow) C:\Program Files\HP\Digital Imaging\bin\hpqusgh.exe (Hewlett Packard -> Hewlett-Packard Co.)
FirewallRules: [{B381015F-52A5-4A90-BE81-4A23E95D0EB4}] => (Allow) C:\Program Files\HP\hp software update\hpwucli.exe (Hewlett-Packard Company -> Hewlett-Packard)
FirewallRules: [{9823F3D4-5C90-49B2-AFE7-F8D213FE5D28}] => (Allow) C:\Program Files\HP\digital imaging\smart web printing\smartwebprintexe.exe (Hewlett-Packard Company -> Hewlett-Packard Co.)
FirewallRules: [TCP Query User{1FB4FAB6-0C88-4B7B-9456-F5320E02B0F5}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{942C2F84-CC33-40FA-9906-66D4F880D182}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C8F7371E-67DD-4651-A8F4-5B7063A0BAD8}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [{E6836327-C091-4500-B4D3-6D4AFC523505}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe (Piriform Software Ltd -> Piriform Software Ltd)
FirewallRules: [TCP Query User{C9CDA122-B250-45D4-A07C-FAFA83CC5650}C:\program files\java\jre1.8.0_241\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_241\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [UDP Query User{DFFA54AC-B6EA-4630-8613-805777B14868}C:\program files\java\jre1.8.0_241\launch4j-tmp\frd.exe] => (Allow) C:\program files\java\jre1.8.0_241\launch4j-tmp\frd.exe (Oracle America, Inc. -> Oracle Corporation)
FirewallRules: [{84CE6DDC-1E3A-416E-A5EA-D18EFDA0B5F6}] => (Allow) C:\Users\DELL\AppData\Local\Temp\7zS2C91\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{D33A1C77-435D-4181-9E20-E4E8974B5A99}] => (Allow) C:\Users\DELL\AppData\Local\Temp\7zS2C91\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{213C94E3-8EB1-49D9-99C7-1738F1ED2A06}] => (Allow) C:\Users\DELL\AppData\Local\Temp\7zS3EB8\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{8764EE06-5B26-40CF-81EA-C7BF4338ACEB}] => (Allow) C:\Users\DELL\AppData\Local\Temp\7zS3EB8\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{C564597A-BB7B-4BD8-9002-7350E0E75571}] => (Allow) C:\Users\DELL\AppData\Local\Temp\7zS74EF\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)
FirewallRules: [{2B6810CF-EA59-4C62-8BE4-CA86ACCE9B3D}] => (Allow) C:\Users\DELL\AppData\Local\Temp\7zS74EF\HPDiagnosticCoreUI.exe (HP Inc. -> HPDC LP)

==================== Restore Points =========================

==================== Faulty Device Manager Devices ============

==================== Event log errors: ========================

Application errors:
==================
Error: (02/24/2020 10:13:18 AM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (02/23/2020 11:25:01 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (02/23/2020 10:30:16 PM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/23/2020 12:10:28 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Windows\system32\rundll32.exe /d srrstr.dll,ExecuteScheduledSPPCreation; Popis = Naplánovaný kontrolní bod; Chyba = 0x80070422).

Error: (02/23/2020 11:27:01 AM) (Source: Microsoft-Windows-WMI) (EventID: 10) (User: NT AUTHORITY)
Description: Event filter with query "SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99" could not be reactivated in namespace "//./root/CIMV2" because of error 0x80041003. Events cannot be delivered through this filter until the problem is corrected.

Error: (02/23/2020 09:24:51 AM) (Source: ESENT) (EventID: 455) (User: )
Description: taskhost (2456) WebCacheLocal: Při otevírání souboru protokolu C:\Users\DELL\AppData\Local\Microsoft\Windows\WebCache\V010012E.log došlo k chybě -1811.

Error: (02/23/2020 09:22:09 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (2456) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -510.

Error: (02/23/2020 09:22:06 AM) (Source: ESENT) (EventID: 454) (User: )
Description: taskhost (2456) WebCacheLocal: Při zotavení či obnovení databáze došlo k neočekávané chybě -510.

