Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 22-04-2022
Ran by Ricky (administrator) on DESKTOP-J4POG28 (27-04-2022 12:32:55)
Running from C:\Users\Ricky\Downloads
Loaded Profiles: Ricky
Platform: Microsoft Windows 10 Pro Version 21H2 19044.1645 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avpui.exe
(C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksdeui.exe
(C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe ->) (LogMeIn, Inc. -> LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\LMIGuardianSvc.exe
(C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCopyAccelerator.exe
(DriverStore\FileRepository\u0367912.inf_amd64_1567db284dfba458\B366469\atiesrxx.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0367912.inf_amd64_1567db284dfba458\B366469\atieclxx.exe
(explorer.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(explorer.exe ->) (Google LLC -> Google LLC) C:\Program Files\Google\Chrome\Application\chrome.exe <18>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.36.132\GoogleCrashHandler64.exe
(Microsoft Corporation -> ) C:\Program Files\PCHealthCheck\PCHealthCheck.exe
(services.exe ->) (Advanced Micro Devices Inc. -> Advanced Micro Devices, Inc.) C:\Windows\System32\amdfendrsr.exe
(services.exe ->) (Advanced Micro Devices, Inc. -> AMD) C:\Windows\System32\DriverStore\FileRepository\u0367912.inf_amd64_1567db284dfba458\B366469\atiesrxx.exe
(services.exe ->) (AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe
(services.exe ->) (Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe
(services.exe ->) (LogMeIn, Inc. -> LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe
(services.exe ->) (Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe
(svchost.exe ->) (IObit CO., LTD -> IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
(svchost.exe ->) (Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.549981C3F5F10_4.2203.4603.0_x64__8wekyb3d8bbwe\Cortana.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(svchost.exe ->) (Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
==================== Registry (Whitelisted) ===================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Windows x64\Print Processors\Canon MP140 series Print Processor: C:\Windows\System32\spool\prtprocs\x64\CNMPD8R.DLL [27648 2007-03-18] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\...\Print\Monitors\Canon BJ Language Monitor MP140 series: C:\WINDOWS\system32\CNMLM8R.DLL [259584 2008-02-05] (Microsoft Windows Hardware Compatibility Publisher -> CANON INC.)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files\Google\Chrome\Application\100.0.4896.127\Installer\chrmstp.exe [2022-04-20] (Google LLC -> Google LLC)
==================== Scheduled Tasks (Whitelisted) ============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {03FE2637-CF46-4E5F-A21A-C1D0078E8323} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {0BA9359D-2606-4EE6-9EC6-5966E211FFC4} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [743488 2022-04-27] (Kaspersky Lab JSC -> AO Kaspersky Lab)
Task: {174F4847-4903-4581-9827-6B8C715D535A} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-11] (Google LLC -> Google LLC)
Task: {202F5358-4BA5-4540-BAB4-B8633B0E373A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {254A177A-A5D5-4AE4-9FD8-A100F97F55D2} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [156232 2021-12-11] (Google LLC -> Google LLC)
Task: {5E395307-49FC-4898-99F5-47ECB3CF0B9A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {7512D831-F884-4F33-AB60-B6BDD2C974EE} - System32\Tasks\Mozilla\Firefox Background Update 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\firefox.exe --MOZ_LOG sync,prependheader,timestamp,append,maxsize:1,Dump:5 --MOZ_LOG_FILE C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38\updates\308046B0AF4A39CB\backgroundupdate.moz_log --backgroundtask backgroundupdate
Task: {B2C42B90-7AF3-4DD4-BB64-71AE19816BD2} - System32\Tasks\Mozilla\Firefox Default Browser Agent 308046B0AF4A39CB => C:\Program Files\Mozilla Firefox\default-browser-agent.exe do-task "308046B0AF4A39CB"
Task: {DADC97D4-02B8-4666-9D6F-0AC4A6FBE93C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MpCmdRun.exe [993000 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {E33A7BA2-9AEC-4BD0-BCBB-C0087076BFEA} - System32\Tasks\Uninstaller_SkipUac_Ricky => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe [7517720 2022-02-10] (IObit CO., LTD -> IObit)
Task: {EAD11C51-F76B-4926-93D9-6117DA86C3FD} - System32\Tasks\Opera scheduled Autoupdate 1639179332 => C:\Users\Ricky\AppData\Local\Programs\Opera\launcher.exe [2469120 2022-04-04] (Opera Software AS -> Opera Software)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 86.49.5.221 86.49.5.222
Tcpip\..\Interfaces\{0039d146-87ed-4237-bcac-43978c70e528}: [DhcpNameServer] 86.49.5.221 86.49.5.222
Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\Ricky\AppData\Local\Microsoft\Edge\User Data\Default [2022-04-27]
Edge HKU\S-1-5-21-3294239711-236292038-94065591-1001\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
FireFox:
========
FF DefaultProfile: acxhjj4j.default
FF ProfilePath: C:\Users\Ricky\AppData\Roaming\Mozilla\Firefox\Profiles\acxhjj4j.default [2021-12-15]
FF ProfilePath: C:\Users\Ricky\AppData\Roaming\Mozilla\Firefox\Profiles\uu3pjy19.default-release [2022-04-26]
FF Notifications: Mozilla\Firefox\Profiles\uu3pjy19.default-release -> hxxps://key-drop.com
FF Extension: (SetupVPN - Lifetime Free VPN) - C:\Users\Ricky\AppData\Roaming\Mozilla\Firefox\Profiles\uu3pjy19.default-release\Extensions\@setupvpncom.xpi [2022-04-14]
FF HKLM\...\Firefox\Extensions: [
light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [
light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @canon.com/EPPEX -> C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL [2013-04-19] (CANON INC.) [File not signed]
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.50918.0\npctrl.dll [2018-10-23] (Microsoft Corporation -> Microsoft Corporation)
