Předem se omlouvám že obtěžuji, ale provedl jsem komplet kontrolu NTB, a tak by mě zajímala čistota i po vaší stránce.
Log z FRST:
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 11.11.2018
Ran by Petr (administrator) on DESKTOP-1BAQ5EU (13-11-2018 21:56:30)
Running from C:\Users\Petr\Desktop
Loaded Profiles: Petr (Available Profiles: Petr)
Platform: Windows 10 Home Version 1803 17134.345 (X64) Language: Čeština (Česko)
Internet Explorer Version 11 (Default browser: Edge)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxCUIService.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\IntelCpHDCPSvc.exe
(Windows (R) Win 7 DDK provider) C:\Windows\System32\drivers\AdminService.exe
(Intel) C:\Windows\System32\cAVS\Intel(R) Audio Service\IntelAudioService.exe
(Autodesk Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\IntelCpHeciSvc.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler.exe
(Google Inc.) C:\Program Files (x86)\Google\Update\1.3.33.17\GoogleCrashHandler64.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QASvc.exe
(Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\OfficeClickToRun.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\ClickToRun\AppVShNotify.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\MsMpEng.exe
(Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1810.5-0\NisSrv.exe
(Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxEM.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Akamai Technologies, Inc.) C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Autodesk, Inc.) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Autodesk) C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AcWebBrowser\acwebbrowser.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAgent.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QALockHandler.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\QAAdminAgent.exe
(Intel Corporation) C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxext.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
() C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
(Acer Incorporated) C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeApp.exe
() C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
() C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
(Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SystemApps\Microsoft.LockApp_cw5n1h2txyewy\LockApp.exe
(Microsoft Corporation) C:\Windows\System32\OpenWith.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.App.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
() C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingApplication.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
(Check Point Software Technologies, Ltd.) C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZAPrivacyService.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
() C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe
() C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
(Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Check Point Software Technologies Ltd.) C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [601424 2018-07-07] (Oracle Corporation)
HKLM-x32\...\Run: [Autodesk Desktop App] => C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AutodeskDesktopApp.exe [700328 2017-01-06] (Autodesk, Inc.)
HKLM-x32\...\Run: [ZoneAlarm] => C:\Program Files (x86)\CheckPoint\ZoneAlarm\zatray.exe [147016 2018-09-28] (Check Point Software Technologies Ltd.)
HKLM-x32\...\Run: [ZaAntiRansomware] => C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAAR.exe [4305776 2018-05-30] (Check Point Software Technologies Ltd.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [World of Tanks] => E:\World_of_Tanks\WargamingGameUpdater.exe [3139936 2018-06-25] (Wargaming.net)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [Akamai NetSession Interface] => C:\Users\Petr\AppData\Local\Akamai\netsession_win.exe [4586456 2018-04-17] (Akamai Technologies, Inc.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Run: [EpicGamesLauncher] => E:\epicgames\Epic Games\Launcher\Portal\Binaries\Win64\EpicGamesLauncher.exe [34910608 2018-11-13] (Epic Games, Inc.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\RunOnce: [FlashPlayerUpdate] => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [1454592 2018-10-05] (Adobe Systems Incorporated)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Policies\Explorer: []
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{5922bdd7-f353-4ea6-a4b5-795d07315b5f}: [DhcpNameServer] 8.8.8.8
Tcpip\..\Interfaces\{687db5dd-afba-4cab-8c72-881b9ec9ea9e}: [DhcpNameServer] 10.9.3.1 10.9.3.2
Internet Explorer:
==================
HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <==== ATTENTION
BHO: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX64\Microsoft Office\Office16\OCHelper.dll [2018-10-22] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_181\bin\ssv.dll [2018-08-11] (Oracle Corporation)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_181\bin\jp2ssv.dll [2018-08-11] (Oracle Corporation)
BHO-x32: Lync Browser Helper -> {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} -> C:\Program Files (x86)\Microsoft Office\root\Office16\OCHelper.dll [2018-10-22] (Microsoft Corporation)
Handler-x32: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-22] (Microsoft Corporation)
Handler-x32: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-22] (Microsoft Corporation)
Handler-x32: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-22] (Microsoft Corporation)
Handler-x32: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files (x86)\Microsoft Office\root\Office16\MSOSB.DLL [2018-10-22] (Microsoft Corporation)
Edge:
======
Edge Extension: (Adblock Plus) -> 10_EyeoGmbHAdblockPlus_d55gg7py3s0m0 => C:\Program Files\WindowsApps\EyeoGmbH.AdblockPlus_0.9.11.0_neutral__d55gg7py3s0m0 [2018-09-05]
FireFox:
========
FF Plugin: @java.com/DTPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\dtplugin\npDeployJava1.dll [2018-08-11] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.181.2 -> C:\Program Files\Java\jre1.8.0_181\bin\plugin2\npjp2.dll [2018-08-11] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/Lync,version=15.0 -> C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesX86\Mozilla Firefox\plugins\npmeetingjoinpluginoc.dll [2018-10-22] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\Program Files (x86)\Microsoft Office\root\Office16\NPSPWRAP.DLL [2018-10-22] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-13] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-08-13] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=3.0.4 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2018-08-09] (VideoLAN)
Chrome:
=======
CHR Profile: C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default [2018-11-13]
CHR Extension: (Prezentace) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-08-13]
CHR Extension: (Dokumenty) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-08-13]
CHR Extension: (Disk Google) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-11-03]
CHR Extension: (YouTube) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-08-13]
CHR Extension: (Tabulky) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-08-13]
CHR Extension: (Dokumenty Google offline) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-29]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-08-13]
CHR Extension: (Gmail) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-08-13]
CHR Extension: (Chrome Media Router) - C:\Users\Petr\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-11-13]
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R2 AdAppMgrSvc; C:\Program Files (x86)\Autodesk\Autodesk Desktop App\AdAppMgrSvc.exe [1290744 2017-01-06] (Autodesk Inc.)
