Prosím o preventivni kontrolu PC - log z RSIT přiložen

Zpráva

Pitrisek · #16 Příspěvek od **Pitrisek** » 10 úno 2018 18:49

Log z FRST (Addition.txt):

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by Petr (10-02-2018 18:42:02)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1709 16299.192 (X64) (2017-11-02 14:32:23)
Boot Mode: Normal
==========================================================

==================== Accounts: =============================

Administrator (S-1-5-21-760769228-1290641064-2046472209-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-760769228-1290641064-2046472209-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-760769228-1290641064-2046472209-1000 - Limited - Disabled) => C:\Users\defaultuser0
Guest (S-1-5-21-760769228-1290641064-2046472209-501 - Limited - Disabled)
Petr (S-1-5-21-760769228-1290641064-2046472209-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-760769228-1290641064-2046472209-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: ESET Internet Security (Enabled - Up to date) {EC1D6F37-E411-475A-DF50-12FF7FE4AC70}
AS: ESET Internet Security (Enabled - Up to date) {577C8ED3-C22B-48D4-E5E0-298D0463E6CD}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ESET Firewall (Enabled) {D426EE12-AE7E-4602-F40F-BBCA8137EB0B}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

7-Zip 16.04 (x64) (HKLM\...\7-Zip) (Version: 16.04 - Igor Pavlov)
Adobe Flash Player 28 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 28.0.0.161 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.23) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.23 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Aktualizace NVIDIA 31.0.1.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.0.1.0 - NVIDIA Corporation) Hidden
Armored Warfare MyCom (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Armored Warfare MyCom) (Version: 1.119 - My.com B.V.)
Battle.net (HKLM-x32\...\Battle.net) (Version: - Blizzard Entertainment)
Battlelog Web Plugins (HKLM-x32\...\Battlelog Web Plugins) (Version: 2.3.0 - EA Digital Illusions CE AB)
Canon LBP2900 (HKLM\...\Canon LBP2900) (Version: - )
CanoScan 4400F (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_CNQ4803) (Version: - )
CCleaner (HKLM\...\CCleaner) (Version: 5.39 - Piriform)
Crossout Launcher 1.0.3.18 (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\CrossOutLauncher_is1) (Version: - )
Discord (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Discord) (Version: 0.0.300 - Discord Inc.)
ESET Security (HKLM\...\{3EB22EED-2263-4174-9F36-09BD15A7AEF8}) (Version: 11.0.159.5 - ESET, spol. s r.o.)
ESN Sonar (HKLM-x32\...\ESN Sonar-0.70.4) (Version: 0.70.4 - ESN Social Software AB)
Farming Simulator 17 (HKLM-x32\...\FarmingSimulator2017_is1) (Version: 1.0.0.0 - GIANTS Software)
FastShare.cz verze 2.3.1 (HKLM-x32\...\FastShare.cz_is1) (Version: 2.3.1 - )
FormatFactory 4.1.0.0 (HKLM-x32\...\FormatFactory) (Version: 4.1.0.0 - Free Time)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.21.169 - Google Inc.) Hidden
Hellspy Download Klient verze 1.1.0 (HKLM-x32\...\{13E6D19D-4878-43E7-894F-3655CE017038}_is1) (Version: 1.1.0 - Hellspy.cz)
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.7.0.1043 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1633.3 - Intel Corporation)
Intel(R) Trusted Connect Service Client x86 (HKLM-x32\...\{C9552825-7BF2-4344-BA91-D3CD46F4C441}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Trusted Connect Services Client (HKLM-x32\...\{2b32b7d0-4f9f-47c8-adb7-807e6cb2fb75}) (Version: 1.47.715.0 - Intel Corporation) Hidden
Intel(R) Update Manager (HKLM-x32\...\{89E5F369-612A-4A5E-8BF2-7938C76ABF29}) (Version: 3.0.135 - Intel Corporation)
Intel® Chipset Device Software (HKLM-x32\...\{bb0592a7-5772-4736-9d55-2402740085db}) (Version: 10.1.1.38 - Intel(R) Corporation) Hidden
Intel® Security Assist (HKLM-x32\...\{4B230374-6475-4A73-BA6E-41015E9C5013}) (Version: 1.0.0.532 - Intel Corporation)
Intel® Small Business Advantage (HKLM-x32\...\{C7A82877-2365-4A03-B23F-DFDD629B7F3A}) (Version: 4.0.44 - Intel Corporation)
Java 8 Update 161 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180161F0}) (Version: 8.0.1610.12 - Oracle Corporation)
Microsoft Access database engine 2010 (English) (HKLM\...\{90140000-00D1-0409-1000-0000000FF1CE}) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Chart Controls for Microsoft .NET Framework 3.5 (HKLM-x32\...\{41785C66-90F2-40CE-8CB5-1C94BFC97280}) (Version: 3.5.0.0 - Microsoft Corporation)
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.9001.2138 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\OneDriveSetup.exe) (Version: 17.3.7294.0108 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Mozilla Firefox 58.0.2 (x64 cs) (HKLM\...\Mozilla Firefox 58.0.2 (x64 cs)) (Version: 58.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 58.0.2.6611 - Mozilla)
My.com Game Center (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\MyComGames) (Version: 3.199 - My.com B.V.)
Nexus Mod Manager (HKLM\...\6af12c54-643b-4752-87d0-8335503010de_is1) (Version: 0.63.14 - Black Tree Gaming)
NVIDIA GeForce Experience 3.11.0.73 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.11.0.73 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Ovladač HD audia 1.3.35.1 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_HDAudio.Driver) (Version: 1.3.35.1 - NVIDIA Corporation)