FF Plugin-x32: @videolan.org/vlc,version=3.0.16 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2021-06-18] (VideoLAN -> VideoLAN)
Chrome:
=======
CHR DefaultProfile: Default
CHR Profile: C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default [2022-04-27]
CHR Notifications: Default -> hxxps://csgocases.com; hxxps://sdilej.cz; hxxps://
www.ifortuna.cz
CHR Extension: (Ochrana Kaspersky) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2022-04-27]
CHR Extension: (YouTube) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-04-19]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2022-04-25]
CHR Extension: (ySense Addon) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\hjnhcgkngeeahimbfhejeaiijecekhba [2021-12-11]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-04-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-11]
CHR Profile: C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Guest Profile [2022-04-27]
CHR Profile: C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1 [2022-02-01]
CHR Extension: (Prezentace) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-11]
CHR Extension: (Ochrana Kaspersky) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-12-25]
CHR Extension: (Dokumenty) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-11]
CHR Extension: (Disk Google) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-11]
CHR Extension: (YouTube) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-11]
CHR Extension: (Tabulky) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-11]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-02-01]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-02-01]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-11]
CHR Extension: (Gmail) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-11]
CHR Profile: C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3 [2022-03-25]
CHR Extension: (Prezentace) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2021-12-25]
CHR Extension: (Dokumenty) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\aohghmighlieiainnegkcijnfilokake [2021-12-25]
CHR Extension: (Disk Google) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\apdfllckaahabafndbhieahigkjlhalf [2021-12-25]
CHR Extension: (YouTube) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2021-12-25]
CHR Extension: (Tabulky) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2021-12-25]
CHR Extension: (Dokumenty Google offline) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2022-03-25]
CHR Extension: (AdBlock - nejlepší blokátor reklam) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2021-12-25]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2022-03-25]
CHR Extension: (Browsing Protection by F-Secure) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\jmjjnhpacphpjmnnlnccpfmhkcloaade [2022-03-25]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-12-25]
CHR Extension: (Gmail) - C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2021-12-25]
CHR Profile: C:\Users\Ricky\AppData\Local\Google\Chrome\User Data\System Profile [2022-04-27]
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
Opera:
=======
OPR Profile: C:\Users\Ricky\AppData\Roaming\Opera Software\Opera Stable [2022-04-27]
OPR DefaultSuggestURL: Opera Stable -> hxxps://
www.google.com/complete/search?client=o ... utEncoding}
OPR Extension: (Rich Hints Agent) - C:\Users\Ricky\AppData\Roaming\Opera Software\Opera Stable\Extensions\enegjkbbakeegngfapepobipndnebkdk [2022-02-18]
OPR Extension: (NeoBux AdAlert) - C:\Users\Ricky\AppData\Roaming\Opera Software\Opera Stable\Extensions\gnamhfljnpidhcekbnhbppkgmpjkbofp [2022-01-11]
OPR Extension: (Amazon Assistant Promotion) - C:\Users\Ricky\AppData\Roaming\Opera Software\Opera Stable\Extensions\kbmoiomgmchbpihhdpabemajcbjpcijk [2021-12-11]
==================== Services (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AVP21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\avp.exe [184768 2022-02-17] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [4958096 2021-12-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Hamachi2Svc; C:\Program Files (x86)\LogMeIn Hamachi\x64\hamachi-2.exe [3361736 2019-04-02] (LogMeIn, Inc. -> LogMeIn Inc.)
S3 klvssbridge64_21.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\vssbridge64.exe [479280 2021-02-19] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.3; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.3\ksde.exe [447104 2021-12-11] (Kaspersky Lab JSC -> AO Kaspersky Lab)
S3 Sense; C:\Program Files\Windows Defender Advanced Threat Protection\MsSense.exe [6254352 2022-04-14] (Microsoft Windows Publisher -> Microsoft Corporation)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\NisSrv.exe [3116848 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.2203.5-0\MsMpEng.exe [133544 2022-04-25] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 IObitUnSvr; C:\Program Files (x86)\IObit\IObit Uninstaller\IUService.exe [X]
S2 MBAMService; "C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe" [X]
===================== Drivers (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AMDXE; C:\WINDOWS\System32\drivers\amdxe.sys [62056 2020-09-02] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
S3 BthHFEnum; C:\WINDOWS\System32\drivers\bthhfenum.sys [144896 2019-12-07] (Microsoft Corporation) [File not signed]
R0 cm_km; C:\WINDOWS\System32\DRIVERS\cm_km.sys [237288 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 dtlitescsibus; C:\WINDOWS\System32\drivers\dtlitescsibus.sys [42256 2021-03-26] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\WINDOWS\System32\drivers\dtliteusbbus.sys [63696 2021-12-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 ew_usbccgpfilter; C:\WINDOWS\System32\drivers\ew_usbccgpfilter.sys [18944 2018-08-23] (Microsoft Windows Hardware Compatibility Publisher -> Huawei Technologies Co., Ltd.)
S3 Hamachi; C:\WINDOWS\system32\DRIVERS\Hamdrv.sys [45680 2019-04-02] (Microsoft Windows Hardware Compatibility Publisher -> LogMeIn Inc.)