R2 AtherosSvc; C:\Windows\system32\DRIVERS\AdminService.exe [414720 2017-11-29] (Windows (R) Win 7 DDK provider)
R2 ClickToRunSvc; C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeClickToRun.exe [8522520 2018-09-29] (Microsoft Corporation)
R2 CPEFR; C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\EFRService.exe [2498296 2018-05-30] (Check Point Software Technologies Ltd.)
R2 CpSbaCipolla; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35064 2018-03-20] ()
R2 CpSbaUpdater; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\SBACipollaSrvHost.exe [35064 2018-03-20] ()
S3 EasyAntiCheat; C:\Program Files (x86)\EasyAntiCheat\EasyAntiCheat.exe [784512 2018-09-29] (EasyAntiCheat Ltd)
R2 IntelAudioService; C:\Windows\system32\cAVS\Intel(R) Audio Service\IntelAudioService.exe [212928 2018-03-28] (Intel)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6347056 2018-09-19] (Malwarebytes)
S3 QALSvc; C:\Program Files\Acer\Acer Quick Access\QALSvc.exe [466224 2018-03-09] (Acer Incorporated)
R3 QASvc; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [508208 2018-03-09] (Acer Incorporated)
R2 RemediationService; C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationService.exe [17656 2018-03-22] (Check Point Software Technologies Ltd.)
S4 ssh-agent; C:\Windows\System32\OpenSSH\ssh-agent.exe [495616 2018-03-10] ()
R2 TESvc; C:\Program Files (x86)\CheckPoint\Endpoint Security\Threat Emulation\TESvc.exe [196344 2018-04-23] (Check Point Software Technologies Ltd.)
R2 vsmon; C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe [4210584 2018-09-28] (Check Point Software Technologies Ltd.)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\NisSrv.exe [3917016 2018-10-23] (Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MsMpEng.exe [114208 2018-10-23] (Microsoft Corporation)
R2 ZA NET ICM Service; C:\Program Files (x86)\CheckPoint\ICM\ICM-Service-NET.exe [56688 2018-04-16] (Check Point Software Technologies Ltd.)
R2 ZAARUpdateService; C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe [45936 2018-05-30] ()
R3 ZAPrivacyService; C:\Program Files (x86)\CheckPoint\ZoneAlarm\ZaPrivacyService.exe [114936 2018-09-28] (Check Point Software Technologies, Ltd.)
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 AcerAirplaneModeController; C:\Windows\System32\drivers\AcerAirplaneModeController.sys [29976 2018-05-25] (Acer Incorporated)
R3 BtFilter; C:\Windows\system32\DRIVERS\btfilter.sys [65472 2017-11-29] (Qualcomm)
R2 cpbak; C:\Windows\System32\DRIVERS\cpbak.sys [61592 2018-04-11] (Check Point Software Technologies Ltd.)
R1 CPEPMon; C:\Windows\System32\DRIVERS\CPEPMon.sys [68280 2018-04-09] (Check Point Software Technologies Ltd.)
R1 epnetflt; C:\Windows\system32\drivers\epnetflt.sys [117400 2017-12-10] (Check Point Software Technologies)
R1 epregflt; C:\Windows\system32\drivers\epregflt.sys [101552 2017-10-23] (Check Point Software Technologies)
R2 ISWKL; C:\Program Files (x86)\CheckPoint\Endpoint Security\Endpoint Common\Bin\ISWKL.sys [65264 2018-03-11] (Check Point Software Technologies Ltd.)
