
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Pomaly NTB
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pomaly NTB
Prosim kontrolu logu, velmi spomaleny ntb....
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by acer (administrator) on DESKTOP-T5A6533 (Acer Aspire V3-371) (26-01-2021 20:48:34)
Running from C:\Users\acer\Desktop
Loaded Profiles: acer
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\acer\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\acer\AppData\Local\Viber\Viber.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1410304 2016-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [Viber] => C:\Users\acer\AppData\Local\Viber\Viber.exe [46949592 2021-01-11] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [Spotify] => C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [23232232 2020-11-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\acer\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\MountPoints2: {2cc16ddb-98ed-11ea-b71c-3065ec7397f0} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {007876E8-1003-40BF-A39A-3215618A794F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {28B4BE6C-5246-45B6-BFD7-2914C50E42D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35BA3915-23ED-436D-AEA1-7CDD3607978B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {55654066-AEB5-4105-BD2B-DBF809E4E2BA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5BC6AF53-C444-47CA-9BCF-833E501B3267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {7EF0C9AB-D94C-42F5-8F73-C12C596BD4F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {851B464E-7EE5-45ED-9505-4D240CE740F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {89AFC335-DEED-4A26-9E47-017284242366} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1832A18-598B-4585-AB95-0F22A61D2633} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {C571A34C-3294-4E7F-A3D6-313F643F9A1E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-12-30] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {D0A8AAA7-A101-42B7-9DC6-DB1A07084D7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{12df5c38-5e6a-424d-9319-602ef231834f}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{77be927b-7b0f-42d8-a2f0-27abf226b333}: [DhcpNameServer] 10.0.0.20
Tcpip\..\Interfaces\{7c0abf8f-7e89-463f-83ee-6edc9192a774}: [NameServer] 8.8.8.8,8.8.4.4
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\acer\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-26]
Edge Extension: (Kaspersky Protection) - C:\Users\acer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-10]
Edge HKU\S-1-5-21-3844774036-794628965-2151850631-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: ymolk6b3.default
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\ymolk6b3.default [2021-01-26]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-06-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-06-03] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default [2021-01-26]
CHR Notifications: Default -> hxxps://cz.pinterest.com
CHR Extension: (Prezentácie) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-29]
CHR Extension: (Kaspersky Protection) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-01-26]
CHR Extension: (Dokumenty) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-29]
CHR Extension: (Disk Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-29]
CHR Extension: (Tabuľky) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-29]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (EPUBReader) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26]
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-26]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe [381928 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\vssbridge64.exe [467352 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [659768 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1341232 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [245784 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2020-10-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-11] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark_71E5DD95; C:\ProgramData\Kaspersky Lab\AVP21.2\Temp\71E5DD959D5FEB17161B68BA5E58A569\klupd_klif_klark.sys [310232 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2020-11-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300856 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-07] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-26 20:48 - 2021-01-26 20:51 - 000018416 _____ C:\Users\acer\Desktop\FRST.txt
2021-01-26 20:44 - 2021-01-26 20:44 - 002297344 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2021-01-26 13:56 - 2021-01-26 13:56 - 000310232 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-01-26 13:55 - 2021-01-26 13:55 - 000116888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-01-26 13:40 - 2021-01-26 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2021-01-26 13:40 - 2020-12-30 14:33 - 000002251 _____ C:\Users\Public\Desktop\Ochrana financí.lnk
2021-01-26 13:40 - 2020-12-30 14:33 - 000002251 _____ C:\ProgramData\Desktop\Ochrana financí.lnk
2021-01-26 13:40 - 2020-12-30 14:33 - 000002215 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2021-01-26 13:40 - 2020-12-30 14:33 - 000002215 _____ C:\ProgramData\Desktop\Kaspersky Internet Security.lnk
2021-01-17 17:35 - 2021-01-17 17:36 - 000000000 ____D C:\Users\acer\AppData\Local\Viber
2021-01-16 17:48 - 2021-01-16 17:50 - 001523482 _____ C:\Users\acer\Downloads\Men-Who-Hate-Women-and-the-Women-Who-Love-Them-When-Loving-Hurts-And-You-Dont-Know-Why-BenjaminMadeira-com.pdf
2021-01-16 17:38 - 2021-01-16 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-12 14:00 - 2021-01-26 13:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-10 17:41 - 2021-01-10 17:41 - 001134459 _____ C:\Users\acer\Downloads\55912798.pdf
2021-01-03 17:17 - 2021-01-03 17:17 - 000001878 _____ C:\Users\acer\Downloads\Objednávka Agama - COOP Jednota OD Slimák (1).txt
2021-01-03 17:10 - 2021-01-03 17:10 - 000192396 _____ C:\Users\acer\Downloads\Objednávka Agama - COOP Jednota OD Slimák.pdf
2021-01-03 17:10 - 2021-01-03 17:10 - 000192396 _____ C:\Users\acer\Downloads\Objednávka Agama - COOP Jednota OD Slimák (1).pdf
2021-01-03 15:57 - 2021-01-03 15:57 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-29 12:44 - 2020-12-29 12:44 - 000000000 ____D C:\Users\acer\Documents\recept
2020-12-28 18:47 - 2021-01-25 17:36 - 000952832 _____ C:\Users\acer\Documents\Kniha došlých FA TUN 20.xls
2020-12-28 18:40 - 2020-12-28 18:40 - 000955392 _____ C:\Users\acer\Downloads\Kniha došlých FA TUN 20.xls
2020-12-28 18:40 - 2020-12-28 18:40 - 000955392 _____ C:\Users\acer\Downloads\Kniha došlých FA TUN 20 (1).xls
2020-12-28 14:39 - 2020-12-28 14:39 - 000000000 ____D C:\Users\acer\AppData\Roaming\OpenOffice
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-26 20:53 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-26 20:50 - 2020-05-24 09:11 - 000000000 ____D C:\FRST
