Pomaly počítač, mrzne už dlhšiu dobu
Napsal: 17 zář 2021 15:53
Prosím o kontrolu logu, ďakujem.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by peter (17-09-2021 16:44:31)
Running from C:\Users\peter\Desktop
Windows 10 Home Version 20H2 19042.1165 (X64) (2021-03-14 15:16:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-123821111-4108638035-923771172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-123821111-4108638035-923771172-503 - Limited - Disabled)
Guest (S-1-5-21-123821111-4108638035-923771172-501 - Limited - Disabled)
peter (S-1-5-21-123821111-4108638035-923771172-1000 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-123821111-4108638035-923771172-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
ALFA plus 7.52.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{EB0F418B-0C48-4F31-A02E-5C56A6AE9307}) (Version: 7.52.00 - KROS a.s.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez (HKLM-x32\...\Call of Juarez_is1) (Version: 1.0 - US-Action, s.r.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Colora (HKLM-x32\...\{7B8239D5-22CC-49CF-86BA-FBB205042AF6}) (Version: 0.1.0 - Bluegrams)
Commandos: Behind Enemy Lines SK (HKLM-x32\...\Commandos: Behind Enemy Lines SK) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
f.lux (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Flux) (Version: - f.lux Software LLC)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.89.530 - Digital Wave Ltd)
Free Video Cutter Joiner 10.6 (HKLM-x32\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.6 - DVDVideoMedia, Inc.)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Kodi) (Version: - XBMC-Foundation)
Lexmark Universal v2 XL Print Driver (HKLM\...\{2A0FA2A8-C235-4B4D-B4E1-5487A1E83847}) (Version: 2.12.0.0 - Lexmark International, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.47 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 92.0 (x64 sk)) (Version: 92.0 - Mozilla)
Mozilla Firefox 56.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 56.0.2 (x64 sk)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
MP3Resizer 1.9.2 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Packeta Device Server (HKLM-x32\...\PacketaDeviceServer) (Version: 1.1.1.0 - Packeta s.r.o.)
Podpora pre zákazníkov (HKLM-x32\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTime Picture Convertor 6 verzia 6.92 (HKLM-x32\...\{5462C7B2-78DE-4924-9978-516F0CC47D41}_is1) (Version: 6.92 - DExUS - Dalibor Bartoš)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - Lexmark International Printer (01/10/2016 2.12.0.0) (HKLM\...\A304A687939DA8C7818531866D7836BC794F8545) (Version: 01/10/2016 2.12.0.0 - Lexmark International)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xerox WorkCentre 3045NI (HKLM-x32\...\{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox)
Zoom (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\ZoomUMX) (Version: 5.5.0 (12454.0131) - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2017-03-10 01:56 - 2017-03-10 01:56 - 000210944 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoJSON.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000728064 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNet.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000324096 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoUtil.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000413696 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoXML.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000088064 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoCrypto.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoFoundation.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000187392 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNetSSL.dll
2010-12-17 15:46 - 2010-12-17 15:46 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2015-08-31 20:57 - 2015-10-12 05:04 - 001710752 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2017-03-10 01:15 - 2017-03-10 01:15 - 000111104 _____ (Opticon Sensors Europe BV) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\CSP2.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001367552 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\LIBEAY32.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000337408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2010-12-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: FirebirdServerKROS_20400 => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: XRNADB => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ALFA plus - rýchle spustenie.lnk => C:\Windows\pss\ALFA plus - rýchle spustenie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odmenovac.appref-ms => C:\Windows\pss\Odmenovac.appref-ms.Startup
MSCONFIG\startupreg: 3045NI RUN => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Launcher3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 3045NI
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StatusAutoRun3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 3045NI,hide,\S
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D1444CF2-B193-4F97-A3E8-AB4700E2C575}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F07C5565-98A1-43C4-BE66-92D04C3D3E06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D0C285D3-4F8F-41E6-8C09-E14726071C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6B92E39-774D-4438-A672-7A6FC468B808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CEA2E11-4FD7-4AF8-B1A3-7C53B3DEBE9E}] => (Allow) C:\Users\peter\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{337765A6-0DFB-41BF-B536-F8D881523CCE}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [TCP Query User{EDFE2DC2-7FE2-4EFB-9D65-9ABC718559B6}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [{62A42806-980B-4137-BBE0-6546E1A9B12A}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{3C405C40-6FAC-4096-BA70-5C88FD177165}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{E74C37A9-6E7F-490E-ADC2-1FF074210E2D}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{520B6119-79C6-4E1B-9A15-597F12FA28B3}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FF3006EF-8101-4F17-8EBC-6A9AF154508B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{B8EAFE19-EBF5-42E9-873F-D3918D4F943B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FA2D393C-DA42-4327-BFE1-6EE18CEA3AAA}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{F4EB0303-4783-4238-91C7-3C04751B4B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B28866B-C3CA-4CEF-B96D-8BACE06D0367}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF99A901-57B8-4615-91D9-CE40EC1E32D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{C2477080-E51A-464C-96D4-6FF046713CEB}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{611508AB-D3FD-472D-95C3-967B084BED56}] => (Allow) LPort=20402
