Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

nejde háček na klávesnici . nikde v PC

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
jarod72pm
Návštěvník
Návštěvník
Příspěvky: 1
Registrován: 27 úno 2021 12:09

nejde háček na klávesnici . nikde v PC

#1 Příspěvek od jarod72pm »

Dobrý den , jsem už trochu zoufalý co se děje , aktualizace probíhají jak mají u win10 a mám placený Malwarebytes který pravidelně čistí a hlídá PC včetně občasného použití Adwcleaner - vše čisté ale háček nemohu zadat , po restartu PC jde asi pár sekund a pak zase nic nic nikde ani Office,poznámkový blok či internet :-/ pokusil jsem se o log z FRST - děkuji za pomoc

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 24-02-2021
Ran by jarod72pm (administrator) on LAPTOP-7V3GE381 (Acer Aspire A515-51G) (27-02-2021 14:24:41)
Running from C:\Users\jarod72pm\Downloads
Loaded Profiles: jarod72pm
Platform: Windows 10 Home Version 2004 19041.804 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Intel(R) Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxEM.exe
(Intel(R) Rapid Storage Technology -> Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\iaahcic.inf_amd64_120314e52c04567c\RstMwService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\dllhost.exe <2>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wscript.exe <3>
(Microsoft Windows -> Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_10.0.19041.740_none_e752aa59261f271f\TiWorker.exe
(NVIDIA Corporation -> NVIDIA Corporation) C:\Program Files\NVIDIA Corporation\Display.NvContainer\NVDisplay.Container.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp. -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(ZONER software, a.s. -> ZONER software) C:\Program Files\Zoner\Photo Studio 19\Program32\ZPSTray.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [19677472 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\Run: [cc72c9673efc55755537bcbc6332021b] => "powershell.exe" ..
HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 19\Program32\ZPSTRAY.EXE [604128 2018-11-01] (ZONER software, a.s. -> ZONER software)
HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\Policies\Explorer: [NoLowDiskSpaceChecks] 1
HKLM\...\Windows x64\Print Processors\xcthp1mpps: C:\Windows\System32\spool\prtprocs\x64\xcthp1mpps.dll [33280 2014-06-06] (Microsoft Windows Hardware Compatibility Publisher -> Xerox)
HKLM\...\Print\Monitors\Xerox Phaser 6020 Language Monitor: C:\Windows\system32\xcthp1mlm.dll [19456 2014-01-16] (Microsoft Windows Hardware Compatibility Publisher -> )
Startup: C:\Users\jarod72pm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\35476397.tmp.vbs [2021-02-27] () [File not signed]
Startup: C:\Users\jarod72pm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\693793.tmp.vbs [2021-02-27] () [File not signed]
Startup: C:\Users\jarod72pm\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\scriot.vbs [2021-02-27] () [File not signed]