2021-01-26 20:43 - 2020-12-14 17:53 - 000000000 ____D C:\Program Files\CCleaner
2021-01-26 20:39 - 2020-12-15 15:33 - 000000000 ____D C:\Users\acer\AppData\Local\CrashDumps
2021-01-26 20:39 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-26 20:34 - 2019-01-05 12:16 - 000000000 ____D C:\Users\acer\AppData\Local\Spotify
2021-01-26 20:23 - 2019-01-05 12:15 - 000000000 ____D C:\Users\acer\AppData\Roaming\Spotify
2021-01-26 19:08 - 2019-08-12 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-26 14:10 - 2020-10-04 17:31 - 000002351 _____ C:\Users\acer\Desktop\Microsoft Teams.lnk
2021-01-26 14:10 - 2020-03-25 10:28 - 000002359 _____ C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-26 13:56 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-26 13:51 - 2019-10-31 08:56 - 000000000 ____D C:\Users\acer\Desktop\MA
2021-01-26 13:51 - 2018-07-11 19:10 - 000000000 ____D C:\Users\acer\AppData\LocalLow\Mozilla
2021-01-26 13:48 - 2019-02-06 22:02 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-26 13:45 - 2020-01-05 12:29 - 000003392 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-01-26 13:45 - 2018-07-11 22:23 - 000000000 ____D C:\Program Files\Common Files\AV
2021-01-26 13:39 - 2018-07-11 22:22 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-01-26 13:39 - 2018-07-11 22:22 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-01-26 13:38 - 2018-07-15 21:53 - 000000000 ____D C:\Users\acer\AppData\Roaming\ViberPC
2021-01-26 13:34 - 2020-05-24 12:59 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-26 13:34 - 2019-08-12 03:26 - 000000000 ____D C:\Users\acer
2021-01-26 13:34 - 2018-06-29 15:55 - 000000000 __SHD C:\Users\acer\IntelGraphicsProfiles
2021-01-26 13:33 - 2019-08-12 04:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-26 13:33 - 2018-06-29 16:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-26 13:33 - 2018-06-29 16:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-26 12:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-25 22:01 - 2019-08-12 03:39 - 000795992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 21:40 - 2020-12-14 17:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-25 19:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-25 17:54 - 2018-06-29 15:48 - 000000000 ____D C:\Users\acer\AppData\Local\Packages
2021-01-24 23:56 - 2020-10-24 16:23 - 000000000 ____D C:\Users\acer\Documents\STOPPARD
2021-01-24 23:25 - 2020-05-22 12:53 - 000000000 ____D C:\Users\acer\Documents\iris murdoch
2021-01-24 23:25 - 2020-05-22 12:49 - 000000000 ____D C:\Users\acer\Documents\arthur miller
2021-01-23 12:28 - 2020-10-22 09:21 - 000000000 ____D C:\Users\acer\Documents\language and ideology
2021-01-22 21:04 - 2020-03-24 10:04 - 000000000 ____D C:\Users\acer\AppData\Local\SquirrelTemp
2021-01-19 22:35 - 2020-06-07 00:52 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-19 22:35 - 2020-06-07 00:52 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-16 17:36 - 2018-06-29 16:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-15 23:06 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 14:11 - 2020-02-19 22:56 - 000000000 ____D C:\Users\acer\Documents\lit and culture 2
2021-01-12 09:50 - 2018-06-29 16:09 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 09:50 - 2018-06-29 16:09 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 09:50 - 2018-06-29 16:09 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-11 21:35 - 2019-05-23 15:11 - 000000000 ____D C:\Users\acer\Desktop\pikosky
2021-01-09 17:47 - 2019-07-10 08:24 - 000000000 ____D C:\Users\acer\AppData\Local\D3DSCache
2021-01-05 13:39 - 2018-06-29 15:51 - 000000000 ____D C:\Users\acer\AppData\Local\PlaceholderTileLogoFolder
2021-01-03 15:55 - 2018-07-11 19:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-30 14:32 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-01-2021 01
Ran by acer (administrator) on DESKTOP-T5A6533 (Acer Aspire V3-371) (26-01-2021 20:48:34)
Running from C:\Users\acer\Desktop
Loaded Profiles: acer
Platform: Windows 10 Home Version 1909 18363.1256 (X64) Language: Slovenčina (Slovensko)
Default browser: FF
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <16>
(Intel(R) pGFX -> ) C:\Windows\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avpui.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\root\Office16\WINWORD.EXE
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\acer\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\acer\AppData\Local\Microsoft\Teams\current\Teams.exe <10>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\usocoreworker.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Oracle America, Inc. -> Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TeamViewer Germany GmbH -> TeamViewer Germany GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(Viber Media S.à r.l. -> Viber Media S.Ã r.l.) C:\Users\acer\AppData\Local\Viber\Viber.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [16418560 2016-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1410304 2016-01-14] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [Viber] => C:\Users\acer\AppData\Local\Viber\Viber.exe [46949592 2021-01-11] (Viber Media S.à r.l. -> Viber Media S.Ã r.l.)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [Spotify] => C:\Users\acer\AppData\Roaming\Spotify\Spotify.exe [23232232 2020-11-18] (Spotify AB -> Spotify Ltd)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [com.squirrel.Teams.Teams] => C:\Users\acer\AppData\Local\Microsoft\Teams\Update.exe [2453688 2021-01-26] (Microsoft 3rd Party Application Component -> Microsoft Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\MountPoints2: {2cc16ddb-98ed-11ea-b71c-3065ec7397f0} - "D:\HiSuiteDownLoader.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\87.0.4280.141\Installer\chrmstp.exe [2021-01-12] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {007876E8-1003-40BF-A39A-3215618A794F} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [686384 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {28B4BE6C-5246-45B6-BFD7-2914C50E42D3} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [26913848 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {35BA3915-23ED-436D-AEA1-7CDD3607978B} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe [693216 2021-01-12] (Mozilla Corporation -> Mozilla Foundation)
Task: {55654066-AEB5-4105-BD2B-DBF809E4E2BA} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [1149336 2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {5BC6AF53-C444-47CA-9BCF-833E501B3267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {7EF0C9AB-D94C-42F5-8F73-C12C596BD4F6} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