FirewallRules: [{D157DB10-A53B-4A9C-803B-854F85B446FF}] => (Allow) LPort=20401
FirewallRules: [{D6726B64-0E08-4502-9744-C8B68020E9CA}] => (Allow) LPort=20400
FirewallRules: [{E69BE5B5-DC56-4CE5-9656-8A83310AF8C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9A905B47-FD48-4B18-A684-FF699CC93730}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{3302DEDE-B04D-441B-8668-BECF29BB7B34}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{5927547F-AA6A-466B-BC9D-82B43C412F17}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{110DDE8E-B954-4197-8257-91DB3D361F68}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0E2CE7F1-35BA-4066-AA92-6E58BFF305D5}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{90E66651-F8F2-484D-BFAA-4056BA6F7A78}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [{3748C6E9-87E8-491F-99B8-9628F13FB2C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{451D44B1-FBB5-4E20-A769-C461A0BB3533}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDA9A3DB-2E6F-4C21-97D8-80AD523FB158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D826451-9CE6-471D-A763-65440CAFCFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E180BE5C-FE22-461C-BF9E-ADE295424D99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1854D8B6-0C4C-46FE-9DD7-59E4A0645ECF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BE152E5-1D09-4E24-B367-4EC5D4B88E14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C448ED72-1356-4EFA-B615-A583736A0086}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B47D21F-C9FD-4431-8EFB-C93F56F38309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{493EB774-B831-48D0-A695-58A08469BF28}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [UDP Query User{F1140574-703D-47F9-8B6A-84B9A22E3DBF}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [{B6A37A52-4A75-4EC5-87AC-3B4DCF152275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88868B2-37E8-44D1-8A54-BB2426689FCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF2515A5-F688-49C7-91F9-A1E4D5D052DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632BA697-41F2-436E-85C0-7E94FD403CC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:112.18 GB) (Free:52.58 GB) (47%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/17/2021 04:31:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SecHealthUI.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 26a4
Start Time: 01d7abd09fb1f0a4
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Report Id: 164c5dd8-a9ae-4461-882f-a8d8bde074bc
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.19041.1023_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
Hang type: Cross-process
Error: (09/17/2021 04:26:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (09/17/2021 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23d3213e
Faulting process id: 0x17b0
Faulting application start time: 0x01d7abc5636074d7
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 62ef59dc-ff7c-4690-a488-83f0b23e6d15
Faulting package full name:
Faulting package-relative application ID:
Error: (09/17/2021 08:22:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Faulting module name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Exception code: 0xc0000409
Fault offset: 0x0000000000c4c455
Faulting process id: 0xcf8
Faulting application start time: 0x01d7ab8c46d24028
Faulting application path: C:\Program Files\CCleaner\CCleaner64.exe
Faulting module path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: b1f3092d-7b21-41ee-8ca8-d9d5f012f93c
Faulting package full name:
Faulting package-relative application ID:
Error: (09/17/2021 08:19:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23cd20d6
Faulting process id: 0x17b8
Faulting application start time: 0x01d7ab8bea244097
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 8b7c4f6c-22c6-4d12-be8d-3d4b37bc643a
Faulting package full name:
Faulting package-relative application ID:
Error: (09/16/2021 08:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23b523ae
Faulting process id: 0x15c0
Faulting application start time: 0x01d7ab254305d36d
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 4107a3d4-c152-4c0a-97e1-5c1433952be2
Faulting package full name:
Faulting package-relative application ID:
Error: (09/16/2021 11:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23bc2306
Faulting process id: 0x175c
Faulting application start time: 0x01d7aaddbc8bb1d1
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 40641643-a1c1-493d-b8b3-ed70b6b373f1
Faulting package full name:
Faulting package-relative application ID:
Error: (09/16/2021 09:04:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Program Files\Microsoft Security Client\Antimalware\NisPerformanceProvider.dll" (Win32 error code 126).
System errors:
=============
Error: (09/16/2021 08:51:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.
Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.
Error: (09/12/2021 08:35:54 PM) (Source: DCOM) (EventID: 10010) (User: peter-PC)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
Error: (09/09/2021 07:36:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.
Error: (09/08/2021 07:57:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.