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0F8FBDDD-7049-45A7-9437-3CD869B8438C} - System32\Tasks\Adobe Flash Player Updater => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
Task: {24A59D99-39CA-4BDD-9736-D98B2506D074} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {36B091CF-C078-4A3C-ADED-A43EE3E0D249} - System32\Tasks\CreateExplorerShellUnelevatedTask => C:\WINDOWS\explorer.exe /NOUACCHECK
Task: {3B93960E-1218-419D-A65C-4A0EC7C1EB9A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [474368 2019-09-25] (Acer Incorporated -> Acer Incorporated)
Task: {48458590-81A4-4F63-A2E3-8107D1FCF326} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {51AA5006-5988-4D04-80A0-6CBFF88B6C19} - System32\Tasks\Mozilla\Firefox Default Browser Agent E7CF176E110C211B => C:\Program Files (x86)\Mozilla Firefox\default-browser-agent.exe [694752 2021-02-26] (Mozilla Corporation -> Mozilla Foundation)
Task: {54240945-F1AB-40DF-84D8-3C57FB5A0226} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [668464 2017-02-25] (Intel(R) Trust Services -> Intel(R) Corporation)
Task: {703B3DC3-C061-4D58-BDC4-9C2A3596AA7B} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner64.exe [32440376 2021-01-06] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {729C6886-6A8C-43E3-AC66-3F25DAB08177} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [22993800 2021-02-15] (Microsoft Corporation -> Microsoft Corporation)
Task: {75268964-D469-4C3D-B93D-1C853E164FBD} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [3617568 2020-03-06] (Realtek Semiconductor Corp. -> Realtek Semiconductor)
Task: {95EF631A-8CCF-43C8-88CB-89321B78E32C} - System32\Tasks\ASC_SkipUac_jarod72pm => C:\Program Files (x86)\IObit\Advanced SystemCare\ASC.exe
Task: {9AECB681-BDF7-4D52-AE73-596BC0B6F58E} - System32\Tasks\klcp_update => C:\Program Files (x86)\K-Lite Codec Pack\Tools\CodecTweakTool.exe [1907712 2021-02-13] () [File not signed]
Task: {9F1562C7-15F1-4A33-9E3D-B13A12ADB7CA} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\WINDOWS\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-09] (Adobe Inc. -> Adobe)
Task: {A60CD77E-51DA-42C4-BBB7-814E7B92059F} - System32\Tasks\ASC_PerformanceMonitor => C:\Program Files (x86)\IObit\Advanced SystemCare\Monitor.exe
Task: {BFDE3F0E-309E-42C8-BE8F-E4D8B3327011} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)
Task: {E5C93BE4-8539-4683-BAF5-83B9A7D268BF} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\Office16\sdxhelper.exe [115016 2021-02-20] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 213.46.172.38 213.46.172.39
Tcpip\..\Interfaces\{383bef78-4aed-4d7b-b3d9-a473c2c26f80}: [DhcpNameServer] 192.168.42.129
Tcpip\..\Interfaces\{a7188fd9-7043-4b7f-b622-80de3f2e78ca}: [DhcpNameServer] 213.46.172.38 213.46.172.39

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\jarod72pm\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-27]
Edge StartupUrls: Default -> "hxxps://seznam.cz/"
Edge Extension: (Malwarebytes Browser Guard) - C:\Users\jarod72pm\AppData\Local\Microsoft\Edge\User Data\Default\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-01-18]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: mfpybs69.default
FF ProfilePath: C:\Users\jarod72pm\AppData\Roaming\Mozilla\Firefox\Profiles\mfpybs69.default [2021-02-27]
FF user.js: detected! => C:\Users\jarod72pm\AppData\Roaming\Mozilla\Firefox\Profiles\mfpybs69.default\user.js [2021-01-10]
FF Homepage: Mozilla\Firefox\Profiles\mfpybs69.default -> hxxp://www.seznam.cz/
FF Extension: (AdBlock — best ad blocker) - C:\Users\jarod72pm\AppData\Roaming\Mozilla\Firefox\Profiles\mfpybs69.default\Extensions\jid1-NIfFY2CA8fy1tg@jetpack.xpi [2021-02-24]
FF Extension: (Malwarebytes Browser Guard) - C:\Users\jarod72pm\AppData\Roaming\Mozilla\Firefox\Profiles\mfpybs69.default\Extensions\{242af0bb-db11-4734-b7a0-61cb8a9b20fb}.xpi [2021-02-14]
FF Extension: (No Name) - C:\Users\jarod72pm\AppData\Roaming\Mozilla\Firefox\Profiles\mfpybs69.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2021-01-29]
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-09] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)