R1 klbackupdisk; C:\WINDOWS\system32\DRIVERS\klbackupdisk.sys [105280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klbackupflt; C:\WINDOWS\System32\DRIVERS\klbackupflt.sys [206600 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kldisk; C:\WINDOWS\system32\DRIVERS\kldisk.sys [119568 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 klelam; C:\WINDOWS\System32\DRIVERS\klelam.sys [41656 2021-02-19] (Microsoft Windows Early Launch Anti-malware Publisher -> AO Kaspersky Lab)
R1 klflt; C:\WINDOWS\system32\DRIVERS\klflt.sys [522504 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klgse; C:\WINDOWS\System32\DRIVERS\klgse.sys [694056 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klhk; C:\WINDOWS\system32\DRIVERS\klhk.sys [1571680 2022-04-05] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klids; C:\ProgramData\Kaspersky Lab\AVP21.3\Bases\klids.sys [290600 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 KLIF; C:\WINDOWS\System32\DRIVERS\klif.sys [1049864 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klkbdflt; C:\WINDOWS\system32\DRIVERS\klkbdflt.sys [104728 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klmouflt; C:\WINDOWS\system32\DRIVERS\klmouflt.sys [107328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpd; C:\WINDOWS\System32\DRIVERS\klpd.sys [78088 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klpnpflt; C:\WINDOWS\system32\DRIVERS\klpnpflt.sys [88328 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 kltap; C:\WINDOWS\System32\drivers\kltap.sys [55592 2021-02-19] (AnchorFree Inc -> The OpenVPN Project)
R0 klupd_klif_arkmon; C:\WINDOWS\System32\Drivers\klupd_klif_arkmon.sys [309272 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_klark; C:\WINDOWS\System32\Drivers\klupd_klif_klark.sys [319176 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R0 klupd_klif_klbg; C:\WINDOWS\System32\Drivers\klupd_klif_klbg.sys [116008 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R3 klupd_klif_mark; C:\WINDOWS\System32\Drivers\klupd_klif_mark.sys [227664 2022-04-27] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwfp; C:\WINDOWS\system32\DRIVERS\klwfp.sys [150280 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 klwtp; C:\WINDOWS\system32\DRIVERS\klwtp.sys [325400 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
R1 kneps; C:\WINDOWS\system32\DRIVERS\kneps.sys [294680 2022-02-17] (Microsoft Windows Hardware Compatibility Publisher -> AO Kaspersky Lab)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [49600 2022-04-25] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [443664 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [90384 2022-04-25] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) (Whitelisted) =========
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-27 12:32 - 2022-04-27 12:36 - 000022792 _____ C:\Users\Ricky\Downloads\FRST.txt
2022-04-27 12:25 - 2022-04-27 12:25 - 002366976 _____ (Farbar) C:\Users\Ricky\Downloads\FRST64.exe
2022-04-27 12:02 - 2022-04-27 12:02 - 000001146 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PC Health Check.lnk
2022-04-27 12:02 - 2022-04-27 12:02 - 000000000 ____D C:\Program Files\PCHealthCheck
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5FF1.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5E78.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5CEF.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5B86.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET59A0.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5855.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET570B.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET52C4.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET5199.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET506E.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET4F43.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET4F02.tmp
2022-04-27 02:58 - 2022-04-27 02:58 - 000000000 _____ C:\WINDOWS\system32\Drivers\SET4BB5.tmp
2022-04-27 02:23 - 2022-04-27 02:23 - 008551608 _____ (Malwarebytes) C:\Users\Ricky\Downloads\adwcleaner(1).exe
2022-04-27 02:22 - 2022-04-27 02:27 - 000000000 ____D C:\AdwCleaner
2022-04-27 02:01 - 2022-04-27 02:02 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2022-04-27 01:59 - 2022-04-27 02:00 - 008540344 _____ (Malwarebytes) C:\Users\Ricky\Downloads\AdwCleaner.exe
2022-04-27 01:55 - 2022-04-27 01:55 - 000083728 _____ C:\ProgramData\agent.uninstall.1651017341.bdinstall.v2.bin
2022-04-27 01:45 - 2022-04-27 01:45 - 000000000 ____D C:\ProgramData\48C4687D-9760-4F5B-BAB3-60351B0841E4
2022-04-27 00:45 - 2022-04-27 00:45 - 000319176 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klark.sys