Task: {851B464E-7EE5-45ED-9505-4D240CE740F3} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {89AFC335-DEED-4A26-9E47-017284242366} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [116584 2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Task: {C1832A18-598B-4585-AB95-0F22A61D2633} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {C571A34C-3294-4E7F-A3D6-313F643F9A1E} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2020-12-30] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {D0A8AAA7-A101-42B7-9DC6-DB1A07084D7F} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [23054216 2020-12-19] (Microsoft Corporation -> Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{12df5c38-5e6a-424d-9319-602ef231834f}: [DhcpNameServer] 192.168.43.1
Tcpip\..\Interfaces\{77be927b-7b0f-42d8-a2f0-27abf226b333}: [DhcpNameServer] 10.0.0.20
Tcpip\..\Interfaces\{7c0abf8f-7e89-463f-83ee-6edc9192a774}: [NameServer] 8.8.8.8,8.8.4.4
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\acer\AppData\Local\Microsoft\Edge\User Data\Default [2021-01-26]
Edge Extension: (Kaspersky Protection) - C:\Users\acer\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\elhpdacimkjpccooodognopfhbdgnpbk [2020-07-10]
Edge HKU\S-1-5-21-3844774036-794628965-2151850631-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
FireFox:
========
FF DefaultProfile: ymolk6b3.default
FF ProfilePath: C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\ymolk6b3.default [2021-01-26]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @java.com/JavaPlugin,version=11.251.2 -> C:\Program Files\Java\jre1.8.0_251\bin\plugin2\npjp2.dll [2020-05-24] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2020-06-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @java.com/DTPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\dtplugin\npDeployJava1.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.271.2 -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\plugin2\npjp2.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50907.0\npctrl.dll [2017-05-03] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-06-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-06-03] <==== ATTENTION
Chrome:
=======
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default [2021-01-26]
CHR Notifications: Default -> hxxps://cz.pinterest.com
CHR Extension: (Prezentácie) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-06-29]
CHR Extension: (Kaspersky Protection) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-01-26]
CHR Extension: (Dokumenty) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-06-29]
CHR Extension: (Disk Google) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-23]
CHR Extension: (YouTube) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-06-29]
CHR Extension: (Tabuľky) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-06-29]
CHR Extension: (Dokumenty Google v režime offline) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2020-11-17]
CHR Extension: (EPUBReader) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhhclmfgfllimlhabjkgkeebkbiadflb [2020-06-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-23]
CHR Extension: (Chrome Media Router) - C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-01-26]
CHR Profile: C:\Users\acer\AppData\Local\Google\Chrome\User Data\System Profile [2021-01-26]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe [381928 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [9105800 2020-12-01] (Microsoft Corporation -> Microsoft Corporation)
S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\vssbridge64.exe [467352 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 KSDE3.0.0; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Secure Connection 3.0\ksde.exe [617016 2018-02-28] (Kaspersky Lab -> AO Kaspersky Lab)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [12757520 2020-12-14] (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-07] (Microsoft Windows Publisher -> Microsoft Corporation)
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [37496 2020-10-21] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [659768 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\System32\drivers\klhk.sys [1341232 2020-12-25] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.2\Bases\klids.sys [245784 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\WINDOWS\system32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [97080 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [48080 2018-02-12] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [257208 2020-10-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_kimul; C:\WINDOWS\System32\Drivers\klupd_klif_kimul.sys [99152 2019-03-11] (Kaspersky Lab -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [310232 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_klark_71E5DD95; C:\ProgramData\Kaspersky Lab\AVP21.2\Temp\71E5DD959D5FEB17161B68BA5E58A569\klupd_klif_klark.sys [310232 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116888 2021-01-26] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [207352 2020-11-08] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [300856 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-07] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WDC_SAM; C:\WINDOWS\System32\drivers\wdcsam64.sys [35584 2018-02-26] (WDKTestCert wdclab,130885612892544312 -> Western Digital Technologies, Inc.)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-07] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-07] (Microsoft Windows -> Microsoft Corporation)
U3 avgbdisk; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-26 20:48 - 2021-01-26 20:51 - 000018416 _____ C:\Users\acer\Desktop\FRST.txt
2021-01-26 20:44 - 2021-01-26 20:44 - 002297344 _____ (Farbar) C:\Users\acer\Desktop\FRST64.exe
2021-01-26 13:56 - 2021-01-26 13:56 - 000310232 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2021-01-26 13:55 - 2021-01-26 13:55 - 000116888 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2021-01-26 13:40 - 2021-01-26 13:40 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2021-01-26 13:40 - 2020-12-30 14:33 - 000002251 _____ C:\Users\Public\Desktop\Ochrana financí.lnk
2021-01-26 13:40 - 2020-12-30 14:33 - 000002251 _____ C:\ProgramData\Desktop\Ochrana financí.lnk
2021-01-26 13:40 - 2020-12-30 14:33 - 000002215 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2021-01-26 13:40 - 2020-12-30 14:33 - 000002215 _____ C:\ProgramData\Desktop\Kaspersky Internet Security.lnk
2021-01-17 17:35 - 2021-01-17 17:36 - 000000000 ____D C:\Users\acer\AppData\Local\Viber
2021-01-16 17:48 - 2021-01-16 17:50 - 001523482 _____ C:\Users\acer\Downloads\Men-Who-Hate-Women-and-the-Women-Who-Love-Them-When-Loving-Hurts-And-You-Dont-Know-Why-BenjaminMadeira-com.pdf
2021-01-16 17:38 - 2021-01-16 17:38 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-01-12 14:00 - 2021-01-26 13:33 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-01-10 17:41 - 2021-01-10 17:41 - 001134459 _____ C:\Users\acer\Downloads\55912798.pdf
2021-01-03 17:17 - 2021-01-03 17:17 - 000001878 _____ C:\Users\acer\Downloads\Objednávka Agama - COOP Jednota OD Slimák (1).txt
2021-01-03 17:10 - 2021-01-03 17:10 - 000192396 _____ C:\Users\acer\Downloads\Objednávka Agama - COOP Jednota OD Slimák.pdf