Chrome:
=======
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 AdobeFlashPlayerUpdateSvc; C:\WINDOWS\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-09] (Adobe Inc. -> Adobe)
S3 Browser; C:\WINDOWS\System32\svchost.exe [57360 2020-10-17] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
S3 Browser; C:\WINDOWS\SysWOW64\svchost.exe [47016 2020-10-17] (Microsoft Windows Publisher -> Microsoft Corporation) <==== ATTENTION (no ServiceDLL)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8905608 2021-02-13] (Microsoft Corporation -> Microsoft Corporation)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-01-02] (Malwarebytes Inc -> Malwarebytes)
S3 OODefragAgent; C:\Program Files\OO Software\Defrag\oodag.exe [1733696 2017-10-19] (O&O Software GmbH -> O&O Software GmbH)
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\NisSrv.exe [2462960 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.2101.9-0\MsMpEng.exe [128376 2021-02-12] (Microsoft Windows Publisher -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 BthA2dp; C:\WINDOWS\System32\drivers\BthA2dp.sys [279040 2019-12-07] (Microsoft Corporation) [File not signed]
R1 ESProtectionDriver; C:\WINDOWS\system32\drivers\mbae64.sys [153312 2021-01-02] (Malwarebytes Corporation -> Malwarebytes)
S3 KsUSBa64; C:\WINDOWS\system32\drivers\ksUSBa64.sys [1738664 2020-10-14] (Microsoft Windows Hardware Compatibility Publisher -> Creative Technology Ltd.)
R3 LMDriver; C:\WINDOWS\System32\drivers\LMDriver.sys [31032 2019-02-22] (Acer Incorporated -> Acer Incorporated)
R0 MBAMChameleon; C:\WINDOWS\System32\Drivers\MbamChameleon.sys [220616 2021-02-15] (Malwarebytes Inc -> Malwarebytes)
S0 MbamElam; C:\WINDOWS\System32\DRIVERS\MbamElam.sys [19912 2021-01-02] (Microsoft Windows Early Launch Anti-malware Publisher -> Malwarebytes)
R3 MBAMFarflt; C:\WINDOWS\System32\DRIVERS\farflt.sys [198248 2021-02-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\WINDOWS\system32\DRIVERS\mbam.sys [77496 2021-02-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\WINDOWS\System32\Drivers\mbamswissarmy.sys [248992 2021-02-27] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\WINDOWS\system32\DRIVERS\mwac.sys [142416 2021-02-27] (Malwarebytes Inc -> Malwarebytes)
R3 RadioShim; C:\WINDOWS\System32\drivers\RadioShim.sys [25400 2019-02-22] (Acer Incorporated -> Acer Incorporated)
S3 UsbserFilt; C:\WINDOWS\System32\drivers\usbser_lowerfltjx64.sys [9216 2013-01-23] (Nokia) [File not signed]
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [49552 2021-02-12] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [419040 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 wdm_usb; C:\WINDOWS\System32\drivers\usb2ser.sys [151184 2016-07-15] (NGO -> MBB)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [71912 2021-02-12] (Microsoft Windows -> Microsoft Corporation)
S3 AscFileControl; \??\C:\Program Files (x86)\IObit\Advanced SystemCare\drivers\win10_amd64\AscFileControl.sys [X]
S3 cpuz145; \??\C:\WINDOWS\temp\cpuz145\cpuz145_x64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-27 14:24 - 2021-02-27 14:26 - 000014287 _____ C:\Users\jarod72pm\Downloads\FRST.txt
2021-02-27 14:22 - 2021-02-27 14:23 - 000000000 ____D C:\Users\jarod72pm\AppData\LocalLow\IGDump
2021-02-27 14:22 - 2021-02-27 14:22 - 000198248 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\farflt.sys
2021-02-27 14:22 - 2021-02-27 14:22 - 000142416 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mwac.sys
2021-02-27 14:22 - 2021-02-27 14:22 - 000077496 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2021-02-27 12:37 - 2021-02-27 14:25 - 000000000 ____D C:\FRST
2021-02-27 12:36 - 2021-02-27 12:36 - 002301440 _____ (Farbar) C:\Users\jarod72pm\Downloads\FRST64.exe
2021-02-27 12:05 - 2021-02-27 12:05 - 000388608 _____ (Trend Micro Inc.) C:\Users\jarod72pm\Downloads\hijackthis.exe
2021-02-27 12:01 - 2021-02-27 12:01 - 000248992 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamswissarmy.sys
2021-02-26 16:46 - 2021-02-26 16:46 - 008463216 _____ (Malwarebytes) C:\Users\jarod72pm\Desktop\adwcleaner_8.1.exe
2021-02-26 11:06 - 2021-02-26 11:06 - 000000000 ____D C:\WINDOWS\system32\Tasks\Mozilla
2021-02-24 13:15 - 2021-02-24 13:15 - 000001304 _____ C:\ProgramData\Desktop\Media Player Classic.lnk
2021-02-24 13:13 - 2021-02-24 13:13 - 060824851 _____ (KLCP ) C:\Users\jarod72pm\Downloads\K-Lite_Codec_Pack_1602_Mega.exe
2021-02-16 10:52 - 2021-02-16 13:46 - 000000000 ____D C:\Users\jarod72pm\Desktop\telefon záloha SD karty
2021-02-15 12:14 - 2021-02-15 12:14 - 000220616 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MbamChameleon.sys
2021-02-12 14:55 - 2021-02-12 14:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.tlb
2021-02-12 14:55 - 2021-02-12 14:55 - 002755584 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.tlb
2021-02-12 14:55 - 2021-02-12 14:55 - 001314112 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecConfig.efi
2021-02-12 14:55 - 2021-02-12 14:55 - 000010892 _____ C:\WINDOWS\system32\DrtmAuthTxt.wim
2021-02-12 14:53 - 2021-02-12 14:53 - 000231232 _____ C:\WINDOWS\system32\containerdevicemanagement.dll
2021-02-08 18:59 - 2021-02-08 19:01 - 000000111 _____ C:\Users\jarod72pm\Desktop\pneu na léto.txt
2021-02-08 18:55 - 2021-02-08 18:55 - 000000095 _____ C:\Users\jarod72pm\Desktop\pneu na zimu.txt
2021-02-05 07:08 - 2021-02-05 07:08 - 000000436 _____ C:\Users\jarod72pm\Desktop\Tento počítač.lnk
2021-01-28 15:27 - 2021-01-28 15:27 - 000002900 _____ C:\WINDOWS\system32\Tasks\CCleanerSkipUAC
2021-01-28 15:26 - 2021-02-27 14:23 - 000000000 ____D C:\Program Files\CCleaner
2021-01-28 15:26 - 2021-01-28 15:26 - 000000871 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-01-28 15:26 - 2021-01-28 15:26 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-01-28 15:23 - 2021-01-13 16:49 - 000000000 ____D C:\Users\jarod72pm\Desktop\CCleaner 5.76.8269 Free_Professional_Business_Technician Edition RePack (& Portable) by KpoJIuK