2022-04-27 00:39 - 2022-04-27 00:40 - 000227664 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_mark.sys
2022-04-27 00:39 - 2022-04-27 00:39 - 000309272 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_arkmon.sys
2022-04-27 00:39 - 2022-04-27 00:39 - 000116008 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klupd_klif_klbg.sys
2022-04-27 00:38 - 2022-04-27 00:38 - 000003392 _____ C:\WINDOWS\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2022-04-27 00:38 - 2022-04-27 00:38 - 000002347 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security.lnk
2022-04-27 00:38 - 2022-04-27 00:38 - 000002215 _____ C:\Users\Public\Desktop\Kaspersky Internet Security.lnk
2022-04-27 00:37 - 2022-02-17 09:35 - 000522504 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\SET4385.tmp
2022-04-27 00:37 - 2022-02-17 09:35 - 000522504 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klflt.sys
2022-04-27 00:37 - 2021-02-19 21:09 - 000110176 _____ (Kaspersky Lab ZAO) C:\WINDOWS\system32\klfphc.dll
2022-04-27 00:33 - 2022-04-27 00:33 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2022-04-26 23:53 - 2022-04-26 23:53 - 000096268 _____ C:\ProgramData\agent.update.1651009975.bdinstall.v2.bin
2022-04-26 23:38 - 2022-04-26 23:39 - 000000000 ____D C:\Program Files\CrystalDiskInfo
2022-04-26 23:38 - 2022-04-26 23:38 - 000001828 _____ C:\Users\Ricky\Desktop\CrystalDiskInfo.lnk
2022-04-26 23:38 - 2022-04-26 23:38 - 000000000 ____D C:\Users\Ricky\AppData\Local\Bitdefender
2022-04-26 23:38 - 2022-04-26 23:38 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2022-04-26 23:32 - 2022-04-26 23:32 - 000104576 _____ C:\ProgramData\agent.1651008716.bdinstall.v2.bin
2022-04-26 23:31 - 2022-04-26 23:32 - 000000000 ____D C:\ProgramData\Bitdefender Agent
2022-04-26 21:10 - 2022-04-26 21:10 - 000000000 ___HD C:\$SysReset
2022-04-26 17:56 - 2022-04-26 17:56 - 000000000 ____D C:\Users\Ricky\AppData\Local\mbam
2022-04-26 17:55 - 2022-04-26 17:55 - 000103888 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2022-04-26 17:55 - 2022-04-26 17:54 - 000021480 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamElam.sys
2022-04-26 17:54 - 2022-04-26 17:54 - 000000000 ____D C:\ProgramData\Malwarebytes
2022-04-26 17:34 - 2022-04-26 17:35 - 383950924 _____ C:\Users\Ricky\Downloads\X2Download.com-TURBO 25 LET full concert(360p).mp4
2022-04-25 19:07 - 2022-04-25 19:07 - 000000000 ____D C:\Program Files (x86)\AVAST Software
2022-04-25 19:05 - 2022-04-25 23:21 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2022-04-25 19:05 - 2022-04-25 23:21 - 000000000 ____D C:\Program Files\CCleaner
2022-04-25 19:05 - 2022-04-25 20:20 - 000000000 ____D C:\Users\Ricky\AppData\Local\Avast Software
2022-04-25 19:05 - 2022-04-25 19:05 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Avast Software
2022-04-25 19:01 - 2022-04-25 19:01 - 000000000 ____D C:\Program Files\Common Files\Avast Software
2022-04-25 18:59 - 2022-04-25 22:52 - 000000000 ____D C:\ProgramData\Avast Software
2022-04-25 18:59 - 2022-04-25 18:59 - 000000000 ____D C:\Program Files\Avast Software
2022-04-25 13:04 - 2022-04-25 13:04 - 001336397 _____ C:\Users\Ricky\Downloads\446.pdf
2022-04-21 18:40 - 2022-04-21 18:42 - 030291259 _____ C:\Users\Ricky\Downloads\Sazka Hry – Bonus Buy 200 CZK profit 360% Western Gold Megaways (1).mp4
2022-04-20 23:23 - 2022-04-20 23:23 - 042177437 _____ C:\Users\Ricky\Downloads\Daniel Landa - Žito - Uruz (oficiální videoklip).mp4
2022-04-20 15:43 - 2022-04-20 15:43 - 000000000 ____D C:\ProgramData\Solidshield
2022-04-18 18:39 - 2022-04-24 20:12 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Polda 6
2022-04-18 15:51 - 2022-04-18 15:51 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Steam
2022-04-18 15:51 - 2022-04-18 15:51 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Polda 7
2022-04-14 13:57 - 2022-04-14 13:57 - 000048640 _____ (Adobe Systems) C:\WINDOWS\system32\atmlib.dll
2022-04-14 13:57 - 2022-04-14 13:57 - 000039936 _____ (Adobe Systems) C:\WINDOWS\SysWOW64\atmlib.dll
2022-04-14 13:57 - 2022-04-14 13:57 - 000011803 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2022-04-14 13:56 - 2022-04-14 13:56 - 000162816 _____ C:\WINDOWS\system32\DataStoreCacheDumpTool.exe
2022-04-14 13:08 - 2022-04-14 13:08 - 000000000 ___HD C:\$WinREAgent
2022-04-13 11:26 - 2022-04-15 02:16 - 000000000 ____D C:\Program Files\Mozilla Firefox
2022-04-12 00:28 - 2022-04-12 00:42 - 759810929 _____ C:\Users\Ricky\Desktop\Nové video.mp4
2022-04-09 18:59 - 2022-04-09 20:07 - 1235758046 _____ C:\Users\Ricky\Downloads\Stalker Anomaly 151 in winter and 40 mods eng_rus lang.7z
==================== One month (modified) ==================
(If an entry is included in the fixlist, the file/folder will be moved.)