NVIDIA Ovladač řídící jednotky 3D Vision 369.04 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.NVIRUSB) (Version: 369.04 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 388.31 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9001.2138 - Microsoft Corporation) Hidden
Origin (HKLM-x32\...\Origin) (Version: 10.5.8.17910 - Electronic Arts, Inc.)
Ovládací panel NVIDIA 388.31 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 388.31 - NVIDIA Corporation) Hidden
PunkBuster Services (HKLM-x32\...\PunkBusterSvc) (Version: 0.994 - Even Balance, Inc.)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8302 - Realtek Semiconductor Corp.)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung_MonSetup (HKLM-x32\...\{8EA79DBF-D637-448A-89D6-410A087A4493}) (Version: 1.00.0000 - Samsung)
Speccy (HKLM\...\Speccy) (Version: 1.30 - Piriform)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
TeamSpeak 3 Client (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\TeamSpeak 3 Client) (Version: 3.1.4 - TeamSpeak Systems GmbH)
Total Commander 64-bit (Remove or Repair) (HKLM\...\Totalcmd64) (Version: 9.0a - Ghisler Software GmbH)
Total War Arena (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\TWA.EU.PRODUCTION) (Version: - Wargaming.net)
UE4 Prerequisites (x64) (HKLM\...\{36EAD5CF-44EF-4FCF-8BE1-D96C4835D7A4}) (Version: 1.0.11.0 - Epic Games, Inc.) Hidden
UE4 Prerequisites (x64) (HKLM-x32\...\{2890ae6b-90e9-448d-b3e6-97e43c21e2fd}) (Version: 1.0.13.0 - Epic Games, Inc.) Hidden
Uplay (HKLM-x32\...\Uplay) (Version: 22.2 - Ubisoft)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{6DA2B636-698A-3294-BF4A-B5E11B238CDD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{8CCEA24C-51AE-3B71-9092-7D0C44DDA2DF}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{C3A57BB3-9AA6-3F6F-9395-6C062BDD5FC4}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x64 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{F6F09DD8-F39B-3A16-ADB9-C9E6B56903F9}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{04B34E21-5BEE-3D2B-8D3D-E3E80D253F64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{14866AAD-1F23-39AC-A62B-7091ED1ADE64}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{4B90093A-5D9C-3956-8ABB-95848BE6EFAD}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
Visual C++ 2008 - x86 (KB958357) - v9.0.30729.177 (HKLM-x32\...\{B42E259C-E4D4-37F1-A1B2-EB9C4FC5A04D}.KB958357) (Version: 9.0.30729.177 - Microsoft Corporation)
VLC media player (HKLM-x32\...\VLC media player) (Version: 2.2.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.61.0 (HKLM\...\VulkanRT1.0.61.0) (Version: 1.0.61.0 - LunarG, Inc.) Hidden
Wargaming.net Game Center (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\Wargaming.net Game Center) (Version: 17.10.1.7323 - Wargaming.net)
World of Warships EU (HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\WOWS.EU.PRODUCTION) (Version: - Wargaming.net)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files 2\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers4: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files 2\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2017-11-14] (NVIDIA Corporation)
ContextMenuHandlers6: [7-Zip] -> {23170F69-40C1-278A-1000-000100020000} => D:\Program Files 2\7-Zip\7-zip.dll [2016-10-04] (Igor Pavlov)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Smart Security\shellExt.dll [2017-12-18] (ESET)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2016-06-01] (Piriform Ltd)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {22B8A2AF-45A7-4B78-9622-CA91D83AF950} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-01-03] (AVAST Software)
Task: {2A7ACEBF-D2D4-476B-94E4-E23218383CC8} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29] ()
Task: {37534876-BA39-42DA-B793-DCA219F4C58F} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {5AC75926-7157-4133-991C-B3AEFFFE2AFF} - System32\Tasks\S-1-5-21-760769228-1290641064-2046472209-1001\DataSenseLiveTileTask => C:\WINDOWS\System32\DataUsageLiveTileTask.exe [2017-09-29] (Microsoft Corporation)
Task: {5D84A88C-F207-48C2-8D36-E1CE3787C818} - System32\Tasks\NvTmRepOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {6094D31F-AD8C-49A3-B73A-0ABD0CD7A3AD} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2017-11-16] (NVIDIA Corporation)
Task: {76DEE191-D987-4876-BAA7-F92D71D56884} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-01-09] (Piriform Ltd)
Task: {88354A10-5545-4DCE-8FEB-9DE1BD79DA07} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-30] (Microsoft Corporation)
Task: {8E1742BA-6EC2-4037-9F9D-9AA879BEAFA7} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2017-09-27] (Adobe Systems Incorporated)
Task: {8EF078B2-CA30-40DE-B65E-F1A6AC34CB00} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2017-11-16] (NVIDIA Corporation)
Task: {9F1F7AFA-C2D1-4D3C-B1AA-E6937DEEA179} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWoW64\Macromed\Flash\FlashPlayerUpdateService.exe [2018-02-06] (Adobe Systems Incorporated)
Task: {A28ADA54-E685-481D-AC4B-050CC0434077} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2017-11-16] (NVIDIA Corporation)
Task: {BA80C8F6-EC85-4C80-9C23-476EB6867849} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2017-11-16] (NVIDIA Corporation)