System errors:
=============
Error: (02/24/2020 09:22:10 AM) (Source: Service Control Manager) (EventID: 7011) (User: )
Description: Při čekání na odezvu transakce služby lmhosts bylo dosaženo časového limitu (30000 ms).

Error: (02/23/2020 10:30:16 PM) (Source: Service Control Manager) (EventID: 7026) (User: )
Description: Zavedení následujícího ovladače pro spouštění počítače nebo systému se nezdařilo:
prodrv06
prohlp02
prosync1
sfhlp01

Error: (02/23/2020 10:30:04 PM) (Source: Service Control Manager) (EventID: 7023) (User: )
Description: Služba Griveried byla ukončena s následující chybou:
Uvedený modul nebyl nalezen.

Error: (02/23/2020 10:29:57 PM) (Source: Service Control Manager) (EventID: 7001) (User: )
Description: Služba NVIDIA Display Driver Service závisí na službě nvlddmkm, která neuspěla při spuštění v důsledku následující chyby:
Zvolenou službu nelze spustit, protože není povolena nebo s ní není spojeno žádné povolené zařízení.

Error: (02/23/2020 10:29:35 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače prodrv06.sys je blokováno.

Error: (02/23/2020 10:29:30 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače prohlp02.sys je blokováno.

Error: (02/23/2020 10:29:30 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače prosync1.sys je blokováno.

Error: (02/23/2020 10:29:30 PM) (Source: Application Popup) (EventID: 875) (User: )
Description: Načtení ovladače sfhlp01.sys je blokováno.

Windows Defender:
===================================
Date: 2019-01-31 15:51:36.090
Description:
Prohledávání Windows Defender bylo zastaveno před dokončením.
ID prohledávání:{7345101E-3344-407A-8281-1B9D2F22CEE3}
Typ prohledávání:Antispywarový program
Parametry prohledávání:Úplné prohledávání
Uživatel:DELL-PC\DELL

==================== Memory info ===========================

BIOS: Dell Inc. A18 10/30/2009
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM)2 Duo CPU P8700 @ 2.53GHz
Percentage of memory in use: 74%
Total physical RAM: 1935.9 MB
Available physical RAM: 490.92 MB
Total Virtual: 3871.8 MB
Available Virtual: 2177.68 MB

==================== Drives ================================

Drive c: (Windows) (Fixed) (Total:111.59 GB) (Free:83.06 GB) NTFS
Drive e: (Verbatim) (Fixed) (Total:465.76 GB) (Free:327.37 GB) NTFS

\\?\Volume{29890b7c-005a-11e5-bd6d-806e6f6e6963}\ (System) (Fixed) (Total:0.2 GB) (Free:0.16 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 111.8 GB) (Disk ID: E00B3F2F)
Partition 1: (Active) - (Size=200 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=111.6 GB) - (Type=07 NTFS)

==========================================================
Disk: 1 (Size: 465.8 GB) (Disk ID: B6B7CF40)
Partition 1: (Not Active) - (Size=465.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

#7 Příspěvek od **Rudy** » 24 úno 2020 13:22

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
ShellExecuteHooks: No Name - {46C3BB2C-CC38-11E6-8704-64006A5CFC23} - -> No File
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x86.sys [19812]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1205026]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Providers\imyftx0k: C:\Program Files\Drertatain Center\local32spl.dll <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{65122CB0-EA0F-47DF-A953-017170ED12F9}] -> "C:\Program Files\UCBrowser\Application\6.0.1121.13\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files\UCBrowser"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {33B2A3EF-13D6-4C3C-B37B-E822832F310B} - System32\Tasks\{FFF8F18C-AB44-470B-A6F9-874710E6ECD3} => C:\Windows\system32\pcalua.exe -a "C:\Users\DELL\Desktop\Nová složka (2)\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe" -d "C:\Users\DELL\Desktop\Nová složka (2)\FreeRapid-0.9u4\FreeRapid-0.9u4"
Task: {4B374104-9697-4E22-B0F7-0240AB256F09} - System32\Tasks\{EBCEEA2E-E875-4F47-90EE-9AB942FFE53C} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {5D4A6C3E-5D4D-41FD-AAE2-AD02103936D9} - System32\Tasks\{68E6284A-5E4B-4D47-A4F9-3CB7150435A9} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\DELL\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1807591487-907479674-276054972-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 Griveried; C:\Program Files\Delyqgach\Hrtdbg.dll [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