2022-04-27 12:34 - 2021-12-14 17:36 - 000000000 ____D C:\FRST
2022-04-27 12:32 - 2021-12-11 01:44 - 000000000 ____D C:\Program Files (x86)\Google
2022-04-27 12:04 - 2021-12-11 01:39 - 000000000 ____D C:\Users\Ricky\AppData\LocalLow\Mozilla
2022-04-27 12:03 - 2019-12-07 11:14 - 000000167 _____ C:\WINDOWS\win.ini
2022-04-27 12:02 - 2021-12-11 01:01 - 000003640 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2022-04-27 12:02 - 2021-12-11 01:01 - 000003516 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2022-04-27 12:01 - 2019-12-07 11:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2022-04-27 03:28 - 2021-12-11 03:02 - 000002386 _____ C:\Users\Ricky\Desktop\Docent - Chrome.lnk
2022-04-27 03:25 - 2021-12-11 00:59 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2022-04-27 02:53 - 2021-12-16 13:33 - 000000000 ____D C:\Users\Ricky\AppData\Local\CrashDumps
2022-04-27 02:41 - 2021-12-11 01:00 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2022-04-27 02:41 - 2021-12-11 00:59 - 000008192 ___SH C:\DumpStack.log.tmp
2022-04-27 02:40 - 2021-12-11 01:03 - 000065536 _____ C:\WINDOWS\psp_storage.bin
2022-04-27 02:40 - 2019-12-07 11:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2022-04-27 02:27 - 2021-12-11 16:01 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\IObit
2022-04-27 02:26 - 2022-02-05 18:30 - 000000000 ____D C:\Program Files (x86)\Steam
2022-04-27 01:56 - 2022-02-05 18:38 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2022-04-27 01:22 - 2019-12-07 11:14 - 000000000 ___HD C:\Program Files\WindowsApps
2022-04-27 01:22 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2022-04-27 00:40 - 2019-12-07 11:13 - 000000000 ____D C:\WINDOWS\INF
2022-04-27 00:38 - 2021-12-11 18:17 - 000000000 ____D C:\Program Files\Common Files\AV
2022-04-27 00:38 - 2019-12-07 11:03 - 000032768 _____ C:\WINDOWS\system32\config\ELAM
2022-04-27 00:37 - 2021-12-11 18:16 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2022-04-27 00:37 - 2021-12-11 18:16 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2022-04-27 00:37 - 2019-12-07 11:14 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2022-04-27 00:04 - 2021-12-11 01:29 - 000000000 ____D C:\Users\Ricky\AppData\Local\D3DSCache
2022-04-27 00:00 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2022-04-26 23:45 - 2021-12-11 03:09 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\vlc
2022-04-26 21:10 - 2021-12-11 00:30 - 000000000 ____D C:\WINDOWS\Panther
2022-04-26 20:16 - 2021-12-11 01:29 - 000000000 ____D C:\Users\Ricky\AppData\Local\Packages
2022-04-26 20:12 - 2021-12-11 19:24 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Office
2022-04-26 18:48 - 2020-04-11 19:34 - 000031232 _____ C:\Users\Ricky\Desktop\Earn2022.xlsx
2022-04-26 17:57 - 2021-12-14 19:26 - 000000000 ____D C:\Users\Ricky\AppData\LocalLow\IGDump
2022-04-26 17:54 - 2021-12-14 15:36 - 000000000 ____D C:\Program Files\Malwarebytes
2022-04-26 17:08 - 2022-03-03 14:42 - 000000000 ____D C:\ProgramData\F-Secure
2022-04-26 13:09 - 2021-12-11 16:02 - 000000000 ____D C:\Program Files (x86)\IObit
2022-04-26 12:06 - 2021-12-11 16:03 - 000000000 ____D C:\ProgramData\ProductData
2022-04-26 12:06 - 2021-12-11 16:02 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Driver Booster 9
2022-04-26 12:05 - 2022-01-01 20:57 - 000000000 ____D C:\Users\Ricky\AppData\Local\LogMeIn Hamachi
2022-04-25 23:35 - 2021-12-11 01:27 - 000000000 ____D C:\Users\Ricky
2022-04-25 23:34 - 2021-12-11 01:04 - 000002436 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2022-04-25 23:23 - 2021-12-11 16:02 - 000000000 ____D C:\Users\Ricky\AppData\LocalLow\IObit
2022-04-25 23:22 - 2021-12-11 16:01 - 000000000 ____D C:\ProgramData\IObit
2022-04-25 23:03 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\registration
2022-04-25 23:00 - 2022-03-03 14:44 - 000000000 ____D C:\Program Files (x86)\F-Secure
2022-04-25 00:23 - 2021-12-11 01:00 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2022-04-23 15:37 - 2022-02-09 19:46 - 000000000 ____D C:\ProgramData\Mozilla-1de4eec8-1241-4177-a864-e594e8d1fb38
2022-04-20 22:27 - 2021-12-11 01:44 - 000003474 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2022-04-20 22:27 - 2021-12-11 01:44 - 000003350 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2022-04-20 16:02 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\NDF
2022-04-20 12:05 - 2021-12-11 01:44 - 000002247 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2022-04-20 12:05 - 2021-12-11 01:44 - 000002206 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2022-04-19 14:31 - 2021-12-11 01:32 - 000003580 _____ C:\WINDOWS\system32\Tasks\OneDrive Reporting Task-S-1-5-21-3294239711-236292038-94065591-1001
2022-04-19 14:31 - 2021-12-11 01:31 - 000003374 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3294239711-236292038-94065591-1001
2022-04-19 14:31 - 2021-12-11 01:27 - 000002373 _____ C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2022-04-15 10:55 - 2021-12-11 01:20 - 001693136 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2022-04-15 10:55 - 2019-12-07 16:43 - 000716726 _____ C:\WINDOWS\system32\perfh005.dat
2022-04-15 10:55 - 2019-12-07 16:43 - 000144904 _____ C:\WINDOWS\system32\perfc005.dat
2022-04-15 02:16 - 2021-12-11 01:38 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2022-04-15 02:16 - 2021-12-11 00:59 - 000445248 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2022-04-15 02:13 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2022-04-15 02:12 - 2019-12-07 16:47 - 000000000 ____D C:\Program Files\Windows Defender Advanced Threat Protection
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\SystemResources
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\system32\Dism
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\ShellExperiences
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\Provisioning
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2022-04-15 02:12 - 2019-12-07 11:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2022-04-14 21:09 - 2022-01-01 22:28 - 000000000 ____D C:\Users\Ricky\Desktop\Liga
2022-04-14 14:05 - 2019-12-07 11:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2022-04-14 12:58 - 2021-12-11 03:39 - 000000000 ____D C:\WINDOWS\system32\MRT
2022-04-14 12:52 - 2021-12-11 03:39 - 143823848 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2022-04-13 14:49 - 2022-01-22 20:21 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2022-04-13 14:49 - 2021-12-11 01:39 - 000001005 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2022-04-09 17:05 - 2021-12-11 03:22 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Exodus