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-27 14:22 - 2019-12-07 10:14 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2021-02-27 14:22 - 2018-06-08 13:29 - 000000000 __SHD C:\Users\jarod72pm\IntelGraphicsProfiles
2021-02-27 14:21 - 2020-06-11 18:07 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2021-02-27 14:21 - 2020-06-11 17:47 - 000008192 ___SH C:\DumpStack.log.tmp
2021-02-27 14:21 - 2020-02-26 09:15 - 000000000 ____D C:\ProgramData\NVIDIA
2021-02-27 14:21 - 2019-12-07 10:03 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2021-02-27 14:10 - 2020-02-26 10:48 - 000000000 ____D C:\ProgramData\Mozilla
2021-02-27 14:10 - 2018-06-08 13:43 - 000000000 ____D C:\Users\jarod72pm\AppData\LocalLow\Mozilla
2021-02-27 13:49 - 2020-06-11 17:47 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2021-02-27 12:01 - 2020-08-03 11:40 - 000438944 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2021-02-27 11:45 - 2020-06-15 07:36 - 001271504 _____ C:\Users\jarod72pm\Desktop\purchased goods.one
2021-02-26 23:24 - 2020-06-11 17:23 - 000000000 ____D C:\Users\jarod72pm
2021-02-26 17:07 - 2020-12-18 07:19 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-02-26 11:06 - 2017-09-27 08:16 - 000001232 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Firefox.lnk
2021-02-25 12:37 - 2019-12-07 10:14 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-25 12:37 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\AppReadiness
2021-02-24 13:15 - 2020-06-11 18:07 - 000003200 _____ C:\WINDOWS\system32\Tasks\klcp_update
2021-02-24 13:15 - 2020-02-28 16:24 - 000000000 ____D C:\Program Files (x86)\K-Lite Codec Pack
2021-02-24 13:15 - 2018-06-08 14:17 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\K-Lite Codec Pack
2021-02-23 10:34 - 2019-12-07 10:13 - 000000000 ____D C:\WINDOWS\INF
2021-02-22 18:06 - 2021-01-24 14:46 - 000000000 ____D C:\Program Files\Microsoft Update Health Tools
2021-02-20 18:01 - 2017-09-27 08:20 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2021-02-19 15:10 - 2020-06-10 20:57 - 000002425 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-19 15:10 - 2020-06-10 20:57 - 000002263 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-12 17:04 - 2020-06-11 17:55 - 001499870 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2021-02-12 17:04 - 2020-02-26 09:50 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2021-02-12 17:04 - 2019-12-07 15:41 - 000627322 _____ C:\WINDOWS\system32\perfh005.dat
2021-02-12 17:04 - 2019-12-07 15:41 - 000123852 _____ C:\WINDOWS\system32\perfc005.dat
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SysWOW64\Keywords
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\SystemResources
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\oobe
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\Keywords
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\system32\es-MX
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\bcastdvr
2021-02-12 16:57 - 2019-12-07 10:14 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-12 16:57 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\servicing
2021-02-12 15:06 - 2019-12-07 10:03 - 000000000 ____D C:\WINDOWS\CbsTemp
2021-02-12 14:30 - 2020-06-11 14:34 - 000000000 ___HD C:\$WinREAgent
2021-02-12 14:23 - 2020-02-27 06:06 - 000000000 ____D C:\WINDOWS\system32\MRT
2021-02-12 14:08 - 2020-02-27 06:06 - 130141752 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2021-02-12 12:17 - 2019-04-04 09:38 - 000000000 ____D C:\Users\jarod72pm\Desktop\foto auto
2021-02-11 14:00 - 2020-06-11 18:07 - 000003584 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-11 14:00 - 2020-06-11 18:07 - 000003460 _____ C:\WINDOWS\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-09 20:27 - 2020-08-11 09:37 - 000000000 ____D C:\Users\jarod72pm\AppData\Roaming\Electrum
2021-02-05 20:04 - 2021-01-24 14:46 - 000734016 _____ (Microsoft Corporation) C:\WINDOWS\system32\sedplugins.dll
2021-02-05 20:03 - 2021-01-24 14:46 - 000470848 _____ (Microsoft Corporation) C:\WINDOWS\system32\QualityUpdateAssistant.dll
2021-01-29 16:22 - 2020-02-26 10:10 - 000000000 ____D C:\Users\jarod72pm\AppData\Local\Packages
2021-01-28 15:31 - 2020-03-16 06:03 - 000000000 ____D C:\Users\jarod72pm\AppData\Local\CrashDumps
2021-01-28 15:31 - 2019-12-07 10:14 - 000000000 ____D C:\WINDOWS\LiveKernelReports