Task: {BC245A9A-9B7A-4F32-A5C2-9EE9EFB0C11E} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2017-11-16] (NVIDIA Corporation)
Task: {C92B6959-53A5-4F4C-A5AA-C7CB5AA70A26} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\iCLS Client\IntelPTTEKRecertification.exe [2017-09-21] (Intel(R) Corporation)
Task: {CD0E8198-897D-4B61-A346-FF1795A6B4B6} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-01-30] (Microsoft Corporation)
Task: {D466EBB1-35D3-4303-B0A4-B57D79E969FF} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-02-06] (Microsoft Corporation)
Task: {D5F81DEC-D3E4-4E29-BBCD-A913AFB25101} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-06] (Microsoft Corporation)
Task: {E07D21E2-383A-4DBD-B91C-E7CA884A3B76} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-02-06] (Microsoft Corporation)
Task: {EC9E6C80-71EE-467E-84DD-5B3134E95975} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-05-29] ()
Task: {EE21E92A-455C-487B-8B1E-2B2F964843F6} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2017-11-16] (NVIDIA Corporation)
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - \{D11127E9-21DA-4A49-925C-8AC96A17A784} -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2017-09-29 14:41 - 2017-09-29 14:41 - 000184432 _____ () C:\WINDOWS\SYSTEM32\inputhost.dll
2016-12-23 10:35 - 2017-12-10 15:50 - 000076152 _____ () C:\WINDOWS\SysWOW64\PnkBstrA.exe
2017-01-07 11:51 - 2017-11-16 02:41 - 001267136 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-12-05 19:49 - 2017-11-26 13:23 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2017-12-05 19:49 - 2017-11-26 13:01 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-01-30 14:08 - 2018-01-30 14:08 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 025135104 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 002542592 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\skypert.dll
2018-01-30 14:08 - 2018-01-30 14:08 - 000667136 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1803.279.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-01-03 14:33 - 2018-01-03 14:33 - 000061920 _____ () C:\Program Files\CCleaner\branding.dll
2018-01-09 15:21 - 2018-01-09 15:21 - 000079056 _____ () C:\Program Files\CCleaner\lang\lang-1029.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000177288 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
2017-01-07 11:51 - 2017-11-16 02:41 - 001040320 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2017-01-07 11:51 - 2017-11-16 02:40 - 066906560 _____ () C:\Program Files (x86)\NVIDIA Corporation\NVIDIA GeForce Experience\libcef.dll
2017-09-25 13:28 - 2017-09-25 13:28 - 001244304 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\ACE.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000044168 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32api.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000062600 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pywintypes27.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000121992 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\pythoncom27.dll
2015-05-29 00:22 - 2015-05-29 00:22 - 000024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_multiprocessing.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000031368 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_socket.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000445064 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ssl.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000288904 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_hashlib.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000019080 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\select.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000046728 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_ctypes.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000028296 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32service.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000025736 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\servicemanager.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000023176 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32pipe.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000044680 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32file.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000021128 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32event.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000372360 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\_bsddb.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000026248 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32process.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000023176 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32ts.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000021640 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32profile.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000045704 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32security.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000027784 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\win32inet.pyd
2015-05-29 00:22 - 2015-05-29 00:22 - 000024200 _____ () C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\EnvironmentID.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)