2022-04-09 17:04 - 2021-12-11 03:22 - 000002219 _____ C:\Users\Ricky\Desktop\Exodus.lnk
2022-04-09 17:04 - 2021-12-11 03:22 - 000000000 ____D C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Exodus Movement Inc
2022-04-09 17:03 - 2021-12-11 03:22 - 000000000 ____D C:\Users\Ricky\AppData\Local\exodus
2022-04-07 12:40 - 2021-12-11 13:16 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2022-04-05 12:35 - 2021-12-11 01:35 - 000004206 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1639179332
2022-04-05 12:35 - 2021-12-11 01:35 - 000001395 _____ C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2022-04-05 11:57 - 2022-02-17 09:34 - 001571680 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klhk.sys
2022-04-05 11:57 - 2022-02-17 09:34 - 000694056 _____ (AO Kaspersky Lab) C:\WINDOWS\system32\Drivers\klgse.sys
==================== SigCheck ============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ========================
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 22-04-2022
Ran by Ricky (27-04-2022 12:40:20)
Running from C:\Users\Ricky\Downloads
Microsoft Windows 10 Pro Version 21H2 19044.1645 (X64) (2021-12-10 23:16:50)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
(If an entry is included in the fixlist, it will be removed.)
Administrator (S-1-5-21-3294239711-236292038-94065591-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3294239711-236292038-94065591-503 - Limited - Disabled)
Guest (S-1-5-21-3294239711-236292038-94065591-501 - Limited - Disabled)
Ricky (S-1-5-21-3294239711-236292038-94065591-1001 - Administrator - Enabled) => C:\Users\Ricky
WDAGUtilityAccount (S-1-5-21-3294239711-236292038-94065591-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Kaspersky Internet Security (Disabled - Up to date) {4F76F112-43EB-40E8-11D8-F7BD1853EA23}
AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
FW: Kaspersky Internet Security (Disabled) {774D7037-0984-41B0-3A87-5E88E680AD58}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
Apowersoft Online Launcher version 1.8.1 (HKU\S-1-5-21-3294239711-236292038-94065591-1001\...\{20BF67A8-D81A-4489-8225-FABAA0896E2D}_is1) (Version: 1.8.1 - APOWERSOFT LIMITED)
CrystalDiskInfo 8.16.3 (HKLM\...\CrystalDiskInfo_is1) (Version: 8.16.3 - Crystal Dew World)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 11.0.0.1932 - Disc Soft Ltd)
Exodus (HKU\S-1-5-21-3294239711-236292038-94065591-1001\...\exodus) (Version: 22.3.31 - Exodus Movement Inc)
Kaspersky Internet Security (HKLM-x32\...\{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{4FC79BE9-AD63-46C0-9626-E4F6BCE6A976}) (Version: 21.3.10.391 - Kaspersky)
Kontrola stavu osobního počítače s Windows (HKLM\...\{D1F15F7A-707A-42BD-BE6B-3380616F796D}) (Version: 3.6.2204.08001 - Microsoft Corporation)
LogMeIn Hamachi (HKLM-x32\...\{ECC0FA07-863E-44BC-8B1D-DA22F96E5FB7}) (Version: 2.2.0.633 - LogMeIn, Inc.) Hidden
Malwarebytes version 4.5.8.191 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.5.8.191 - Malwarebytes)
Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version: - Microsoft)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Outlook Connector (HKLM-x32\...\{95140000-007A-0405-0000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3294239711-236292038-94065591-1001\...\OneDriveSetup.exe) (Version: 22.065.0412.0004 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.50918.0 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{7B1FCD52-8F6B-4F12-A143-361EA39F5E7C}) (Version: 3.67.0.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 Refresh (HKLM-x32\...\{D69C8EDE-BBC5-436B-8E0E-C5A6D311CF4F}) (Version: 4.0.30901.0 - Microsoft Corporation)
Mozilla Firefox (x64 cs) (HKLM\...\Mozilla Firefox 99.0.1 (x64 cs)) (Version: 99.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 95.0 - Mozilla)
Opera Stable 85.0.4341.53 (HKU\S-1-5-21-3294239711-236292038-94065591-1001\...\Opera 85.0.4341.53) (Version: 85.0.4341.53 - Opera Software)
WinRAR 6.02 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.02.0 - win.rar GmbH)
Packages:
=========
AMD Radeon Software -> C:\Program Files\WindowsApps\advancedmicrodevicesinc-2.amdradeonsoftware_10.20.50017.0_x64__0a9344xs7nr4m [2022-04-25] (Advanced Micro Devices Inc.) [Startup Task]
Doplněk multimediálního modulu pro aplikaci Fotografie -> C:\Program Files\WindowsApps\Microsoft.Photos.MediaEngineDLC_1.0.0.0_x64__8wekyb3d8bbwe [2022-04-25] (Microsoft Corporation)
Doplněk pro Fotky -> C:\Program Files\WindowsApps\Microsoft.Windows.Photos.DLC.Main_2021.39122.10110.0_x64__8wekyb3d8bbwe [2022-04-25] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.12.3171.0_x64__8wekyb3d8bbwe [2022-04-25] (Microsoft Studios) [MS Ad]
==================== Custom CLSID (Whitelisted): ==============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellExecuteHooks-x32: Groove GFS Stub Execution Hook - {B5A7F190-DDA6-4420-B3BA-52453494E6CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ShellIconOverlayIdentifiers: [F-Secure DataGuard Icon Overlay] -> {CA789262-D278-40F7-AC12-19C0395F9DD9} => C:\Program Files (x86)\F-Secure\SAFE\FsShellExtension64.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [Groove Explorer Icon Overlay 1 (GFS Unread Stub)] -> {99FD978C-D287-4F50-827F-B2C658EDA8E7} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [Groove Explorer Icon Overlay 2 (GFS Stub)] -> {AB5C5600-7E6E-4B06-9197-9ECEF74D31CC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [Groove Explorer Icon Overlay 2.5 (GFS Unread Folder)] -> {920E6DB1-9907-4370-B3A0-BAFC03D81399} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [Groove Explorer Icon Overlay 3 (GFS Folder)] -> {16F3DD56-1AF5-4347-846D-7C10C4192619} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ShellIconOverlayIdentifiers-x32-x32: [Groove Explorer Icon Overlay 4 (GFS Unread Mark)] -> {2916C86E-86A6-43FE-8112-43ABE6BF8DCC} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ContextMenuHandlers1: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-12-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-12-11] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ContextMenuHandlers4: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers4-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\WINDOWS\System32\atiacm64.dll [2021-05-27] (Advanced Micro Devices, Inc. -> Advanced Micro Devices, Inc.)