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ========================


Additional scan result of Farbar Recovery Scan Tool (x64) Version: 24-02-2021
Ran by jarod72pm (27-02-2021 14:27:42)
Running from C:\Users\jarod72pm\Downloads
Windows 10 Home Version 2004 19041.804 (X64) (2020-06-11 17:07:56)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1039793301-733381872-4162286212-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-1039793301-733381872-4162286212-503 - Limited - Disabled)
Guest (S-1-5-21-1039793301-733381872-4162286212-501 - Limited - Disabled)
jarod72pm (S-1-5-21-1039793301-733381872-4162286212-1001 - Administrator - Enabled) => C:\Users\jarod72pm
WDAGUtilityAccount (S-1-5-21-1039793301-733381872-4162286212-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
CCleaner (HKLM\...\CCleaner) (Version: 5.76.8269 - Piriform Ltd.)
Discord (HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\Discord) (Version: 0.0.308 - Discord Inc.)
Electrum (HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\Electrum) (Version: 4.0.9 - Electrum Technologies GmbH)
FORScan verze 2.3.34.beta (HKLM-x32\...\{63310483-6490-44CD-B351-8F66C2923070}_is1) (Version: 2.3.34.beta - Alexey Savin)
Intel(R) Chipset Device Software (HKLM-x32\...\{17408817-d415-4768-a160-ae6d46d6bdb0}) (Version: 10.1.1.44 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1028 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4691 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 15.7.0.1014 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1713.2 - Intel Corporation)
K-Lite Mega Codec Pack 16.0.2 (HKLM-x32\...\KLiteCodecPack_is1) (Version: 16.0.2 - KLCP)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 88.0.705.74 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.141.59 - )
Microsoft Office 2016 pro domácnosti - cs-cz (HKLM\...\HomeStudentRetail - cs-cz) (Version: 16.0.13628.20448 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 18.151.0729.0013 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1039793301-733381872-4162286212-1001\...\OneDriveSetup.exe) (Version: 20.201.1005.0009 - Microsoft Corporation)
Microsoft Update Health Tools (HKLM\...\{99FAF70F-9B61-4AB0-9EC0-B31F98FFDC4A}) (Version: 2.75.0.0 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.30319 (HKLM\...\{DA5E371C-6333-3D8A-93A4-6FD5B20BCC6E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.30319 (HKLM-x32\...\{196BB40D-1578-3D01-B289-BEFC77A11A1E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.21005 (HKLM-x32\...\{7f51bdb9-ee21-49ee-94d6-90afc321780e}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.21005 (HKLM-x32\...\{ce085a78-074e-4823-8dc1-8a721b94b76d}) (Version: 12.0.21005.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23026 (HKLM-x32\...\{74d0e5db-b326-4dae-a6b2-445b9de1836e}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 86.0 (x64 cs) (HKLM\...\Mozilla Firefox 86.0 (x64 cs)) (Version: 86.0 - Mozilla)
NVIDIA Ovladače grafiky 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 441.20 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.19.0218 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.19.0218 - NVIDIA Corporation)
O&O Defrag Professional (HKLM\...\{24101C5E-D049-4E8E-8B12-C90B7DB38C0A}) (Version: 21.1.1211 - O&O Software GmbH)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.13628.20330 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.13628.20274 - Microsoft Corporation) Hidden
Ovládací panel NVIDIA 441.20 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 441.20 - NVIDIA Corporation) Hidden