2021-01-03 17:10 - 2021-01-03 17:10 - 000192396 _____ C:\Users\acer\Downloads\Objednávka Agama - COOP Jednota OD Slimák (1).pdf
2021-01-03 15:57 - 2021-01-03 15:57 - 000002493 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002492 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002456 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002455 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002449 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002443 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000002435 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\OneNote.lnk
2021-01-03 15:57 - 2021-01-03 15:57 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office Tools
2020-12-29 12:44 - 2020-12-29 12:44 - 000000000 ____D C:\Users\acer\Documents\recept
2020-12-28 18:47 - 2021-01-25 17:36 - 000952832 _____ C:\Users\acer\Documents\Kniha došlých FA TUN 20.xls
2020-12-28 18:40 - 2020-12-28 18:40 - 000955392 _____ C:\Users\acer\Downloads\Kniha došlých FA TUN 20.xls
2020-12-28 18:40 - 2020-12-28 18:40 - 000955392 _____ C:\Users\acer\Downloads\Kniha došlých FA TUN 20 (1).xls
2020-12-28 14:39 - 2020-12-28 14:39 - 000000000 ____D C:\Users\acer\AppData\Roaming\OpenOffice
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2021-01-26 20:53 - 2019-03-19 05:52 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-01-26 20:50 - 2020-05-24 09:11 - 000000000 ____D C:\FRST
2021-01-26 20:43 - 2020-12-14 17:53 - 000000000 ____D C:\Program Files\CCleaner
2021-01-26 20:39 - 2020-12-15 15:33 - 000000000 ____D C:\Users\acer\AppData\Local\CrashDumps
2021-01-26 20:39 - 2019-03-19 05:50 - 000000000 ____D C:\WINDOWS\INF
2021-01-26 20:34 - 2019-01-05 12:16 - 000000000 ____D C:\Users\acer\AppData\Local\Spotify
2021-01-26 20:23 - 2019-01-05 12:15 - 000000000 ____D C:\Users\acer\AppData\Roaming\Spotify
2021-01-26 19:08 - 2019-08-12 03:19 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-01-26 14:10 - 2020-10-04 17:31 - 000002351 _____ C:\Users\acer\Desktop\Microsoft Teams.lnk
2021-01-26 14:10 - 2020-03-25 10:28 - 000002359 _____ C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Microsoft Teams.lnk
2021-01-26 13:56 - 2019-03-19 05:37 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2021-01-26 13:51 - 2019-10-31 08:56 - 000000000 ____D C:\Users\acer\Desktop\MA
2021-01-26 13:51 - 2018-07-11 19:10 - 000000000 ____D C:\Users\acer\AppData\LocalLow\Mozilla
2021-01-26 13:48 - 2019-02-06 22:02 - 000000000 ____D C:\ProgramData\Mozilla
2021-01-26 13:45 - 2020-01-05 12:29 - 000003392 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-01-26 13:45 - 2018-07-11 22:23 - 000000000 ____D C:\Program Files\Common Files\AV
2021-01-26 13:39 - 2018-07-11 22:22 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-01-26 13:39 - 2018-07-11 22:22 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-01-26 13:38 - 2018-07-15 21:53 - 000000000 ____D C:\Users\acer\AppData\Roaming\ViberPC
2021-01-26 13:34 - 2020-05-24 12:59 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2021-01-26 13:34 - 2019-08-12 03:26 - 000000000 ____D C:\Users\acer
2021-01-26 13:34 - 2018-06-29 15:55 - 000000000 __SHD C:\Users\acer\IntelGraphicsProfiles
2021-01-26 13:33 - 2019-08-12 04:20 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-01-26 13:33 - 2018-06-29 16:14 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2021-01-26 13:33 - 2018-06-29 16:08 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2021-01-26 12:53 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2021-01-25 22:01 - 2019-08-12 03:39 - 000795992 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-01-25 21:40 - 2020-12-14 17:54 - 000004210 _____ C:\WINDOWS\system32\Tasks\CCleaner Update
2021-01-25 19:51 - 2019-03-19 05:52 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-01-25 17:54 - 2018-06-29 15:48 - 000000000 ____D C:\Users\acer\AppData\Local\Packages
2021-01-24 23:56 - 2020-10-24 16:23 - 000000000 ____D C:\Users\acer\Documents\STOPPARD
2021-01-24 23:25 - 2020-05-22 12:53 - 000000000 ____D C:\Users\acer\Documents\iris murdoch
2021-01-24 23:25 - 2020-05-22 12:49 - 000000000 ____D C:\Users\acer\Documents\arthur miller
2021-01-23 12:28 - 2020-10-22 09:21 - 000000000 ____D C:\Users\acer\Documents\language and ideology
2021-01-22 21:04 - 2020-03-24 10:04 - 000000000 ____D C:\Users\acer\AppData\Local\SquirrelTemp
2021-01-19 22:35 - 2020-06-07 00:52 - 000003576 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-01-19 22:35 - 2020-06-07 00:52 - 000003452 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-01-16 17:36 - 2018-06-29 16:08 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-01-15 23:06 - 2019-03-19 05:37 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-01-15 14:11 - 2020-02-19 22:56 - 000000000 ____D C:\Users\acer\Documents\lit and culture 2
2021-01-12 09:50 - 2018-06-29 16:09 - 000002313 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-01-12 09:50 - 2018-06-29 16:09 - 000002272 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-01-12 09:50 - 2018-06-29 16:09 - 000002272 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-01-11 21:35 - 2019-05-23 15:11 - 000000000 ____D C:\Users\acer\Desktop\pikosky
2021-01-09 17:47 - 2019-07-10 08:24 - 000000000 ____D C:\Users\acer\AppData\Local\D3DSCache
2021-01-05 13:39 - 2018-06-29 15:51 - 000000000 ____D C:\Users\acer\AppData\Local\PlaceholderTileLogoFolder
2021-01-03 15:55 - 2018-07-11 19:54 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2020-12-30 14:32 - 2019-03-19 05:52 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Re: Pomaly NTB
Dobry den.
Stiahnite si na plochu nastroj AdwCleaner, link. na stiahnutie tu: https://toolslib.net/downloads/finish/1/
Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.

Pred spustenim nastroja povypinajte vsetke beziace okna programov, to su vsetke beziace programy pod desktopom.
Kliknite pravym tlacidlom mysi na program -> spustit ako Administrator.
Pokracujte kliknutim na tlacidlo Prehladaj teraz (Scan now) a pockajte, kym sa system doskenuje.
Po skene nechajte oznacene vsetky chlieviky, pripadne najdene hrozieby a pokracujte v dolnom pravom rohu tlacidlom Vycistit Teraz (Clean and Repair).
Po restartovani PC sa spusti nastroj AdwCleaner, kliknite na Zobrazit soubor protokolu.
Spusti sa log, jeho obsah skopirujte sem.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Pomaly NTB
# -------------------------------
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-26-2021
# Duration: 00:00:36
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1406 octets] - [24/05/2020 11:25:23]
AdwCleaner[C00].txt - [1596 octets] - [24/05/2020 11:26:39]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
# Malwarebytes AdwCleaner 8.0.9.1
# -------------------------------
# Build: 01-20-2021
# Database: 2021-01-11.1 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 01-26-2021
# Duration: 00:00:36
# OS: Windows 10 Home
# Scanned: 31956
# Detected: 0
***** [ Services ] *****
No malicious services found.