Error: (09/07/2021 08:59:26 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (09/07/2021 07:22:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Windows Defender:
================
Date: 2021-09-16 12:04:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-13 19:47:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-13 09:19:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-13 08:42:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-12 20:24:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-08-15 11:51:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.464.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-08-13 08:39:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.325.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2021-09-17 16:01:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-07 18:42:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-07 18:42:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-07 18:42:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A09 11/18/2011
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 6038.16 MB
Available physical RAM: 2199.48 MB
Total Virtual: 12182.16 MB
Available Virtual: 7384.31 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:112.18 GB) (Free:52.58 GB) NTFS
Drive d: () (Fixed) (Total:585.84 GB) (Free:32.74 GB) NTFS
\\?\Volume{5f14c644-c575-11e4-a57f-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{07f2837e-0000-0000-0000-6087ae000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=532 MB) - (Type=27)
==================== End of Addition.txt =======================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 15-09-2021
Ran by peter (17-09-2021 16:44:31)
Running from C:\Users\peter\Desktop
Windows 10 Home Version 20H2 19042.1165 (X64) (2021-03-14 15:16:01)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-123821111-4108638035-923771172-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-123821111-4108638035-923771172-503 - Limited - Disabled)
Guest (S-1-5-21-123821111-4108638035-923771172-501 - Limited - Disabled)
peter (S-1-5-21-123821111-4108638035-923771172-1000 - Administrator - Enabled) => C:\Users\peter
WDAGUtilityAccount (S-1-5-21-123821111-4108638035-923771172-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {108DAC43-C256-20B7-BB05-914135DA5160}
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Microsoft Forefront Endpoint Protection (Enabled - Out of date) {ABEC4DA7-E46C-2F39-81B5-AA334E5D1BDD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Adobe Acrobat Reader DC - Slovak (HKLM-x32\...\{AC76BA86-7AD7-1051-7B44-AC0F074E4100}) (Version: 21.007.20091 - Adobe Systems Incorporated)
Adobe Flash Player 27 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 27.0.0.130 - Adobe Systems Incorporated)
AdWords Editor (HKLM-x32\...\{64427C94-5A22-4743-8772-B2D9B9FD5283}) (Version: 11.0.3 - Google)
ALFA plus 7.52.00 - C:\Program Files (x86)\KROS\ALFA plus\ (HKLM-x32\...\{EB0F418B-0C48-4F31-A02E-5C56A6AE9307}) (Version: 7.52.00 - KROS a.s.)
Audacity 2.0 (HKLM-x32\...\Audacity_is1) (Version: - Audacity Team)
Call of Juarez - Bound in Blood (HKLM-x32\...\InstallShield_{FEFAF112-4DA8-479C-89E2-7DE25091711A}) (Version: 1.00.0000 - Ubisoft)
Call of Juarez (HKLM-x32\...\Call of Juarez_is1) (Version: 1.0 - US-Action, s.r.o.)
CCleaner (HKLM\...\CCleaner) (Version: 5.85 - Piriform)
Colora (HKLM-x32\...\{7B8239D5-22CC-49CF-86BA-FBB205042AF6}) (Version: 0.1.0 - Bluegrams)
Commandos: Behind Enemy Lines SK (HKLM-x32\...\Commandos: Behind Enemy Lines SK) (Version: - )
Dell Touchpad (HKLM\...\{9F72EF8B-AEC9-4CA5-B483-143980AFD6FD}) (Version: 8.1200.101.218 - ALPS ELECTRIC CO., LTD.)
Dell Wireless Driver Installation (HKLM-x32\...\{451517F1-7E41-400B-AA36-FB7E2563526D}) (Version: 9.0 - Dell)
Dell WLAN and Bluetooth Client Installation (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 9.0 - Dell Inc.)
Digital Line Detect (HKLM-x32\...\{E646DCF0-5A68-11D5-B229-002078017FBF}) (Version: 1.21 - BVRP Software, Inc)
Elcomm (HKLM-x32\...\Elcomm) (Version: - )
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{9ABD2971-9B8B-4958-9100-4EAFCC32A86D}) (Version: 3.0.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
f.lux (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Flux) (Version: - f.lux Software LLC)
Free Audio Converter (HKLM-x32\...\Free Audio Converter_is1) (Version: 5.0.89.530 - Digital Wave Ltd)
Free Video Cutter Joiner 10.6 (HKLM-x32\...\{8C5A4758-C782-4200-B337-DB3466D33ADD}}_is1) (Version: 10.6 - DVDVideoMedia, Inc.)