ContextMenuHandlers5-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
ContextMenuHandlers6: [IObitUninstaller] -> {836AB26C-2DE4-41D3-AC24-4C6C2699B960} => C:\Program Files (x86)\IObit\IObit Uninstaller\IUMenuRight.dll [2021-12-14] (IObit CO., LTD -> IObit)
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.3] -> {37303E08-14C9-4FC3-B1D9-7993682A4691} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\shellex.dll [2022-04-27] (AO Kaspersky Lab -> AO Kaspersky Lab)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2021-06-11] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [XXX Groove GFS Context Menu Handler XXX] -> {6C467336-8281-4E60-8204-430CED96822D} => C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll -> No File
==================== Codecs (Whitelisted) ====================
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Ricky\Desktop\Docent - Chrome.lnk -> C:\Program Files\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Default"
ShortcutWithArgument: C:\Users\Ricky\Desktop\TGM Panel - Respondent Portal.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efpbedmeibiphkmladchpkhjlbjmmdoh
ShortcutWithArgument: C:\Users\Ricky\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\TGM Panel - Respondent Portal.lnk -> C:\Program Files\Google\Chrome\Application\chrome_proxy.exe (Google LLC) -> --profile-directory=Default --app-id=efpbedmeibiphkmladchpkhjlbjmmdoh
==================== Loaded Modules (Whitelisted) =============
==================== Alternate Data Streams (Whitelisted) ========
==================== Safe Mode (Whitelisted) ==================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) =================
==================== Internet Explorer (Whitelisted) ==========
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer.dll [2020-01-31] (IObit Information Technology -> IObit)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll => No File
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveSystemServices.dll No File
==================== Hosts content: =========================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2019-12-07 11:14 - 2019-12-07 11:12 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ===========================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3294239711-236292038-94065591-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Ricky\Desktop\Surveytime návod\tapety plocha\Tapety\Leelee Sobieski II.jpg
DNS Servers: 86.49.5.221 - 86.49.5.222
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
==================== FirewallRules (Whitelisted) ================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [TCP Query User{74AB4A9C-ACC6-4E71-8B9F-A44F706F1A47}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [UDP Query User{3423A7DF-FD9F-4F81-BF48-88DFC0FAF624}C:\program files\google\chrome\application\chrome.exe] => (Block) C:\program files\google\chrome\application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [TCP Query User{F5F5F602-5C71-415E-9EFA-8CC1D1C983C2}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [UDP Query User{C76E6039-46CA-4FA2-A47B-8D8D435C30A4}C:\program files (x86)\steam\steam.exe] => (Allow) C:\program files (x86)\steam\steam.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{89FC954C-7BB7-4379-88E5-4FD43C6C596B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
FirewallRules: [{E7705576-3E74-41E5-B92B-457DD1C811AF}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe (Valve Corp. -> Valve Corporation)
==================== Restore Points =========================
22-04-2022 13:26:18 Naplánovaný kontrolní bod
25-04-2022 18:37:22 Removed F-Secure SAFE
25-04-2022 22:50:27 Operace obnovení
26-04-2022 17:05:52 Removed F-Secure SAFE
26-04-2022 19:06:12 Odebráno: Microsoft Office Enterprise 2007
26-04-2022 19:35:45 Odebráno: Microsoft Office File Validation Add-In
==================== Faulty Device Manager Devices ============
Name: LogMeIn Hamachi Virtual Ethernet Adapter
Description: LogMeIn Hamachi Virtual Ethernet Adapter
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: LogMeIn Inc.
Service: Hamachi
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
==================== Event log errors: ========================
Application errors:
==================
Error: (04/27/2022 02:58:27 AM) (Source: MsiInstaller) (EventID: 1023) (User: NT AUTHORITY)
Description: Aktualizaci KAVKISKTSKFA 2021 MR3, KSC 4.0 MR3 patch I produktu Kaspersky Internet Security nebylo možné nainstalovat. Kód chyby: 1603. Další informace naleznete v souboru protokolu C:\WINDOWS\Temp\kis.21.3.10.391i_03.27_00.57_3440.apply_patches.kis2021mr3.log.