Qualcomm Atheros 11ac Wireless LAN Installer (HKLM-x32\...\{20CA507E-24AA-4741-87CF-CC1B250790B7}) (Version: 11.0.10434 - Qualcomm)
Qualcomm Atheros Bluetooth Installer (64) (HKLM\...\{628988B4-3FA5-4EA6-BAA3-DA640F6718BD}) (Version: 10.0.0.312 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.15063.21299 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.16.323.2017 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.8907.1 - Realtek Semiconductor Corp.)
ScanMaster-ELM 2.1.104.771 (HKLM\...\ScanMaster-ELM_is1) (Version: 2.1.104.771 - WGSoft.de)
Sound Blaster Play! 3 (HKLM-x32\...\{20837D98-7F82-4CE1-8DBE-0B33AA958B9E}) (Version: 1.01.08 - Creative Technology Limited)
Sound Blaster Play! 3 Extras (HKLM-x32\...\{5F53C7B7-717F-4785-A6CA-BB6ADA432A14}) (Version: 1.0 - Creative Technology Limited)
TouchScan (HKLM-x32\...\{142BB01A-A93E-4AEA-BFBB-EF00456763D8}) (Version: 2.16.3 - OCTech, LLC)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1-2) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
WinRAR 6.00 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Zoner Photo Studio X (HKLM\...\ZonerPhotoStudioX_CZ_is1) (Version: 19.1809.2.84 - ZONER software)

Packages:
=========
abFiles -> C:\Program Files\WindowsApps\acerincorporated.abfiles_1.0.7.0_x86__48frkmn4z8aw4 [2020-02-26] (Acer Incorporated)
abPhoto -> C:\Program Files\WindowsApps\AcerIncorporated.6245439DEEE9E_1.0.10.0_x86__48frkmn4z8aw4 [2020-02-26] (Acer Incorporated)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.9.1252.0_x64__8wekyb3d8bbwe [2021-02-01] (Microsoft Studios) [MS Ad]

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [ ACloudSynced] -> {5CCE71FA-9F61-4F24-9CD1-98D819B40D68} => -> No File
ShellIconOverlayIdentifiers: [ ACloudSyncing] -> {C1E1456F-C2D8-4C96-870D-35F1E13941EE} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ShellIconOverlayIdentifiers: [ ACloudToBeSynced] -> {307523FA-DDC0-4068-983F-2A6B34627744} => C:\Program Files (x86)\Acer\shellext\x64\shellext_win.dll [2017-06-07] (Acer Incorporated -> Acer Incorporated)
ContextMenuHandlers1: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2017-10-19] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2017-10-19] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxDTCM.dll [2017-11-13] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2019-11-07] (NVIDIA Corporation -> NVIDIA Corporation)
ContextMenuHandlers6: [BriefcaseMenu] -> {85BBD920-42A0-1069-A2E4-08002B30309D} => -> No File
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-03] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [OODefrag] -> {48EAD1E1-ECF2-4a85-AA09-1C44FBEED451} => C:\Program Files\OO Software\Defrag\oodsh.dll [2017-10-19] (O&O Software GmbH -> O&O Software GmbH)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\system32\x264vfw64.dll [3799552 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\system32\lagarith.dll [148992 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\system32\xvidvfw.dll [310784 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\system32\ac3acm.acm [180736 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.X264] => C:\Windows\SysWOW64\x264vfw.dll [3850240 2017-07-30] (x264vfw project) [File not signed]
HKLM\...\Drivers32: [VIDC.LAGS] => C:\Windows\SysWOW64\lagarith.dll [216064 2011-12-07] () [File not signed]
HKLM\...\Drivers32: [VIDC.XVID] => C:\Windows\SysWOW64\xvidvfw.dll [284160 2019-12-28] () [File not signed]
HKLM\...\Drivers32: [msacm.ac3acm] => C:\Windows\SysWOW64\ac3acm.acm [122880 2012-07-21] (fccHandler) [File not signed]
HKLM\...\Drivers32: [VIDC.FFDS] => C:\Windows\SysWOW64\ff_vfw.dll [112128 2015-10-24] () [File not signed]