Freemake Video Converter verzia 4.1.9 (HKLM-x32\...\Freemake Video Converter_is1) (Version: 4.1.9 - Ellora Assets Corporation)
Guitar Pro 5.2 (HKLM-x32\...\Guitar Pro 5_is1) (Version: - Arobas Music)
HP LaserJet Professional M1130-M1210 MFP Series (HKLM\...\HP LaserJet Professional M1130-M1210 MFP Series) (Version: - )
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2253 - Intel Corporation)
Java 8 Update 121 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180121F0}) (Version: 8.0.1210.13 - Oracle Corporation)
Kodi (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\Kodi) (Version: - XBMC-Foundation)
Lexmark Universal v2 XL Print Driver (HKLM\...\{2A0FA2A8-C235-4B4D-B4E1-5487A1E83847}) (Version: 2.12.0.0 - Lexmark International, Inc.)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 93.0.961.47 - Microsoft Corporation)
Microsoft Office Enterprise 2007 (HKLM-x32\...\ENTERPRISE) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Modem Diagnostic Tool (HKLM\...\{0335701D-8E28-4A7F-B0EF-312974755BB2}) (Version: 1.0.28.0 - Dell)
Mozilla Firefox (x64 sk) (HKLM\...\Mozilla Firefox 92.0 (x64 sk)) (Version: 92.0 - Mozilla)
Mozilla Firefox 56.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 56.0.2 (x64 sk)) (Version: 56.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 56.0.2 - Mozilla)
MP3Resizer 1.9.2 (HKLM-x32\...\MP3Resizer_is1) (Version: - Skyshape Software)
Netwaiting (HKLM-x32\...\{3F92ABBB-6BBF-11D5-B229-002078017FBF}) (Version: 2.5.59 - BVRP Software, Inc)
NVIDIA GeForce Experience 2.5.15.54 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 2.5.15.54 - NVIDIA Corporation)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
NVIDIA PhysX System Software 9.15.0428 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.15.0428 - NVIDIA Corporation)
Packeta Device Server (HKLM-x32\...\PacketaDeviceServer) (Version: 1.1.1.0 - Packeta s.r.o.)
Podpora pre zákazníkov (HKLM-x32\...\{B33D89E4-FB43-6749-447E-2E469AC9EB5B}) (Version: 1.0.0.0 - Lexmark International, Inc.)
Quickset64 (HKLM\...\{87CF757E-C1F1-4D22-865C-00C6950B5258}) (Version: 11.0.10 - Dell Inc.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.34.1130.2010 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6267 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.7600.30127 - Realtek Semiconductor Corp.)
RealTime Picture Convertor 6 verzia 6.92 (HKLM-x32\...\{5462C7B2-78DE-4924-9978-516F0CC47D41}_is1) (Version: 6.92 - DExUS - Dalibor Bartoš)
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation) Hidden
Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.30.0 - Renesas Electronics Corporation)
Scan To (HKLM\...\{E8A34AC8-0137-4515-A94B-0A0946DDC251}) (Version: 2.0.1 - HP)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.14.5 - TeamViewer)
TomTom HOME Visual Studio Merge Modules (HKLM-x32\...\{8F3C31C5-9C3A-4AA8-8EFA-71290A7AD533}) (Version: 1.0.2 - TomTom International B.V.)
Windows Driver Package - Lexmark International Printer (01/10/2016 2.12.0.0) (HKLM\...\A304A687939DA8C7818531866D7836BC794F8545) (Version: 01/10/2016 2.12.0.0 - Lexmark International)
WinRAR 5.01 (64-bitová verzia) (HKLM\...\WinRAR archiver) (Version: 5.01.0 - win.rar GmbH)
WinSCP 5.9.1 (HKLM-x32\...\winscp3_is1) (Version: 5.9.1 - Martin Prikryl)
Xerox WorkCentre 3045NI (HKLM-x32\...\{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox) Hidden
Xerox WorkCentre 3045NI (HKLM-x32\...\InstallShield_{331C46BD-94CC-4F00-896A-E2D7B8C3C3C6}) (Version: 1.012.00 - Xerox)
Zoom (HKU\S-1-5-21-123821111-4108638035-923771172-1000\...\ZoomUMX) (Version: 5.5.0 (12454.0131) - Zoom Video Communications, Inc.)