***** [ Folders ] *****
No malicious folders found.
***** [ Files ] *****
No malicious files found.
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
No malicious tasks found.
***** [ Registry ] *****
No malicious registry entries found.
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Hosts File Entries ] *****
No malicious hosts file entries found.
***** [ Preinstalled Software ] *****
No Preinstalled Software found.
AdwCleaner[S00].txt - [1406 octets] - [24/05/2020 11:25:23]
AdwCleaner[C00].txt - [1596 octets] - [24/05/2020 11:26:39]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########
Re: Pomaly NTB
ok. mozete mi sem pridat, prosim, este addition log?
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Pomaly NTB
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by acer (26-01-2021 20:56:48)
Running from C:\Users\acer\Desktop
Windows 10 Home Version 1909 18363.1256 (X64) (2019-08-12 03:24:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
acer (S-1-5-21-3844774036-794628965-2151850631-1001 - Administrator - Enabled) => C:\Users\acer
Administrator (S-1-5-21-3844774036-794628965-2151850631-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3844774036-794628965-2151850631-503 - Limited - Disabled)
Guest (S-1-5-21-3844774036-794628965-2151850631-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3844774036-794628965-2151850631-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Google Chrome (HKLM\...\{6BE8C6A1-54E8-312E-A876-FF27463F3324}) (Version: 87.0.4280.141 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Icecream Ebook Reader verzia 5.19 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.19 - Icecream Apps)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.57 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.8 (HKLM-x32\...\{D00D3099-365F-4B6D-8512-F393994DB3D1}) (Version: 4.18.9803 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7719 - Realtek Semiconductor Corp.)
Skype verzia 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Spotify) (Version: 1.1.46.916.g416cacf1 - Spotify AB)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{BBFA9E7E-E240-4DAB-8397-8D4CAFEDA33A}) (Version: 9.2.0.6 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\{aec256d8-b6d9-4790-84bf-97f81a4db75d}) (Version: 9.2.0.6 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.13.6.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.178.200.0_x86__kgqvnymyfvs32 [2020-10-02] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.4.1.0_x86__h6adky7gbf63m [2020-10-15] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-28] (Dolby Laboratories)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-02] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-25] (Microsoft Studios) [MS Ad]
Váš telefón -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-17] (Microsoft Corporation)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3844774036-794628965-2151850631-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\acer\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-04-19 17:09 - 2020-04-19 17:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-19 17:09 - 2020-04-19 17:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\Pictures\pics\original-24878-1438602129-15.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{686F92EF-5EF4-4262-9136-7F136E1BC8A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37CC2BEA-A93F-4074-8B47-9223ADCCEBCD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C116AB69-2D6A-4BA9-8B30-C2621B7407F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F48FC26A-5DC9-4766-B9CD-3575D6B62D4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72A2DE2E-2BFB-49EC-80C1-19CC02483396}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{14C5E17B-0277-4E44-89D4-875D98FE1E2A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AE9E768-BF2D-4EE2-B13D-309A5A8D77F2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D65F3DFC-851D-4053-88A0-022D2014DDD6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1616716-2F20-4173-A6F6-ECAA8884D0ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7D9FAE4E-F2FF-4AC8-A291-BE5BCB9F4E50}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{47D552E4-115A-47A2-AB58-07B44148E936}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D71FC4F-9420-4530-95B2-6713EC80E9F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{18C2327A-F0C4-411D-8D49-1C40F4C56FA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2498FAD9-933E-490C-BE8A-1ABC73D58109}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{7F6DFB06-0A34-4EE3-8021-DBF70E85BEC2}C:\users\acer\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\acer\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{65E7AAA2-BE0D-4CED-8545-817ACE3A5E3B}C:\users\acer\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\acer\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
07-01-2021 10:20:50 Scheduled Checkpoint
16-01-2021 23:22:23 Scheduled Checkpoint
26-01-2021 15:35:20 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/26/2021 08:49:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3016,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 08:33:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10756,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 08:24:13 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (5596,G,0) An attempt to open the file "C:\Users\acer\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (01/26/2021 03:53:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7952,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 03:27:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1568,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 02:52:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2564,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 02:05:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12060,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 01:53:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20092.123.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 794
Start Time: 01d6f3dfb566e59a
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe\YourPhone.exe
Report Id: f85627c3-cd6f-4fa3-b8e3-3f9b60ecc609
Faulting package full name: Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Hang type: Quiesce
System errors:
=============
Error: (01/26/2021 08:40:40 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-T5A6533)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/26/2021 07:09:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 02:55:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 02:04:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 01:43:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220!App.AppX7djta59vx3ja8tamf67z3gjhpzmq33a8.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 01:40:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 01:40:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker sa pri spustení zablokovala.
Error: (01/26/2021 01:38:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Background Intelligent Transfer Service sa pri spustení zablokovala.