Error: (04/27/2022 02:58:22 AM) (Source: MsiInstaller) (EventID: 10005) (User: NT AUTHORITY)
Description: Aplikace: Kaspersky Internet Security -- Chyba 27300. Chyba při instalaci ovladače klwtp.sys_x64. Kód chyby: -2147024891.<<29100>>
Error: (04/27/2022 02:53:25 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Explorer.EXE, verze: 10.0.19041.1645, časové razítko: 0x7c06cc0e
Název chybujícího modulu: unknown, verze: 0.0.0.0, časové razítko: 0x00000000
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000bd10fd8
ID chybujícího procesu: 0xfb4
Čas spuštění chybující aplikace: 0x01d859cf86601a0d
Cesta k chybující aplikaci: C:\WINDOWS\Explorer.EXE
Cesta k chybujícímu modulu: unknown
ID zprávy: e026371b-dee8-4570-8603-faf076fde138
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (04/27/2022 02:39:31 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny CoCreateInstance došlo k neočekávané chybě. hr= 0x8007045b, Probíhá vypnutí systému.
.
Error: (04/27/2022 02:39:31 AM) (Source: VSS) (EventID: 13) (User: )
Description: Informace služby Stínová kopie svazku: Server COM s identifikátorem CLSID {4e14fba2-2e22-11d1-9964-00c04fbbb345} a názvem CEventSystem nelze spustit. [0x8007045b, Probíhá vypnutí systému.
]
Error: (04/27/2022 02:01:17 AM) (Source: MsiInstaller) (EventID: 11704) (User: DESKTOP-J4POG28)
Description: Produkt: Microsoft Office Shared MUI (Czech) 2007 – Chyba 1704 Instalace produktu Kaspersky Internet Security je pozastavena. Chcete-li pokračovat, je nutné vrátit zpět změny provedené při instalaci. Chcete tyto změny vrátit zpět?
Error: (04/27/2022 02:00:54 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (04/27/2022 01:51:06 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: SystemSettings.exe, verze: 10.0.19041.1566, časové razítko: 0x4aa1ce82
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.19041.1645, časové razítko: 0x630193b4
Kód výjimky: 0xc000027b
Posun chyby: 0x000000000010b362
ID chybujícího procesu: 0x2158
Čas spuštění chybující aplikace: 0x01d859bf2c2278a7
Cesta k chybující aplikaci: C:\Windows\ImmersiveControlPanel\SystemSettings.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: fb5d81dd-9f31-4464-9ea1-ee08b975c7c1
Úplný název chybujícího balíčku: windows.immersivecontrolpanel_10.0.2.1000_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: microsoft.windows.immersivecontrolpanel
System errors:
=============
Error: (04/27/2022 02:58:27 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:26 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:26 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:26 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:25 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:25 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:25 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Error: (04/27/2022 02:58:23 AM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Type s touto chybou:
Přístup byl odepřen.
Windows Defender:
================
Date: 2022-04-26 15:56:24
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {C4ECBDB8-A547-4F5E-88C4-08656473E808}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-26 15:50:05
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {56A51F7C-A1F0-4E29-9E8A-E818732EE10E}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-26 15:34:57
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D3BB1821-A2CF-43D6-88E0-07B63D20443D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-26 15:28:07
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {D286D932-22EF-4E86-B0C5-6C2711035AE0}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2022-04-26 15:18:44
Description:
Prohledávání Antivirová ochrana v programu Microsoft Defender bylo zastaveno před dokončením.
ID prohledávání: {F15557B1-B9D9-41AE-BC52-AFA31A163BB5}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Event[0]:
Date: 2022-04-26 18:30:10
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x80070013
Popis chyby: Médium je chráněno proti zápisu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.
Date: 2022-04-25 23:31:23
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o načtení bezpečnostních informací a pokusí se o obnovení poslední známé funkční verze.
Bezpečnostní informace, které se měly načíst: Aktuální
Kód chyby: 0x80070003
Popis chyby: Systém nemůže nalézt uvedenou cestu.
Verze bezpečnostních informací: 0.0.0.0;0.0.0.0
Verze modulu: 0.0.0.0
Date: 2022-04-25 18:08:20
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.363.896.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.19200.5
Kód chyby: 0x80245004
Popis chyby: Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
CodeIntegrity:
===============
Date: 2022-04-27 12:01:41
Description:
Code Integrity determined that a process (\Device\HarddiskVolume4\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.3\x64\antimalware_provider.dll that did not meet the Windows signing level requirements.
==================== Memory info ===========================
BIOS: American Megatrends Inc. 3803 01/22/2018
Motherboard: ASUSTeK COMPUTER INC. PRIME A320M-K
Processor: AMD A8-9600 RADEON R7, 10 COMPUTE CORES 4C+6G
Percentage of memory in use: 64%
Total physical RAM: 7609.93 MB
Available physical RAM: 2702.28 MB
Total Virtual: 11449.93 MB
Available Virtual: 5503.71 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:243.54 GB) (Free:87.07 GB) NTFS
Drive d: (Data) (Fixed) (Total:687.37 GB) (Free:119.98 GB) NTFS
\\?\Volume{021c5c0c-9e50-450b-8871-4a934cf0b902}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.06 GB) NTFS
\\?\Volume{c86c9a0b-9742-48df-87f5-6f479d412bba}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ====================
==========================================================
Disk: 0 (Protective MBR) (Size: 931.5 GB) (Disk ID: 00000000)
Partition: GPT.
==================== End of Addition.txt =======================