Packages:
=========
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2021-03-15] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.10.7290.0_x64__8wekyb3d8bbwe [2021-08-19] (Microsoft Studios) [MS Ad]
Rozšírenie pre video MPEG-2 -> C:\Program Files\WindowsApps\Microsoft.MPEG2VideoExtension_1.0.42152.0_x64__8wekyb3d8bbwe [2021-08-13] (Microsoft Corporation)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2210608 2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1: [WondershareVideoConverterFileOpreation] -> {FEB746CA-95C2-485F-B386-C30D4E56D22E} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2017-03-09] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2016-08-01] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2013-12-01] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Drivers32: [VIDC.IV41] => C:\Windows\SysWOW64\ir41_32.dll [756736 1997-07-06] (Intel Corporation) [File not signed]
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
WMI:subscription\__FilterToConsumerBinding->CommandLineEventConsumer.Name=\"BVTConsumer\"",Filter="__EventFilter.Name=\"BVTFilter\"::
WMI:subscription\__EventFilter->BVTFilter::[Query => SELECT * FROM __InstanceModificationEvent WITHIN 60 WHERE TargetInstance ISA "Win32_Processor" AND TargetInstance.LoadPercentage > 99]
WMI:subscription\CommandLineEventConsumer->BVTConsumer::[CommandLineTemplate => cscript KernCap.vbs][WorkingDirectory => C:\\tools\\kernrate]
==================== Loaded Modules (Whitelisted) =============
2017-03-10 01:56 - 2017-03-10 01:56 - 000210944 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoJSON.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000728064 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNet.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000324096 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoUtil.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000413696 _____ () [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoXML.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000088064 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoCrypto.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001230336 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoFoundation.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000187392 _____ (Applied Informatics Software Engineering GmbH) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\PocoNetSSL.dll
2010-12-17 15:46 - 2010-12-17 15:46 - 000061088 _____ (Atheros Communications Inc. -> Atheros Commnucations) [File not signed] C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthCopyHook.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 001568768 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icudt30.dll
2015-03-08 12:41 - 2011-10-11 09:59 - 000675840 _____ (IBM Corporation and others) [File not signed] C:\Program Files (x86)\KROS\KROS FBServer\Firebird001\bin\icuuc30.dll
2015-08-31 20:57 - 2015-10-12 05:04 - 001710752 _____ (NVIDIA Corporation PE Sign v2014 -> NVIDIA Corporation) [File not signed] C:\WINDOWS\system32\nvspcap64.dll
2017-03-10 01:15 - 2017-03-10 01:15 - 000111104 _____ (Opticon Sensors Europe BV) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\CSP2.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 001367552 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\LIBEAY32.dll
2017-03-10 01:56 - 2017-03-10 01:56 - 000337408 _____ (The OpenSSL Project, hxxp://www.openssl.org/) [File not signed] C:\Program Files (x86)\Packeta\DeviceServer\SSLEAY32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://www.msn.com/?pc=U453&ocid=U453DHP&osmkt=en-us
BHO: No Name -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> No File
BHO-x32: No Name -> {451C804F-C205-4F03-B48E-537EC94937BF} -> No File
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation -> Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: CIESpeechBHO Class -> {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} -> C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\IEPlugIn.dll [2010-12-17] (Atheros Communications Inc. -> Atheros Commnucations) [File not signed]
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_121\bin\jp2ssv.dll [2017-01-20] (Oracle America, Inc. -> Oracle Corporation)
Handler: WSWSVCUchrome - {1CA93FF0-A218-44F1 - No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2009-07-14 04:34 - 2009-06-10 23:00 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\ProgramData\Oracle\Java\javapath;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-123821111-4108638035-923771172-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\peter\AppData\Local\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
HKLM\software\microsoft\Windows\CurrentVersion\Telephony\Providers => ProviderFileName2 -> ndptsp.tsp (No File)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
(If an entry is included in the fixlist, it will be removed.)
MSCONFIG\Services: AdobeARMservice => 2
MSCONFIG\Services: AERTFilters => 2
MSCONFIG\Services: Atheros Bt&Wlan Coex Agent => 2
MSCONFIG\Services: AtherosSvc => 2
MSCONFIG\Services: DigitalWave.Update.Service => 2
MSCONFIG\Services: FirebirdServerKROS_20400 => 2
MSCONFIG\Services: GfExperienceService => 2
MSCONFIG\Services: IAStorDataMgrSvc => 2
MSCONFIG\Services: LMS => 2
MSCONFIG\Services: MozillaMaintenance => 3