==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2018-02-10 18:00 - 000000027 _____ C:\WINDOWS\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-760769228-1290641064-2046472209-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Roaming\Mozilla\Firefox\Pozadí plochy.bmp
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKU\S-1-5-21-760769228-1290641064-2046472209-1001\...\StartupApproved\Run: => "Gaijin.Net Agent"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{BED89A64-459F-48F3-96CC-8DCAA1EBC569}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Bug Reporter.exe
FirewallRules: [{B2DDFB90-A8BA-4B10-BE66-AB0D8C11EDDD}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Bug Reporter.exe
FirewallRules: [{81981957-63AC-4403-A9DF-E98A497C383F}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe
FirewallRules: [{D2C0B398-C8F4-43EC-B0E3-7D232D15FAE5}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Multiplayer.exe
FirewallRules: [{57EA29AD-CE60-42E5-B31C-57DB03959CF3}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe
FirewallRules: [{75ECA8A0-3F22-4601-9CCA-A646B579C619}] => (Allow) D:\SteamLibrary\steamapps\common\Ultimate General Gettysburg\Ultimate General Gettysburg.exe
FirewallRules: [{7553F95B-010B-4EAE-88BB-64FD2DF747A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{070F2889-2CEA-45FB-8982-9A1B945977CA}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{A8EA25A7-1883-441E-92AD-CAA124612BA6}] => (Allow) C:\Program Files (x86)\Battlelog Web Plugins\Sonar\0.70.4\SonarHost.exe
FirewallRules: [{689D0580-3770-43B5-B32A-714580A4A48A}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{8FAA2C3C-1A80-4470-A7AA-EF00F7EF5F83}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2_ed.exe
FirewallRules: [{2224B2F2-D468-48D2-A566-441EBCF43623}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D3BC3F78-24EA-41F9-829F-089DF56A3133}] => (Allow) D:\SteamLibrary\steamapps\common\Men of War Assault Squad 2\mowas_2.exe
FirewallRules: [{D104AD72-C7CD-49B0-8888-9B0FB52E24C1}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{1A4386A7-BD9C-47A4-8630-2F51FAA3CFD5}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Borderlands2.exe
FirewallRules: [{692ACD52-03C4-45B5-BE75-386A24B3D6C3}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{DD3486CC-8F90-4239-AC90-A8AB7B8D9B6F}] => (Allow) D:\SteamLibrary\steamapps\common\Borderlands 2\Binaries\Win32\Launcher.exe
FirewallRules: [{38F38AF9-C784-4B6F-8D6D-256F63D8F6A2}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CC1F3112-25F1-4C38-8314-B4A5BDDB4C10}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{2B783C8A-8E76-4162-A818-F5B9A25B9651}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{B20DEB53-5EFB-43B8-A447-1181E9933130}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{D710625B-AA23-4382-B683-C7F761B39430}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{8D54D0AC-C4AF-4A86-A5D2-F0AEF933D9D9}] => (Allow) D:\SteamLibrary\steamapps\common\Company of Heroes Relaunch\RelicCOH.exe
FirewallRules: [{452EE642-AB2F-4C23-8A4D-4FFED7CE39B1}] => (Allow) D:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{EDC62BEF-DBC5-4F60-B06B-BB1DFD9F7587}] => (Allow) D:\SteamLibrary\steamapps\common\SpaceEngineers\Bin64\SpaceEngineers.exe
FirewallRules: [{069760DA-F9C5-4216-A871-650ABCAD652D}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{E1AA505D-0C4F-4256-92EA-662E5BA4EA47}] => (Allow) D:\SteamLibrary\steamapps\common\Magicka\Magicka.exe
FirewallRules: [{EA92DF91-855E-42A9-8CFF-4D9B478CBB23}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{994001A7-BB4A-41B7-A050-40EA1AAA7A46}] => (Allow) D:\SteamLibrary\steamapps\common\Hearts of Iron IV\hoi4.exe
FirewallRules: [{4A6E9CE1-D23C-4A66-8C29-3F69ADB7395F}] => (Allow) D:\Games\Armored Warfare MyCom\bin64\armoredwarfare.exe
FirewallRules: [{5CA6D3AB-B463-45F8-9B66-7AB5615487F9}] => (Allow) D:\Games\Armored Warfare MyCom\bin64\armoredwarfare.exe
FirewallRules: [{0D6C5DD9-F921-4849-9CDC-AAE7FBFFA082}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{3B090D32-3EA4-47DD-BDA1-9A2E22F2580D}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{7D6E6852-4DE3-4664-BBE8-542F006AFBCD}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{4DC711F8-2B78-48DD-A0C9-EA4CD91B6D42}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{8D155E35-61F5-4037-A026-CE7E862C1F91}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{AAF07231-DBB2-4987-9416-A0838E98AE6F}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{EC08D62B-A03F-4875-947D-171435A9F98E}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{4F276352-9ECD-4AD4-9C51-81CAFCE354A6}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{5BDB3884-207F-4374-A0D7-58A9E236501D}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B3EC1ECF-87AA-466D-A91F-6032817149EC}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{02F83C76-F5D3-4EA3-A49E-C1EEA769C90B}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{CAD338C5-4816-418B-AAD2-ADECDAC5F098}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{BB0361B7-4722-4694-AAB0-B8BA3A6AE42D}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{A86C4249-E6C7-4B13-B595-1B4E7B6ACD17}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{025444CC-31FA-46E1-96EC-96D1F546642B}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{860286C2-A361-4040-8162-2EBCFCF8CB9C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{351554C2-BCED-4161-99BB-AE445266A5DD}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{700C6251-9880-4F68-B23A-10E2DC516593}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{A6129D68-2C5B-43AF-B27E-BB89DEDCE789}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{EEFAF390-013D-4A2C-AF33-AF9FF3CEB987}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{ABD36C8D-7364-41BC-9CC9-D2EE56D111C0}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{8B127BF7-0C53-4401-B457-7F34FC669446}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{D4CFA4AD-9EF3-4CF5-A4E6-A5E9D61DA38D}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{C5304FBA-9580-43B3-A894-953518AAC19F}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{9BE5AE4C-21A3-4733-B5B5-CAECE09AE139}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Package\PTInstOnline.exe