==================== Shortcuts & WMI ========================

==================== Loaded Modules (Whitelisted) =============

2020-03-08 12:37 - 2016-10-17 18:29 - 003842048 _____ (Terra Informatica Software, Inc.) [File not signed] C:\Program Files\Zoner\Photo Studio 19\Program32\sciter32.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKU\S-1-5-21-1039793301-733381872-4162286212-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer17win10.msn.com/?pc=ACTE
BHO: Skype for Business Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2021-02-04] (Microsoft Corporation -> Microsoft Corporation)

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2017-03-18 22:03 - 2021-02-27 14:10 - 000000852 _____ C:\WINDOWS\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\iCLS Client;C:\Program Files\Intel\iCLS Client;C:\Windows\system32;C:\Windows;C:\Windows\System32\Wbem;C:\Windows\System32\WindowsPowerShell\v1.0;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files\Intel\Intel(R) Management Engine Components\DAL;C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files\Intel\Intel(R) Management Engine Components\IPT;C:\Program Files (x86)\NVIDIA Corporation\PhysX\Common;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0;%SYSTEMROOT%\System32\OpenSSH
HKU\S-1-5-21-1039793301-733381872-4162286212-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\jarod72pm\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 213.46.172.38 - 213.46.172.39
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: Warn)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Restore Points =========================

31-12-2020 19:35:58 Naplánovaný kontrolní bod
15-01-2021 15:19:41 Instalační služba modulů systému Windows
15-01-2021 15:34:46 Instalační služba modulů systému Windows
25-01-2021 18:53:05 Naplánovaný kontrolní bod
12-02-2021 14:24:01 Instalační služba modulů systému Windows
12-02-2021 14:30:20 Instalační služba modulů systému Windows

==================== Faulty Device Manager Devices ============

Name: Detection Verification
Description: Detection Verification
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (02/27/2021 02:22:05 PM) (Source: Windows Search Service) (EventID: 10021) (User: )
Description: Nelze načíst informace registru o čítači výkonu pro WSearchIdxPi pro instanci z důvodu následující chyby: Operace byla dokončena úspěšně. 0x0.

Error: (02/27/2021 02:22:04 PM) (Source: Windows Search Service) (EventID: 3007) (User: )
Description: Sledování výkonu objektu indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.

Kontext: aplikace , katalog SystemIndex

Error: (02/27/2021 02:21:59 PM) (Source: Windows Search Service) (EventID: 3006) (User: )
Description: Sledování výkonu služby indexovacího modulu nebylo inicializováno, protože nejsou načteny čítače nebo nebyl otevřen sdílený objekt paměti. Tato skutečnost má vliv pouze na dostupnost čítačů výkonu. Restartujte počítač.


System errors:
=============
Error: (02/27/2021 02:24:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/27/2021 02:24:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).

Error: (02/27/2021 02:24:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/27/2021 02:24:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).

Error: (02/27/2021 02:24:11 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/27/2021 02:24:11 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).

Error: (02/27/2021 02:22:35 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Browser neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (02/27/2021 02:22:35 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Browser bylo dosaženo časového limitu (30000 ms).