MSCONFIG\Services: NvNetworkService => 2
MSCONFIG\Services: NvStreamSvc => 2
MSCONFIG\Services: TomTomHOMEService => 2
MSCONFIG\Services: UNS => 2
MSCONFIG\Services: XRNADB => 2
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ALFA plus - rýchle spustenie.lnk => C:\Windows\pss\ALFA plus - rýchle spustenie.lnk.CommonStartup
MSCONFIG\startupfolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Digital Line Detect.lnk => C:\Windows\pss\Digital Line Detect.lnk.CommonStartup
MSCONFIG\startupfolder: C:^Users^peter^AppData^Roaming^Microsoft^Windows^Start Menu^Programs^Startup^Odmenovac.appref-ms => C:\Windows\pss\Odmenovac.appref-ms.Startup
MSCONFIG\startupreg: 3045NI RUN => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmRun.exe"
MSCONFIG\startupreg: Adobe ARM => "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
MSCONFIG\startupreg: Apoint => C:\Program Files\DellTPad\Apoint.exe
MSCONFIG\startupreg: AthBtTray => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\AthBtTray.exe"
MSCONFIG\startupreg: AtherosBtStack => "C:\Program Files (x86)\Dell Wireless\Bluetooth Suite\BtvStack.exe"
MSCONFIG\startupreg: DAEMON Tools Lite => "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
MSCONFIG\startupreg: DelaypluginInstall => C:\ProgramData\Wondershare\Video Converter Ultimate\DelayPluginI.exe
MSCONFIG\startupreg: HotKeysCmds => C:\Windows\system32\hkcmd.exe
MSCONFIG\startupreg: IAStorIcon => C:\Program Files (x86)\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe
MSCONFIG\startupreg: IgfxTray => C:\Windows\system32\igfxtray.exe
MSCONFIG\startupreg: Launcher3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\Launcher\xrlaunch.exe" /S Xerox WorkCentre 3045NI
MSCONFIG\startupreg: NvBackend => "C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvBackend.exe"
MSCONFIG\startupreg: Persistence => C:\Windows\system32\igfxpers.exe
MSCONFIG\startupreg: ProductUpdater => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
MSCONFIG\startupreg: QuickSet => C:\Program Files\Dell\QuickSet\QuickSet.exe
MSCONFIG\startupreg: ShadowPlay => C:\Windows\system32\rundll32.exe C:\Windows\system32\nvspcap64.dll,ShadowPlayOnSystemStart
MSCONFIG\startupreg: StatusAutoRun3045NI => "C:\Program Files (x86)\Xerox Office Printing\WorkCentre SSW\PrintingScout\xrksmpl.exe" Xerox WorkCentre 3045NI,hide,\S
MSCONFIG\startupreg: SunJavaUpdateSched => "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
MSCONFIG\startupreg: TomTomHOME.exe => "C:\Program Files (x86)\TomTom HOME 2\TomTomHOMERunner.exe"
MSCONFIG\startupreg: Wondershare Helper Compact.exe => C:\Program Files (x86)\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{D1444CF2-B193-4F97-A3E8-AB4700E2C575}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{F07C5565-98A1-43C4-BE66-92D04C3D3E06}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D0C285D3-4F8F-41E6-8C09-E14726071C13}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{D6B92E39-774D-4438-A672-7A6FC468B808}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{0CEA2E11-4FD7-4AF8-B1A3-7C53B3DEBE9E}] => (Allow) C:\Users\peter\AppData\Roaming\Zoom\bin\Zoom.exe (Zoom Video Communications, Inc. -> Zoom Video Communications, Inc.)
FirewallRules: [UDP Query User{337765A6-0DFB-41BF-B536-F8D881523CCE}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [TCP Query User{EDFE2DC2-7FE2-4EFB-9D65-9ABC718559B6}C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe] => (Block) C:\program files (x86)\packeta\deviceserver\packetadeviceserver.exe (Packeta s.r.o. -> )
FirewallRules: [{62A42806-980B-4137-BBE0-6546E1A9B12A}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{3C405C40-6FAC-4096-BA70-5C88FD177165}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{E74C37A9-6E7F-490E-ADC2-1FF074210E2D}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{520B6119-79C6-4E1B-9A15-597F12FA28B3}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FF3006EF-8101-4F17-8EBC-6A9AF154508B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{B8EAFE19-EBF5-42E9-873F-D3918D4F943B}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{FA2D393C-DA42-4327-BFE1-6EE18CEA3AAA}] => (Allow) C:\Program Files (x86)\Packeta\DeviceServer\PacketaDeviceServer.exe (Packeta s.r.o. -> )
FirewallRules: [{F4EB0303-4783-4238-91C7-3C04751B4B2C}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4B28866B-C3CA-4CEF-B96D-8BACE06D0367}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{BF99A901-57B8-4615-91D9-CE40EC1E32D9}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{C2477080-E51A-464C-96D4-6FF046713CEB}] => (Allow) C:\Program Files (x86)\Ubisoft\Techland\Call of Juarez - Bound in Blood\CoJBiBGame_x86.exe (Techland -> Techland)
FirewallRules: [{611508AB-D3FD-472D-95C3-967B084BED56}] => (Allow) LPort=20402
FirewallRules: [{D157DB10-A53B-4A9C-803B-854F85B446FF}] => (Allow) LPort=20401
FirewallRules: [{D6726B64-0E08-4502-9744-C8B68020E9CA}] => (Allow) LPort=20400
FirewallRules: [{E69BE5B5-DC56-4CE5-9656-8A83310AF8C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [UDP Query User{9A905B47-FD48-4B18-A684-FF699CC93730}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [TCP Query User{3302DEDE-B04D-441B-8668-BECF29BB7B34}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe (XBMC-Foundation) [File not signed]