FirewallRules: [{60A9E689-3277-45CF-9E9B-757D735DA4F1}] => (Allow) D:\Games\Farming Simulator 2017\FarmingSimulator2017.exe
FirewallRules: [{306EBDD8-8CFA-45DA-9553-A8DADB5520E0}] => (Allow) D:\Games\Farming Simulator 2017\FarmingSimulator2017.exe
FirewallRules: [{2CFF49D1-EB38-4614-ADF9-276C5924BF7A}] => (Allow) D:\Games\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe
FirewallRules: [{AE60A80F-38B5-450E-879A-FEA0F5069009}] => (Allow) D:\Games\Farming Simulator 2017\x86\FarmingSimulator2017Game.exe
FirewallRules: [{1C2D7D65-1770-4E93-A0DC-AF95937DB892}] => (Allow) D:\Games\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe
FirewallRules: [{89CFE581-2D64-498E-BD86-2068CD1EF817}] => (Allow) D:\Games\Farming Simulator 2017\x64\FarmingSimulator2017Game.exe
FirewallRules: [{0BAC8CF0-56B4-487E-891D-B3C699083D18}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{45462907-93FA-4AB1-941A-ACE661CA2626}] => (Allow) C:\Users\Petr\AppData\Local\MyComGames\MyComGames.exe
FirewallRules: [{45708D2D-E281-445B-B13D-5A17701F1E3E}] => (Allow) LPort=61277
FirewallRules: [{818C1962-4982-45B2-A1DB-E32BCF70BBF1}] => (Allow) LPort=5000
FirewallRules: [{FBEE722F-0677-46E8-9CB3-C79A80FBF075}] => (Allow) D:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{DD7F1A04-4E08-45AC-8A18-C8C6B115CD44}] => (Allow) D:\SteamLibrary\steamapps\common\Elite Dangerous\EDLaunch.exe
FirewallRules: [{22429FE5-B1DB-4D50-A0B4-C91AEFB199F4}] => (Allow) D:\SteamLibrary\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{1040849A-09C5-40DC-8AAC-906917F3F648}] => (Allow) D:\SteamLibrary\steamapps\common\Deus Ex Mankind Divided\retail\DXMD.exe
FirewallRules: [{86B8C916-13A6-4213-9278-7CD6353D7FA8}] => (Allow) D:\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{E4C09121-A73F-468F-B618-481071DE4C48}] => (Allow) D:\SteamLibrary\steamapps\common\dayofinfamy\dayofinfamy_BE.exe
FirewallRules: [{73223192-DD89-4041-8450-15FFAAFAFA02}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{331696D0-417D-4050-BE10-3C5A63AD7E75}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{65437E05-7A4F-45B6-AAC0-05DE0A1D56A3}] => (Allow) D:\Program Files 2\FormatFactory\FormatFactory.exe
FirewallRules: [{8A4ED4DD-2D23-4FFF-A7D6-25C017D23279}] => (Allow) D:\Program Files 2\FormatFactory\FFModules\Encoder\Doc\EBookCodec.exe
FirewallRules: [{C5488539-A6A3-49F3-B8E6-1767B09885C7}] => (Allow) D:\SteamLibrary\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{87C7A02A-8A6B-44AC-9924-D6CE28461553}] => (Allow) D:\SteamLibrary\steamapps\common\Rising Storm 2\Binaries\Win64\RisingStorm2.exe
FirewallRules: [{AEACEB30-77E7-4872-8100-D42D963E8B7E}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe
FirewallRules: [{6FCC2CC8-6334-4F0B-BE3D-AD12AB1734EB}] => (Allow) D:\SteamLibrary\steamapps\common\Warhammer 40,000 - Eternal Crusade\EternalCrusadeClient.exe
FirewallRules: [{180BBAF6-25A0-47BF-9898-8E30C126B1D2}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{001F8C36-D0E7-40AA-8563-6BC6A4A9125A}] => (Allow) C:\Windows\SysWOW64\PnkBstrA.exe
FirewallRules: [{70AA2FAC-889E-4747-8310-E74DCA2F7EAB}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{491B26AA-EA65-4763-B0E3-5471B4E6F28C}] => (Allow) C:\Windows\SysWOW64\PnkBstrB.exe
FirewallRules: [{6CE81253-F536-47D9-ABEB-A9CD3F71C8E7}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{245126E6-0E5F-407C-920B-A0931815AF44}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{5BA255F3-D65D-4CD3-B895-1B07E5AB8203}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{B068D09B-C354-479D-9C10-20A21E3F848C}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{FF2861EE-98F1-48F7-AC2D-6A40B27FEC73}] => (Allow) D:\SteamLibrary\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{77CDBE2D-7CD6-4498-953E-D439261AFC0A}] => (Allow) D:\SteamLibrary\steamapps\common\Empire Total War\Empire.exe
FirewallRules: [{22102ABD-0FCE-45C6-8C17-9EC4CCEF4974}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{64DFC0EF-D6EB-45C9-AB3B-882BBD8D6A44}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0499C4B7-32F3-45B0-ABB8-B5848D697355}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{61FF2AAE-EE4F-49EF-85BF-A883275FD491}] => (Allow) D:\SteamLibrary\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{AC4C8669-3F8F-4D66-AF46-4C7F9D9F2AC4}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{33D17C39-35AD-4530-A70C-572838CD6ADA}] => (Allow) D:\SteamLibrary\steamapps\common\American Truck Simulator\bin\win_x64\amtrucks.exe
FirewallRules: [{D08B1DD4-4BC2-4F0D-BB20-86C13673140D}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{01E9D9E3-1A12-4F54-A617-76A0AF4692AB}] => (Allow) D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\launcher\launcher.exe
FirewallRules: [{E8B71822-F6DB-4205-949E-B3E2A09008D6}] => (Allow) C:\Program Files (x86)\Intel\Intel(R) Small Business Advantage Next\Sba.exe
FirewallRules: [{09486520-A797-4C36-8A23-8E5FE08E34DD}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{F403D2A0-7E32-4AFE-B329-7CC13C26D6D3}] => (Allow) D:\SteamLibrary\steamapps\common\Fallout 4\Fallout4Launcher.exe
FirewallRules: [{04D9E734-AC5C-43C1-9BAF-358301DD801A}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{F632B7FD-8343-4920-8E36-6F3E160955A0}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe
FirewallRules: [{0B3B84CB-ECD9-4F44-BBE7-59E40AE38725}] => (Allow) D:\SteamLibrary\steamapps\common\Red Orchestra 2\Binaries\Win32\ROGame.exe