EmptyTemp:
Hosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

Hanke · #8 Příspěvek od **Hanke** » 24 úno 2020 14:36

Fix result of Farbar Recovery Scan Tool (x86) Version: 23-02-2020
Ran by DELL (24-02-2020 14:26:08) Run:1
Running from C:\Users\DELL\Desktop
Loaded Profiles: DELL (Available Profiles: DELL)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start

CloseProcesses:
ShellExecuteHooks: No Name - {46C3BB2C-CC38-11E6-8704-64006A5CFC23} - -> No File
WMI:subscription\__TimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__IntervalTimerInstruction->SethomePage Interval Timer:: <==== ATTENTION
WMI:subscription\__EventFilter->EventFilter sethomePage2::[Query => Select * From __timerevent Where TimerId = "SethomePage Interval Timer"] <==== ATTENTION
AlternateDataStreams: C:\Windows\system32\drivers:ucdrv-x86.sys [19812]
AlternateDataStreams: C:\Windows\system32\drivers:x86 [1205026]
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [646160 2019-12-11] (Oracle America, Inc. -> Oracle Corporation)
HKLM\...\Providers\imyftx0k: C:\Program Files\Drertatain Center\local32spl.dll <==== ATTENTION
HKLM\Software\Microsoft\Active Setup\Installed Components: [{65122CB0-EA0F-47DF-A953-017170ED12F9}] -> "C:\Program Files\UCBrowser\Application\6.0.1121.13\Installer\chrmstp.exe" --configure-user-settings --verbose-logging --system-level --wow-install-target-path="C:\Program Files\UCBrowser"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{73FA19D0-2D75-11D2-995D-00C04F98BBC9}] ->
Task: {33B2A3EF-13D6-4C3C-B37B-E822832F310B} - System32\Tasks\{FFF8F18C-AB44-470B-A6F9-874710E6ECD3} => C:\Windows\system32\pcalua.exe -a "C:\Users\DELL\Desktop\Nov� slo�ka (2)\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe" -d "C:\Users\DELL\Desktop\Nov� slo�ka (2)\FreeRapid-0.9u4\FreeRapid-0.9u4"
Task: {4B374104-9697-4E22-B0F7-0240AB256F09} - System32\Tasks\{EBCEEA2E-E875-4F47-90EE-9AB942FFE53C} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {5D4A6C3E-5D4D-41FD-AAE2-AD02103936D9} - System32\Tasks\{68E6284A-5E4B-4D47-A4F9-3CB7150435A9} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4\frd.exe -d C:\Users\DELL\Desktop\FreeRapid-0.9u4\FreeRapid-0.9u4
SearchScopes: HKLM -> DefaultScope value is missing
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1807591487-907479674-276054972-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
S2 Griveried; C:\Program Files\Delyqgach\Hrtdbg.dll [X]
U0 Partizan; system32\drivers\Partizan.sys [X]