Windows Defender:
===================================
Date: 2019-10-11 20:39:07.729
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8B00B4C6-297D-47C0-8FFE-8EA9C2FA7DF3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 20:33:46.148
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {83591E20-3DF4-4443-BD01-86A7A0D5A45E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 20:02:32.098
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C6756E75-691F-46A7-90C5-F28ED76969B2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 18:22:19.517
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4E0744BF-749A-4AE6-BEA7-37453A410F69}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 17:59:06.799
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {297A6AC3-7035-4BFA-AE28-A2B08A1481A8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-07 11:32:27.822
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.821
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.821
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.733
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.732
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
CodeIntegrity:
===================================
Date: 2021-01-26 20:25:34.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-26 20:25:34.438
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-26 13:44:50.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:48.137
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:38.141
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:01.813
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:01.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:01.150
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.14 11/11/2014
Motherboard: Acer Aspire V3-371
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 84%
Total physical RAM: 4019.27 MB
Available physical RAM: 625.11 MB
Total Virtual: 8883.27 MB
Available Virtual: 3671.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:221.19 GB) NTFS
\\?\Volume{6508dd29-e612-41f0-a1c8-3c45e28d061e}\ (Obnovenie) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{a492c8e6-aee5-4812-8f40-e2cae885aad5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Ran by acer (26-01-2021 20:56:48)
Running from C:\Users\acer\Desktop
Windows 10 Home Version 1909 18363.1256 (X64) (2019-08-12 03:24:03)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
acer (S-1-5-21-3844774036-794628965-2151850631-1001 - Administrator - Enabled) => C:\Users\acer
Administrator (S-1-5-21-3844774036-794628965-2151850631-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3844774036-794628965-2151850631-503 - Limited - Disabled)
Guest (S-1-5-21-3844774036-794628965-2151850631-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-3844774036-794628965-2151850631-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Enabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Kaspersky Internet Security (Enabled - Up to date) {0AB30972-4BAC-7BEE-CBCA-B8F9E68797D8}
AS: Kaspersky Internet Security (Enabled - Up to date) {B1D2E896-6D96-7460-F17A-838B9D00DD65}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: Kaspersky Internet Security (Enabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
FW: Kaspersky Internet Security (Enabled) {32888857-01C3-7AB6-E095-11CC1854D0A3}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
CCleaner (HKLM\...\CCleaner) (Version: 5.76 - Piriform)
Google Chrome (HKLM\...\{6BE8C6A1-54E8-312E-A876-FF27463F3324}) (Version: 87.0.4280.141 - Google, Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Icecream Ebook Reader verzia 5.19 (HKLM-x32\...\{B8C30F0F-1F23-49E1-A3ED-44DE17660EE2}_is1) (Version: 5.19 - Icecream Apps)
ImgBurn (HKLM-x32\...\ImgBurn) (Version: 2.5.8.0 - LIGHTNING UK!)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Java 8 Update 271 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180271F0}) (Version: 8.0.2710.9 - Oracle Corporation)
Kaspersky Internet Security (HKLM-x32\...\{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky)
Kaspersky Secure Connection (HKLM-x32\...\{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab) Hidden
Kaspersky Secure Connection (HKLM-x32\...\InstallWIX_{F10AA188-7166-430E-8810-FEAB2AD73DE3}) (Version: 19.0.0.1088 - Kaspersky Lab)
Microsoft 365 - sk-sk (HKLM\...\O365HomePremRetail - sk-sk) (Version: 16.0.13426.20404 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 87.0.664.57 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.139.71 - )
Microsoft OneDrive (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50907.0 - Microsoft Corporation)
Microsoft Teams (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Teams) (Version: 1.3.00.34662 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{0BCA8FBE-0C1C-4C65-98A3-5D34AAF41737}) (Version: 2.70.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Mozilla Firefox 84.0.2 (x64 sk) (HKLM\...\Mozilla Firefox 84.0.2 (x64 sk)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 61.0 - Mozilla)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13426.20404 - Microsoft Corporation) Hidden
OpenOffice 4.1.8 (HKLM-x32\...\{D00D3099-365F-4B6D-8512-F393994DB3D1}) (Version: 4.18.9803 - Apache Software Foundation)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7719 - Realtek Semiconductor Corp.)
Skype verzia 8.67 (HKLM-x32\...\Skype_is1) (Version: 8.67 - Skype Technologies S.A.)
Spotify (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\Spotify) (Version: 1.1.46.916.g416cacf1 - Spotify AB)
TeamViewer (HKLM-x32\...\TeamViewer) (Version: 15.13.6 - TeamViewer)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{16AD6161-2E47-4BF1-AA77-0946EFE93E08}) (Version: 2.61.0.0 - Microsoft Corporation)
Viber (HKLM-x32\...\{BBFA9E7E-E240-4DAB-8397-8D4CAFEDA33A}) (Version: 9.2.0.6 - Viber Media Inc.) Hidden
Viber (HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\{aec256d8-b6d9-4790-84bf-97f81a4db75d}) (Version: 9.2.0.6 - Viber Media Inc.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.11 - VideoLAN)
WinRAR 5.91 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.91.0 - win.rar GmbH)
Packages:
=========
Autodesk SketchBook -> C:\Program Files\WindowsApps\89006A2E.AutodeskSketchBook_5.1.0.0_x64__tf1gferkr813w [2019-11-09] (Autodesk Inc.)
Bubble Witch 3 Saga -> C:\Program Files\WindowsApps\king.com.BubbleWitch3Saga_6.13.6.0_x86__kgqvnymyfvs32 [2020-09-30] (king.com)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.178.200.0_x86__kgqvnymyfvs32 [2020-10-02] (king.com)
Disney Magic Kingdoms -> C:\Program Files\WindowsApps\A278AB0D.DisneyMagicKingdoms_5.4.1.0_x86__h6adky7gbf63m [2020-10-15] (Gameloft SE)
Dolby Access -> C:\Program Files\WindowsApps\DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220 [2020-09-28] (Dolby Laboratories)
Hidden City: Hidden Object Adventure -> C:\Program Files\WindowsApps\828B5831.HiddenCityMysteryofShadows_1.37.3702.0_x86__ytsefhwckbdv6 [2020-10-02] (G5 Entertainment AB)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1808.3.0_x64__8wekyb3d8bbwe [2019-08-12] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-18] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.7.8101.0_x64__8wekyb3d8bbwe [2020-08-25] (Microsoft Studios) [MS Ad]
Váš telefón -> C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe [2020-10-17] (Microsoft Corporation)
WhatsApp Desktop -> C:\Program Files\WindowsApps\5319275A.WhatsAppDesktop_2.2041.7.0_x64__cv1g1gvanyjgm [2020-10-23] (WhatsApp Inc.)