==================== Restore Points =========================

24-01-2018 07:51:11 Pred instalaci ovladacu
31-01-2018 19:46:59 Naplánovaný kontrolní bod
07-02-2018 11:54:25 Installed ESET Security
10-02-2018 09:39:59 Restore Point Created by FRST
10-02-2018 15:53:20 Restore Point Created by FRST

==================== Faulty Device Manager Devices =============

Name: Standardní klávesnice PS/2
Description: Standardní klávesnice PS/2
Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318}
Manufacturer: (Standardní klávesnice)
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Myš Microsoft PS/2
Description: Myš Microsoft PS/2
Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: i8042prt
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

==================== Event log errors: =========================

Application errors:
==================
Error: (02/10/2018 06:01:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.16299.15, časové razítko: 0x9c786b9a
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.192, časové razítko: 0x6dead514
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a3c1a
ID chybujícího procesu: 0xe00
Čas spuštění chybující aplikace: 0x01d3a290c643e764
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 194d7eac-6f07-4d45-a3c1-7b26142d6fdf
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/10/2018 03:53:21 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary cpuz143.

System Error:
Systém nemůže nalézt uvedený soubor.
.

Error: (02/10/2018 09:46:15 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: svchost.exe_stisvc, verze: 10.0.16299.15, časové razítko: 0x9c786b9a
Název chybujícího modulu: ntdll.dll, verze: 10.0.16299.192, časové razítko: 0x6dead514
Kód výjimky: 0xc0000008
Posun chyby: 0x00000000000a3c1a
ID chybujícího procesu: 0x4b0
Čas spuštění chybující aplikace: 0x01d3a24b98e20235
Cesta k chybující aplikaci: C:\WINDOWS\system32\svchost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 43811f2f-8844-46b9-9125-a508b30a05a2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/10/2018 09:39:59 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Chyba služby Stínová kopie svazků: Při dotazu na rozhraní IVssWriterCallback došlo k neočekávané chybě. hr = 0x80070005, Přístup byl odepřen.
.
To je často způsobeno nesprávným nastavením zabezpečení v modulu pro zápis nebo žadateli.

Operace:
Shromažďování dat modulu pro zápis

Kontext:
ID třídy modulu pro zápis: {e8132975-6f93-4464-a53e-1050253ae220}
Název modulu pro zápis: System Writer
ID instance modulu pro zápis: {6aa3b0dc-46f2-40e4-a695-ee74a402643b}

Error: (02/08/2018 09:00:17 PM) (Source: Application Hang) (EventID: 1002) (User: )
Description: Program Warhammer2.exe verze 1.3.0.0 přestal spolupracovat se systémem Windows a byl ukončen. Chcete-li zjistit, zda je k dispozici více informací o tomto problému, vyhledejte historii problému v ovládacím panelu Zabezpečení a údržba.