EmptyTemp:
Hosts:
End
*****************

Processes closed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\explorer\ShellExecuteHooks\\{46C3BB2C-CC38-11E6-8704-64006A5CFC23}" => removed successfully.
"SethomePage Interval Timer" => removed successfully.
"SethomePage Interval Timer" => not found
"EventFilter sethomePage2" => removed successfully.
C:\Windows\system32\drivers => ":ucdrv-x86.sys" ADS removed successfully.
C:\Windows\system32\drivers => ":x86" ADS removed successfully.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully.
HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\imyftx0k => removed successfully.
"HKLM\SYSTEM\CurrentControlSet\Control\Print\Providers\\order imyftx0k" => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{65122CB0-EA0F-47DF-A953-017170ED12F9} => removed successfully.
HKLM\Software\Microsoft\Active Setup\Installed Components\{73FA19D0-2D75-11D2-995D-00C04F98BBC9} => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{33B2A3EF-13D6-4C3C-B37B-E822832F310B}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{33B2A3EF-13D6-4C3C-B37B-E822832F310B}" => removed successfully.
C:\Windows\System32\Tasks\{FFF8F18C-AB44-470B-A6F9-874710E6ECD3} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{FFF8F18C-AB44-470B-A6F9-874710E6ECD3}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4B374104-9697-4E22-B0F7-0240AB256F09}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4B374104-9697-4E22-B0F7-0240AB256F09}" => removed successfully.
C:\Windows\System32\Tasks\{EBCEEA2E-E875-4F47-90EE-9AB942FFE53C} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{EBCEEA2E-E875-4F47-90EE-9AB942FFE53C}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5D4A6C3E-5D4D-41FD-AAE2-AD02103936D9}" => removed successfully.
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D4A6C3E-5D4D-41FD-AAE2-AD02103936D9}" => removed successfully.
C:\Windows\System32\Tasks\{68E6284A-5E4B-4D47-A4F9-3CB7150435A9} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{68E6284A-5E4B-4D47-A4F9-3CB7150435A9}" => removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => value restored successfully
HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKU\S-1-5-21-1807591487-907479674-276054972-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => removed successfully.
HKLM\System\CurrentControlSet\Services\Griveried => removed successfully.
Griveried => service removed successfully.
HKLM\System\CurrentControlSet\Services\Partizan => removed successfully.
Partizan => service removed successfully.
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 11550906 B
Java, Flash, Steam htmlcache => 1370 B
Windows/system/drivers => 3302274 B
Edge => 0 B
Chrome => 0 B
Firefox => 1035503726 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 76290 B
Public => 76290 B
ProgramData => 76290 B
systemprofile => 109476 B
LocalService => 109476 B
NetworkService => 120788 B
DELL => 196031880 B

RecycleBin => 0 B
EmptyTemp: => 1.2 GB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 14:26:42 ====

#9 Příspěvek od **Rudy** » 24 úno 2020 15:51

Smazáno. Nastala nějaká změna?

Hanke · #10 Příspěvek od **Hanke** » 24 úno 2020 16:03

Zdravim,

Tak ntb už nezamrzá, videa a reklamy se načítají. Tiskárna komunikuje s ntb. Jediný co stále nejde je plynulý restart. Ntb se při restartu stále seká na černé obrazovce storage manager...

#11 Příspěvek od **Rudy** » 24 úno 2020 16:57

Zkuste StorageManagar přeinstalovat. Je to utilita od Dell: https://www.dell.com/support/home/cz/cs ... erid=fn3cm . Pokud ho k ničemu nepotřebujete, odinstalujte.

Hanke · #12 Příspěvek od **Hanke** » 24 úno 2020 19:30

Zkoušel jsem přeinstalovat a pořád nic. Když chci oddinstalovat, nemůžu nic najít. Co jsem se díval, jmenuje se to intel matrix storage manager.

#13 Příspěvek od **Rudy** » 24 úno 2020 19:54

Hanke píše:Zkoušel jsem přeinstalovat a pořád nic. Když chci oddinstalovat, nemůžu nic najít. Co jsem se díval, jmenuje se to intel matrix storage manager.

Utilita by měla mít svůj adresář (sice si nejsem jistý, neznám jí) a v něm by mohl být odinstalátor (uninstall.exe). Jinak byste ještě mohl zkusit defragmentovat disk.

Hanke · #14 Příspěvek od **Hanke** » 24 úno 2020 21:47

Tak jsem se nakonec prohrabal v biosu a opraveno. Takže už jde vše, díky za pomoc.

#15 Příspěvek od **Rudy** » 24 úno 2020 21:52

To jsem rád a nemáte zač!

VIRY.CZ

Zamrzání ntb a prohlížeče, problém s tiskem a restartem ntb

Zamrzání ntb a prohlížeče, problém s tiskem a restartem ntb

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem

Re: Zamrzání ntb a prohlížeče, problém s tiskem a restartem