Windows Defender:
================
Date: 2021-02-12 17:03:33
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Bladabindi
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.2803.0, AS: 1.329.2803.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.17700.4, NIS: 0.0.0.0

Date: 2021-02-12 17:03:33
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Backdoor:MSIL/RevengeRat
Závažnost: Vážné
Kategorie: Zadní vrátka
Cesta: amsi:_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Systém
Uživatel: NT AUTHORITY\SYSTEM
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.2803.0, AS: 1.329.2803.0, NIS: 0.0.0.0
Verze modulu: AM: 1.1.17700.4, NIS: 0.0.0.0

Date: 2021-01-25 12:38:00
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/MaleficAms.B
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid:8476:111823616695672; process:_pid:8476,ProcessStart:132560482150062080
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.329.2803.0, AS: 1.329.2803.0, NIS: 1.329.2803.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-25 12:37:58
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Behavior:Win32/MaleficAms.B
Závažnost: Vážné
Kategorie: Podezřelé chování
Cesta: behavior:_pid:8476:111823616695672; process:_pid:8476,ProcessStart:132560482150062080
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: Neznámý
Uživatel:
Název procesu: Unknown
Verze bezpečnostních informací: AV: 1.329.2803.0, AS: 1.329.2803.0, NIS: 1.329.2803.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-01-25 12:37:55
Description:
Antivirová ochrana v programu Microsoft Defender zjistil malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0
Název: Trojan:MSIL/Bladabindi
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: amsi:_C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Původ detekce: Neznámý
Typ detekce: Konkrétní
Zdroj detekce: AMSI
Uživatel: LAPTOP-7V3GE381\jarod72pm
Název procesu: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Verze bezpečnostních informací: AV: 1.329.2803.0, AS: 1.329.2803.0, NIS: 1.329.2803.0
Verze modulu: AM: 1.1.17700.4, NIS: 1.1.17700.4

Date: 2021-02-27 14:20:41
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2803.0
Zdroj aktualizace: Server Microsoft Update
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému.

Date: 2021-01-25 12:25:55
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Při přístupu
Kód chyby: 0x8007043c
Popis chyby: Tuto službu nelze spustit v nouzovém režimu.
Důvod: Antimalwarové bezpečnostní informace přestaly z neznámých důvodů fungovat. V některých případech se tento problém dá vyřešit restartováním služby.

Date: 2021-01-25 12:23:51
Description:
Funkce Ochrana v reálném čase u prohledávání Antivirová ochrana v programu Microsoft Defender zjistila chybu a došlo k jejímu selhání.
Funkce: Systém kontroly sítě
Kód chyby: 0x8007045b
Popis chyby: Probíhá vypnutí systému.
Důvod: V systému chybí aktualizace potřebné ke spuštění systému kontroly sítě. Nainstalujte potřebné aktualizace a restartujte zařízení.

Date: 2021-01-25 12:09:20
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2803.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

Date: 2021-01-25 12:09:20
Description:
Antivirová ochrana v programu Microsoft Defender narazil na chybu při pokusu o aktualizaci bezpečnostních informací.
Nová verze bezpečnostních informací:
Předchozí verze bezpečnostních informací: 1.329.2803.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ bezpečnostních informací: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.17700.4
Kód chyby: 0x80072ee7
Popis chyby: Nelze rozpoznat název nebo adresu serveru.

CodeIntegrity:
===============
Date: 2021-02-27 14:22:07
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-08 14:22:21
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Program Files (x86)\Mozilla Firefox\firefox.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Microsoft signing level requirements.


==================== Memory info ===========================

BIOS: Insyde Corp. V1.09 08/01/2017
Motherboard: KBL Charmander_KL
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 26%
Total physical RAM: 12163.6 MB
Available physical RAM: 8983.71 MB
Total Virtual: 13187.6 MB
Available Virtual: 9300.85 MB

==================== Drives ================================

Drive c: (System) (Fixed) (Total:466.09 GB) (Free:373.33 GB) NTFS
Drive d: (Data) (Fixed) (Total:464.3 GB) (Free:212.27 GB) NTFS

\\?\Volume{ebd2f13d-0574-4197-af51-725e36ca86da}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.5 GB) NTFS
\\?\Volume{d8257bec-e623-4045-907e-0dae5718a516}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 6908E2F1)

Partition: GPT.

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15192
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: nejde háček na klávesnici . nikde v PC

#2 Příspěvek od JaRon »

Ahoj
Mas to zavirene, vycisti PC s AVPTool
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Odpovědět