ID procesu: efc

Čas spuštění: 01d3a1173e469913

Čas ukončení: 2

Cesta k aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe

ID hlášení: a64a02cf-615b-4993-bc14-e5c96fa41780

Úplný název balíčku s chybou:

ID aplikace související s balíčkem s chybou:

Error: (02/08/2018 08:39:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000171fdb2
ID chybujícího procesu: 0x1e54
Čas spuštění chybující aplikace: 0x01d3a1147cdaaf86
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: eaf53e22-066b-4758-b87f-1875bd372e9a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 08:34:17 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000001758ecc
ID chybujícího procesu: 0x1044
Čas spuštění chybující aplikace: 0x01d3a113c1df1a70
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: 64465643-d30d-495b-93e5-0d67f728c2fa
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 08:18:14 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000f69ad0
ID chybujícího procesu: 0x1ac8
Čas spuštění chybující aplikace: 0x01d3a11173122eff
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: 450aa5f1-b366-4ef1-b661-1b2d50bb3991
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 08:02:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Název chybujícího modulu: Warhammer2.exe, verze: 1.3.0.0, časové razítko: 0x5a6543e1
Kód výjimky: 0xc0000005
Posun chyby: 0x000000000171fdb2
ID chybujícího procesu: 0x2368
Čas spuštění chybující aplikace: 0x01d3a10f4c7647fe
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Total War WARHAMMER II\Warhammer2.exe
ID zprávy: ca8ccddd-b303-45aa-9924-fe6e95e86552
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (02/08/2018 07:41:39 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: rogame.exe, verze: 0.0.0.0, časové razítko: 0x561eae04
Název chybujícího modulu: rogame.exe, verze: 0.0.0.0, časové razítko: 0x561eae04
Kód výjimky: 0xc0000005
Posun chyby: 0x0094f6c8
ID chybujícího procesu: 0x2a80
Čas spuštění chybující aplikace: 0x01d3a0fe3480516d
Cesta k chybující aplikaci: D:\SteamLibrary\steamapps\common\Red Orchestra 2\binaries\win32\rogame.exe
Cesta k chybujícímu modulu: D:\SteamLibrary\steamapps\common\Red Orchestra 2\binaries\win32\rogame.exe
ID zprávy: 0f287d81-da58-49cf-b216-5c5ce74905ba
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

System errors:
=============
Error: (02/10/2018 06:39:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HT5L342)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
a APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
uživateli DESKTOP-HT5L342\Petr (SID: S-1-5-21-760769228-1290641064-2046472209-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:39:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HT5L342)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
a APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
uživateli DESKTOP-HT5L342\Petr (SID: S-1-5-21-760769228-1290641064-2046472209-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:39:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HT5L342)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
a APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
uživateli DESKTOP-HT5L342\Petr (SID: S-1-5-21-760769228-1290641064-2046472209-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:39:59 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-HT5L342)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{9E175B6D-F52A-11D8-B9A5-505054503030}
a APPID
{9E175B9C-F52A-11D8-B9A5-505054503030}
uživateli DESKTOP-HT5L342\Petr (SID: S-1-5-21-760769228-1290641064-2046472209-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:03:25 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Načítání obrázků (WIA) byla neočekávaně ukončena. Tento stav nastal již 1krát.

Error: (02/10/2018 06:01:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:01:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:01:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:01:22 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (02/10/2018 06:00:44 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Update Manager byla neočekávaně ukončena. Tento stav nastal již 2krát.

CodeIntegrity:
===================================
Date: 2018-01-19 13:23:11.104
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.557
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.218
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.161
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:23:10.084
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:54.013
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:53.949
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:46.481
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-19 13:22:46.411
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

Date: 2018-01-15 18:06:35.975
Description: Code Integrity determined that a process (\Device\HarddiskVolume2\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume2\Program Files\ESET\ESET Smart Security\eplgEdge.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

Processor: Intel(R) Core(TM) i7-6700 CPU @ 3.40GHz
Percentage of memory in use: 12%
Total physical RAM: 16346.74 MB
Available physical RAM: 14318.39 MB
Total Virtual: 18778.74 MB
Available Virtual: 16807.27 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:223.08 GB) (Free:132.91 GB) NTFS
Drive d: () (Fixed) (Total:931.51 GB) (Free:366.68 GB) NTFS

\\?\Volume{079f937a-0000-0000-0000-100000000000}\ () (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 223.6 GB) (Disk ID: 079F937A)
Partition 1: (Active) - (Size=500 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=223.1 GB) - (Type=07 NTFS)

========================================================
Disk: 1 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 079F9369)
Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)

==================== End of Addition.txt ============================

#17 Příspěvek od **Conder** » 10 úno 2018 19:46

Conder píše: Skontroluj, velkost plochy (C:\Users\Petr\Desktop). Ak je vacsia ako 300 MB, presun vsetky subory a zlozky do dokumentov a na ploche nechaj iba odkazy/zastupcov. Prilis velka velkost plochy moze sposobit spomalenie systemu.