FirewallRules: [UDP Query User{5927547F-AA6A-466B-BC9D-82B43C412F17}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [TCP Query User{110DDE8E-B954-4197-8257-91DB3D361F68}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [UDP Query User{0E2CE7F1-35BA-4066-AA92-6E58BFF305D5}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [TCP Query User{90E66651-F8F2-484D-BFAA-4056BA6F7A78}D:\hry\bulanci.exe] => (Block) D:\hry\bulanci.exe () [File not signed]
FirewallRules: [{3748C6E9-87E8-491F-99B8-9628F13FB2C1}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{451D44B1-FBB5-4E20-A769-C461A0BB3533}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{FDA9A3DB-2E6F-4C21-97D8-80AD523FB158}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{9D826451-9CE6-471D-A763-65440CAFCFBF}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{E180BE5C-FE22-461C-BF9E-ADE295424D99}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamUserAgent.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{1854D8B6-0C4C-46FE-9DD7-59E4A0645ECF}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{7BE152E5-1D09-4E24-B367-4EC5D4B88E14}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{C448ED72-1356-4EFA-B615-A583736A0086}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [{3B47D21F-C9FD-4431-8EFB-C93F56F38309}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe (NVIDIA Corporation -> NVIDIA Corporation)
FirewallRules: [TCP Query User{493EB774-B831-48D0-A695-58A08469BF28}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [UDP Query User{F1140574-703D-47F9-8B6A-84B9A22E3DBF}C:\program files (x86)\topcd\call of juarez\coj.exe] => (Block) C:\program files (x86)\topcd\call of juarez\coj.exe (Techland -> Techland)
FirewallRules: [{B6A37A52-4A75-4EC5-87AC-3B4DCF152275}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F88868B2-37E8-44D1-8A54-BB2426689FCF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{EF2515A5-F688-49C7-91F9-A1E4D5D052DF}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{632BA697-41F2-436E-85C0-7E94FD403CC8}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.75.140.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
==================== Restore Points =========================
ATTENTION: System Restore is disabled (Total:112.18 GB) (Free:52.58 GB) (47%)
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (09/17/2021 04:31:32 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program SecHealthUI.exe version 10.0.19041.844 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 26a4
Start Time: 01d7abd09fb1f0a4
Termination Time: 4294967295
Application Path: C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUI.exe
Report Id: 164c5dd8-a9ae-4461-882f-a8d8bde074bc
Faulting package full name: Microsoft.Windows.SecHealthUI_10.0.19041.1023_neutral__cw5n1h2txyewy
Faulting package-relative application ID: SecHealthUI
Hang type: Cross-process
Error: (09/17/2021 04:26:07 PM) (Source: SecurityCenter) (EventID: 17) (User: )
Description: Security Center failed to validate caller with error %1.
Error: (09/17/2021 03:10:49 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23d3213e
Faulting process id: 0x17b0
Faulting application start time: 0x01d7abc5636074d7
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 62ef59dc-ff7c-4690-a488-83f0b23e6d15
Faulting package full name:
Faulting package-relative application ID:
Error: (09/17/2021 08:22:50 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Faulting module name: CCleaner64.exe, version: 5.85.0.9170, time stamp: 0x613b5e0a
Exception code: 0xc0000409
Fault offset: 0x0000000000c4c455
Faulting process id: 0xcf8
Faulting application start time: 0x01d7ab8c46d24028
Faulting application path: C:\Program Files\CCleaner\CCleaner64.exe
Faulting module path: C:\Program Files\CCleaner\CCleaner64.exe
Report Id: b1f3092d-7b21-41ee-8ca8-d9d5f012f93c
Faulting package full name:
Faulting package-relative application ID:
Error: (09/17/2021 08:19:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23cd20d6
Faulting process id: 0x17b8
Faulting application start time: 0x01d7ab8bea244097
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 8b7c4f6c-22c6-4d12-be8d-3d4b37bc643a
Faulting package full name:
Faulting package-relative application ID:
Error: (09/16/2021 08:07:51 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23b523ae
Faulting process id: 0x15c0
Faulting application start time: 0x01d7ab254305d36d
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 4107a3d4-c152-4c0a-97e1-5c1433952be2
Faulting package full name:
Faulting package-relative application ID:
Error: (09/16/2021 11:32:31 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mqrdtfqwy.exe, version: 0.0.0.0, time stamp: 0x58991b3e
Faulting module name: unknown, version: 0.0.0.0, time stamp: 0x00000000
Exception code: 0xc0000005
Fault offset: 0x23bc2306
Faulting process id: 0x175c
Faulting application start time: 0x01d7aaddbc8bb1d1
Faulting application path: C:\Users\peter\AppData\Roaming\{A03B0A95-3ED9-0428-DE9D-DE9F9B433437}\mqrdtfqwy.exe
Faulting module path: unknown
Report Id: 40641643-a1c1-493d-b8b3-ed70b6b373f1
Faulting package full name:
Faulting package-relative application ID:
Error: (09/16/2021 09:04:08 AM) (Source: Microsoft-Windows-Perflib) (EventID: 1023) (User: NT AUTHORITY)
Description: Windows cannot load the extensible counter DLL "C:\Program Files\Microsoft Security Client\Antimalware\NisPerformanceProvider.dll" (Win32 error code 126).