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3844774036-794628965-2151850631-1001_Classes\CLSID\{19A6E644-14E6-4A60-B8D7-DD20610A871D}\InprocServer32 -> C:\Users\acer\AppData\Local\Microsoft\TeamsMeetingAddin\1.0.20289.5\x64\Microsoft.Teams.AddinLoader.dll (Microsoft Corporation -> Microsoft Corporation)
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-06-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2020-12-30] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-06-25] (win.rar GmbH -> Alexander Roshal)
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
==================== Loaded Modules (Whitelisted) =============
2020-04-19 17:09 - 2020-04-19 17:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\AppVIsvSubsystems32.dll
2020-04-19 17:09 - 2020-04-19 17:09 - 000000000 ____L (Microsoft Corporation) C:\Program Files (x86)\Microsoft Office\Root\Office16\c2r32.dll
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2020-09-16] (Microsoft Corporation -> Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_251\bin\ssv.dll [2020-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_251\bin\jp2ssv.dll [2020-05-24] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\ssv.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_271\bin\jp2ssv.dll [2020-11-09] (Oracle America, Inc. -> Oracle Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-01-02] (Microsoft Corporation -> Microsoft Corporation)
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Common Files\Oracle\Java\javapath;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\acer\Pictures\pics\original-24878-1438602129-15.jpg
DNS Servers: 192.168.43.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{686F92EF-5EF4-4262-9136-7F136E1BC8A1}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{37CC2BEA-A93F-4074-8B47-9223ADCCEBCD}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{C116AB69-2D6A-4BA9-8B30-C2621B7407F1}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{F48FC26A-5DC9-4766-B9CD-3575D6B62D4A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{72A2DE2E-2BFB-49EC-80C1-19CC02483396}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{14C5E17B-0277-4E44-89D4-875D98FE1E2A}] => (Allow) C:\Program Files\WindowsApps\Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c\Skype\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{7AE9E768-BF2D-4EE2-B13D-309A5A8D77F2}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{D65F3DFC-851D-4053-88A0-022D2014DDD6}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{A1616716-2F20-4173-A6F6-ECAA8884D0ED}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{7D9FAE4E-F2FF-4AC8-A291-BE5BCB9F4E50}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{47D552E4-115A-47A2-AB58-07B44148E936}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{4D71FC4F-9420-4530-95B2-6713EC80E9F2}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer Germany GmbH -> TeamViewer Germany GmbH)
FirewallRules: [{18C2327A-F0C4-411D-8D49-1C40F4C56FA7}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe (Microsoft Corporation -> Microsoft Corporation)
FirewallRules: [{2498FAD9-933E-490C-BE8A-1ABC73D58109}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{7F6DFB06-0A34-4EE3-8021-DBF70E85BEC2}C:\users\acer\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\acer\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{65E7AAA2-BE0D-4CED-8545-817ACE3A5E3B}C:\users\acer\appdata\roaming\spotify\spotify.exe] => (Block) C:\users\acer\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
==================== Restore Points =========================
07-01-2021 10:20:50 Scheduled Checkpoint
16-01-2021 23:22:23 Scheduled Checkpoint
26-01-2021 15:35:20 Scheduled Checkpoint
==================== Faulty Device Manager Devices ============
==================== Event log errors: ========================
Application errors:
==================
Error: (01/26/2021 08:49:54 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (3016,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 08:33:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (10756,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 08:24:13 PM) (Source: ESENT) (EventID: 489) (User: )
Description: taskhostw (5596,G,0) An attempt to open the file "C:\Users\acer\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat" for read only access failed with system error 32 (0x00000020): "The process cannot access the file because it is being used by another process. ". The open file operation will fail with error -1032 (0xfffffbf8).
Error: (01/26/2021 03:53:49 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (7952,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 03:27:28 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (1568,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 02:52:18 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (2564,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 02:05:44 PM) (Source: ESENT) (EventID: 455) (User: )
Description: svchost (12060,R,98) TILEREPOSITORYS-1-5-18: Error -1023 (0xfffffc01) occurred while opening logfile C:\WINDOWS\system32\config\systemprofile\AppData\Local\TileDataLayer\Database\EDB.log.
Error: (01/26/2021 01:53:15 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: The program YourPhone.exe version 1.20092.123.0 stopped interacting with Windows and was closed. To see if more information about the problem is available, check the problem history in the Security and Maintenance control panel.
Process ID: 794
Start Time: 01d6f3dfb566e59a
Termination Time: 4294967295
Application Path: C:\Program Files\WindowsApps\Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe\YourPhone.exe
Report Id: f85627c3-cd6f-4fa3-b8e3-3f9b60ecc609
Faulting package full name: Microsoft.YourPhone_1.20092.123.0_x64__8wekyb3d8bbwe
Faulting package-relative application ID: App
Hang type: Quiesce
System errors:
=============
Error: (01/26/2021 08:40:40 PM) (Source: DCOM) (EventID: 10000) (User: DESKTOP-T5A6533)
Description: Unable to start a DCOM Server: {0358B920-0AC7-461F-98F4-58E32CD89148}. The error:
"2147942767"
Happened while starting this command:
C:\WINDOWS\system32\DllHost.exe /Processid:{3EB3C877-1F16-487C-9050-104DBCD66683}
Error: (01/26/2021 07:09:18 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.Windows.Cortana_1.13.0.18362_neutral_neutral_cw5n1h2txyewy!CortanaUI.AppXjytc7c0yvwb8n3cw0r82k4364sd1s7bv.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 02:55:54 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 02:04:19 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 01:43:53 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server DolbyLaboratories.DolbyAccess_3.5.201.0_x64__rz1tebttyb220!App.AppX7djta59vx3ja8tamf67z3gjhpzmq33a8.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 01:40:09 PM) (Source: DCOM) (EventID: 10010) (User: DESKTOP-T5A6533)
Description: The server Microsoft.SkypeApp_15.65.78.0_x86__kzf8qxf38zg5c!App.AppXtwmqn4em5r5dpafgj4t4yyxgjfe0hr50.mca did not register with DCOM within the required timeout.
Error: (01/26/2021 01:40:09 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba System Guard Runtime Monitor Broker sa pri spustení zablokovala.
Error: (01/26/2021 01:38:05 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Background Intelligent Transfer Service sa pri spustení zablokovala.
Windows Defender:
===================================
Date: 2019-10-11 20:39:07.729
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {8B00B4C6-297D-47C0-8FFE-8EA9C2FA7DF3}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 20:33:46.148
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {83591E20-3DF4-4443-BD01-86A7A0D5A45E}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 20:02:32.098
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {C6756E75-691F-46A7-90C5-F28ED76969B2}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 18:22:19.517
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {4E0744BF-749A-4AE6-BEA7-37453A410F69}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-11 17:59:06.799
Description:
Windows Defender Antivirus scan has been stopped before completion.
Scan ID: {297A6AC3-7035-4BFA-AE28-A2B08A1481A8}
Scan Type: Antimalware
Scan Parameters: Quick Scan
Date: 2019-10-07 11:32:27.822
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.821
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.821
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.733
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
Date: 2019-10-07 11:32:27.732
Description:
Windows Defender Antivirus has encountered an error trying to update security intelligence.
New security intelligence Version:
Previous security intelligence Version: 1.293.1422.0
Update Source: Microsoft Malware Protection Center
Security intelligence Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.15900.4
Error code: 0x80072efd
Error description: A connection with the server could not be established
CodeIntegrity:
===================================
Date: 2021-01-26 20:25:34.454
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-26 20:25:34.438
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.