Su s PC este nejake problemy?

Otvor poznamkovy blok (Win+R -> notepad -> enter)

Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

Kód: Vybrat vše

Start
Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - \{D11127E9-21DA-4A49-925C-8AC96A17A784} -> No File <==== ATTENTION
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DFD78-0438-4687-9734-4AD961ADF113}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DFD78-0438-4687-9734-4AD961ADF113}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8}
End

Uloz na plochu s nazvom fixlist.txt
Spusti znovu FRST a klikni na Fix
Pockaj na dokoncenie
Tentokrat to bude bez restartu, otvori sa Fixlog.txt (pripadne bude na ploche), jeho obsah sem skopiruj

Pitrisek · #18 Příspěvek od **Pitrisek** » 10 úno 2018 20:51

Velikost plochy 33 MB. Prohlížeč se mi velice zrychlil a zatím na mne nevyskočil žádný ransomware.
PC vypadá být lepší...
Mám ještě dotazy k těmto programům (zdali jsou užitečné, nebo je můžu odinstalovat) nainstalovali se mi totiž při aktualizaci ovladačů základní desky, které mi zaslali z podpory HAL3000 z důvodu nefunkčního předního USB 2.0 (stále nefunkční)
Programy: Small Business Advantage ; Intel Update Manager ; Intel Serial IO a dále nějaký program Discord - datum instalace 9.10.2018 (nechápu) + Filmy a TV pořady + Hudba Groove -datum instalace 9.2.2018 a další...chtěl bych poprosit o kontrolu nainstalovaných programů a spuštěných procesů - přibyli některé, které neznám...

Přikládám log z po fixu RFST:

Fix result of Farbar Recovery Scan Tool (x64) Version: 10.02.2018 02
Ran by Petr (10-02-2018 20:27:34) Run:4
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: defaultuser0 & Petr)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
Task: {101DFD78-0438-4687-9734-4AD961ADF113} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} - \{D11127E9-21DA-4A49-925C-8AC96A17A784} -> No File <==== ATTENTION
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DFD78-0438-4687-9734-4AD961ADF113}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DFD78-0438-4687-9734-4AD961ADF113}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8}
DeleteKey: HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8}
End
*****************

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DFD78-0438-4687-9734-4AD961ADF113}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DFD78-0438-4687-9734-4AD961ADF113}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{D11127E9-21DA-4A49-925C-8AC96A17A784}" => removed successfully
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{101DFD78-0438-4687-9734-4AD961ADF113} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{101DFD78-0438-4687-9734-4AD961ADF113} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} => key not found
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FCC1C6E7-A9C4-4ED7-9D70-59D89A79B4D8} => key not found

==== End of Fixlog 20:27:35 ====

#19 Příspěvek od **Conder** » 10 úno 2018 22:02

Logy uz vyzeraju OK.

Tie Intel programy, ktore boli sucastou ovladacou by som nechal tak. Discord je komunikacny program, ak ho nepouzivas, mozes ho kludne odinstalovat. Programy "Filmy a TV pořady + Hudba Groove" su predinstalovane aplikacie Windowsu 10.

Pitrisek · #20 Příspěvek od **Pitrisek** » 10 úno 2018 22:22

OK, děkuji moc za vyčištění PC a mám ještě provést nějaký úklid...

#21 Příspěvek od **Conder** » 10 úno 2018 22:24

Nie je zaco

Stiahni DelFix: https://toolslib.net/downloads/finish/2-delfix/

Uloz na plochu a spusti
Nechaj oznacenu moznost "Remove disinfection tools"
Klikni na "Run"

Pitrisek · #22 Příspěvek od **Pitrisek** » 10 úno 2018 23:37

Ještě jednou děkuji za vyčištění mého PC.
Mám ještě dotaz na tento spuštěný proces: iumsvc.exe - nemůžu najít, kde se vypíná, aby nenaběhl po startu systému (spotřebovává 20 MB paměti), když kliknu na tray ikonu,tak se mi objeví jen prázdné bílé okno...

#23 Příspěvek od **Conder** » 11 úno 2018 00:28

iumsvc.exe je Intel Update Manager. Ak chces automaticke spustanie, vypni danu sluzbu cez Win+R -> napis "msconfig" -> enter -> karta "Sluzby" -> zaskrtnut "Skryt vsetky sluzby spolocnosti Microsoft" -> odskrtnut Intel Update Manager -> Pouzit.

VIRY.CZ

Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen

Re: Prosím o preventivni kontrolu PC - log z RSIT přiložen