System errors:
=============
Error: (09/16/2021 08:51:06 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.
Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: The Microsoft Edge Update Service (edgeupdate) service failed to start due to the following error:
The service did not respond to the start or control request in a timely fashion.
Error: (09/14/2021 05:42:06 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: A timeout was reached (30000 milliseconds) while waiting for the Microsoft Edge Update Service (edgeupdate) service to connect.
Error: (09/12/2021 08:35:54 PM) (Source: DCOM) (EventID: 10010) (User: peter-PC)
Description: The server {2593F8B9-4EAF-457C-B68A-50F6B8EA6B54} did not register with DCOM within the required timeout.
Error: (09/09/2021 07:36:07 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.
Error: (09/08/2021 07:57:56 AM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Installation Failure: Windows failed to install the following update with error 0x80246007: Microsoft - Printer - 6/22/2006 12:00:00 AM - 6.1.7233.1.
Error: (09/07/2021 08:59:26 PM) (Source: BTHUSB) (EventID: 17) (User: )
Description: The local Bluetooth adapter has failed in an undetermined manner and will not be used. The driver has been unloaded.
Error: (09/07/2021 07:22:59 PM) (Source: Microsoft-Windows-Kernel-Power) (EventID: 137) (User: )
Description: 4
Windows Defender:
================
Date: 2021-09-16 12:04:28
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-13 19:47:51
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-13 09:19:36
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-13 08:42:04
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-12 20:24:59
Description:
Microsoft Defender Antivirus scan has been stopped before completion.
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-09-16 08:49:52
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.349.732.0
Update Source: Microsoft Update Server
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18500.10
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-08-15 11:51:46
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.464.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.
Date: 2021-08-13 08:39:59
Description:
Microsoft Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.345.325.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.18400.4
Error code: 0x80070102
Error description: The wait operation timed out.
CodeIntegrity:
===============
Date: 2021-09-17 16:01:36
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-07 18:42:49
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\ProgramData\Microsoft\Windows Defender\Platform\4.18.2107.4-0\MsMpEng.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-07 18:42:48
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume3\Program Files\AVG\Antivirus\aswAMSI.dll that did not meet the Microsoft signing level requirements.
Date: 2021-09-07 18:42:46
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\AVG\Antivirus\AVGSvc.exe) attempted to load \Device\HarddiskVolume3\Program Files\Common Files\microsoft shared\OFFICE12\MSOXMLMF.DLL that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\Microsoft.StdFormat\7.0.3300.0__b03f5f7f11d50a3a\Microsoft.StdFormat.dll that did not meet the Microsoft signing level requirements.
Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\ADODB\7.0.3300.0__b03f5f7f11d50a3a\ADODB.dll that did not meet the Microsoft signing level requirements.
Date: 2021-08-15 12:41:22
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe) attempted to load \Device\HarddiskVolume3\Windows\assembly\GAC\MSDATASRC\7.0.3300.0__b03f5f7f11d50a3a\MSDATASRC.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
BIOS: Dell Inc. A09 11/18/2011
Motherboard: Dell Inc.
Processor: Intel(R) Core(TM) i5-2430M CPU @ 2.40GHz
Percentage of memory in use: 63%
Total physical RAM: 6038.16 MB
Available physical RAM: 2199.48 MB
Total Virtual: 12182.16 MB
Available Virtual: 7384.31 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:112.18 GB) (Free:52.58 GB) NTFS
Drive d: () (Fixed) (Total:585.84 GB) (Free:32.74 GB) NTFS
\\?\Volume{5f14c644-c575-11e4-a57f-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.06 GB) NTFS
\\?\Volume{07f2837e-0000-0000-0000-6087ae000000}\ () (Fixed) (Total:0.52 GB) (Free:0.08 GB) NTFS
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 698.6 GB) (Disk ID: 07F2837E)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=585.8 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=112.2 GB) - (Type=07 NTFS)
Partition 4: (Not Active) - (Size=532 MB) - (Type=27)
==================== End of Addition.txt =======================