Date: 2021-01-26 13:44:50.573
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:48.137
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:38.141
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:01.813
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:01.427
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
Date: 2021-01-26 13:44:01.150
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: Insyde Corp. V1.14 11/11/2014
Motherboard: Acer Aspire V3-371
Processor: Intel(R) Core(TM) i3-4005U CPU @ 1.70GHz
Percentage of memory in use: 84%
Total physical RAM: 4019.27 MB
Available physical RAM: 625.11 MB
Total Virtual: 8883.27 MB
Available Virtual: 3671.66 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:465.16 GB) (Free:221.19 GB) NTFS
\\?\Volume{6508dd29-e612-41f0-a1c8-3c45e28d061e}\ (Obnovenie) (Fixed) (Total:0.49 GB) (Free:0.07 GB) NTFS
\\?\Volume{a492c8e6-aee5-4812-8f40-e2cae885aad5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================
Re: Pomaly NTB
Do poznamkoveho bloku skopirujte obsah dole:
Poznamkovy blok ulozte pod nazvom fixlist.txt do umiestnenia kde je FRST.
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
Kód: Vybrat vše
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\MountPoints2: {2cc16ddb-98ed-11ea-b71c-3065ec7397f0} - "D:\HiSuiteDownLoader.exe"
Task: {5BC6AF53-C444-47CA-9BCF-833E501B3267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {C1832A18-598B-4585-AB95-0F22A61D2633} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-06-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-06-03] <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
U3 avgbdisk; no ImagePath
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
EmptyTemp:
Spustite FRST a odkliknite tlacidlo: Fix
Vykona sa funkcionalita po ktorej sa pocitac rebootuje. Po reboote sem vlozte obsah logu: fixlog.txt ulozeneho v umiestneni FRST.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Pomaly NTB
Fix result of Farbar Recovery Scan Tool (x64) Version: 24-01-2021 01
Ran by acer (26-01-2021 23:07:31) Run:2
Running from C:\Users\acer\Desktop
Loaded Profiles: acer
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\MountPoints2: {2cc16ddb-98ed-11ea-b71c-3065ec7397f0} - "D:\HiSuiteDownLoader.exe"
Task: {5BC6AF53-C444-47CA-9BCF-833E501B3267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {C1832A18-598B-4585-AB95-0F22A61D2633} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-06-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-06-03] <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
U3 avgbdisk; no ImagePath
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc16ddb-98ed-11ea-b71c-3065ec7397f0} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BC6AF53-C444-47CA-9BCF-833E501B3267}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BC6AF53-C444-47CA-9BCF-833E501B3267}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1832A18-598B-4585-AB95-0F22A61D2633}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1832A18-598B-4585-AB95-0F22A61D2633}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully
avgbdisk => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8476824 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 16955997 B
Edge => 87552 B
Chrome => 35019191 B
Firefox => 9895199 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
acer => 46013666 B
RecycleBin => 43008 B
EmptyTemp: => 121.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:09:31 ====
Ran by acer (26-01-2021 23:07:31) Run:2
Running from C:\Users\acer\Desktop
Loaded Profiles: acer
Boot Mode: Normal
==============================================
fixlist content:
*****************
CloseProcesses:
CreateRestorePoint:
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [706680 2020-09-17] (Oracle America, Inc. -> Oracle Corporation)
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\...\MountPoints2: {2cc16ddb-98ed-11ea-b71c-3065ec7397f0} - "D:\HiSuiteDownLoader.exe"
Task: {5BC6AF53-C444-47CA-9BCF-833E501B3267} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
Task: {C1832A18-598B-4585-AB95-0F22A61D2633} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153168 2018-06-29] (Google Inc -> Google Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2020-06-03] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2020-06-03] <==== ATTENTION
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
U3 avgbdisk; no ImagePath
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
EmptyTemp:
*****************
Processes closed successfully.
Restore point was successfully created.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched" => removed successfully
HKU\S-1-5-21-3844774036-794628965-2151850631-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{2cc16ddb-98ed-11ea-b71c-3065ec7397f0} => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5BC6AF53-C444-47CA-9BCF-833E501B3267}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BC6AF53-C444-47CA-9BCF-833E501B3267}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{C1832A18-598B-4585-AB95-0F22A61D2633}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C1832A18-598B-4585-AB95-0F22A61D2633}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js => moved successfully
C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg => moved successfully
"HKLM\Software\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully
"HKLM\Software\Wow6432Node\Mozilla\Firefox\Extensions\\light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com" => removed successfully
HKLM\System\CurrentControlSet\Services\avgbdisk => removed successfully
avgbdisk => service removed successfully
HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 11296768 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 8476824 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 16955997 B
Edge => 87552 B
Chrome => 35019191 B
Firefox => 9895199 B
Opera => 0 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 0 B
NetworkService => 0 B
acer => 46013666 B
RecycleBin => 43008 B
EmptyTemp: => 121.9 MB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 23:09:31 ====
Re: Pomaly NTB
Ako je na tom pocitac? Pripadne, ktore procesy, v spravci uloh, najviac zatazuju OS?
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky
Re: Pomaly NTB
Vdaka,je to o poznanie lepsie!
Re: Pomaly NTB
Dobre.
Nemate zac.
Nemate zac.
► Vyšla moja nová kniha BOTNETY!
Informácie o nej nájdete tu: >> BOTNETY <<
¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---
Hľadáme nové posily do nášej CyberSecurity UNIT jednotky. Viac informácií o tom, čo to obnáša a ako sa pripojiť nájdete tu: >> CyberSecurity UNIT << 
----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky

¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯¯
---


----
► Nízkoúrovňový, Vysokoúrovňový programátor - profilová karta tu: card <<
----
► Háveťárna - UPLOAD Malwaru: >> upload <<
---
► Ak sa Vám ľúbi moja práca a ste sňou spokojný, môžete ma kontaktovať na: diallix@centrum.sk, info@diallix.net alebo diallix@forum.viry.cz .
---
Momentálne aktívny ako:
- konzultant, vývojár a tutor výskumu inteligentného malwaru.
- tutor v oblasti dotazovacích jazykoch SQL (TSQL, PLSQL), objektového programovania (c++,c#,php) pre študentov.
Na fóre pôsobím ako:
- Bezpečnostná autorita viry.cz
- Zástupca tutora pre vzdelávanie nováčikov
- Zakladateľ Cyber Security jednotky