R3 LMDriver; C:\Windows\System32\drivers\LMDriver.sys [31000 2018-05-15] (Acer Incorporated)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [260480 2018-11-03] (Malwarebytes)
R3 RadioShim; C:\Windows\System32\drivers\RadioShim.sys [25368 2018-05-15] (Acer Incorporated)
R3 rt640x64; C:\Windows\System32\drivers\rt640x64.sys [604160 2018-04-12] (Realtek )
R3 RTSPER; C:\Windows\System32\drivers\RtsPer.sys [887240 2018-06-03] (Realsil Semiconductor Corporation)
R1 Vsdatant; C:\Windows\System32\drivers\vsdatant.sys [461240 2018-09-28] (Check Point Software Technologies Ltd.)
S0 WdBoot; C:\Windows\System32\drivers\wd\WdBoot.sys [46184 2018-10-23] (Microsoft Corporation)
R0 WdFilter; C:\Windows\System32\drivers\wd\WdFilter.sys [328696 2018-10-23] (Microsoft Corporation)
R3 WdNisDrv; C:\Windows\System32\drivers\wd\WdNisDrv.sys [60408 2018-10-23] (Microsoft Corporation)
U3 iswSvc; no ImagePath
U4 nxfs; no ImagePath
U4 nxpcap; no ImagePath
U4 nxsshd; no ImagePath
U4 nxusbd; no ImagePath
U4 nxusbh; no ImagePath
U4 nxusbs; no ImagePath
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One Month Created files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-13 21:56 - 2018-11-13 21:57 - 000018642 _____ C:\Users\Petr\Desktop\FRST.txt
2018-11-13 21:56 - 2018-11-13 21:56 - 000000000 ____D C:\FRST
2018-11-13 21:55 - 2018-11-13 21:55 - 002415616 _____ (Farbar) C:\Users\Petr\Downloads\FRST64.exe
2018-11-13 21:55 - 2018-11-13 21:55 - 002415616 _____ (Farbar) C:\Users\Petr\Desktop\FRST64.exe
2018-11-13 21:54 - 2018-11-13 21:54 - 000000365 _____ C:\ProgramData\Microsoft.SqlServer.Compact.400.32.bc
2018-11-13 21:54 - 2018-04-11 08:17 - 000061592 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\cpbak.sys
2018-11-13 21:54 - 2018-04-09 13:53 - 000068280 _____ (Check Point Software Technologies Ltd.) C:\Windows\system32\Drivers\CPEPMon.sys
2018-11-13 21:41 - 2018-11-13 21:54 - 000000000 ____D C:\Program Files (x86)\CheckPoint
2018-11-13 21:41 - 2018-11-13 21:42 - 000440752 _____ C:\Windows\system32\Drivers\vsconfig.xml
2018-11-13 21:41 - 2018-11-13 21:41 - 000000778 _____ C:\Users\Public\Desktop\ZoneAlarm Security.lnk
2018-11-13 21:41 - 2018-11-13 21:41 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Check Point
2018-11-13 21:40 - 2018-11-13 21:40 - 005299768 _____ (Check Point Software Technologies Ltd.) C:\Users\Petr\Downloads\zafwSetupWeb_154_062_17802.exe
2018-11-13 21:17 - 2018-11-13 21:17 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Samsung
2018-11-13 21:10 - 2018-11-13 21:10 - 000000000 ____D C:\ProgramData\Brother
2018-11-13 15:35 - 2018-11-13 15:35 - 000000000 ___HD C:\OneDriveTemp
2018-11-06 19:22 - 2018-11-06 19:22 - 000924221 _____ C:\Users\Petr\Downloads\WR2000(5)_620-SD-EN-1.1.1.zip
2018-11-06 18:50 - 2018-11-06 18:50 - 000052627 _____ C:\Users\Petr\Downloads\Transakce (1).pdf
2018-11-06 18:49 - 2018-11-06 18:49 - 000052457 _____ C:\Users\Petr\Downloads\vypis_z_majetkoveho_uctu.pdf
2018-11-04 19:41 - 2018-11-04 19:41 - 000000202 _____ C:\Users\Petr\Desktop\BattleBlock Theater.url
2018-11-04 13:27 - 2018-11-04 13:27 - 000397103 _____ C:\Users\Petr\Downloads\179973880Z.pdf
2018-11-03 12:21 - 2018-11-03 12:21 - 000260480 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2018-10-31 14:08 - 2018-10-31 14:08 - 000052554 _____ C:\Users\Petr\Downloads\Transakce.pdf
2018-10-22 21:21 - 2018-10-23 05:30 - 000666622 _____ C:\Users\Petr\Desktop\pozitiva_X_negativa_TV.pptx
2018-10-22 21:20 - 2018-10-22 21:20 - 000000000 ____D C:\Users\Petr\Documents\Vlastní šablony Office
2018-10-22 20:46 - 2018-10-22 20:46 - 000000000 ____D C:\Users\Petr\AppData\Roaming\Skype
2018-10-22 20:44 - 2018-10-22 20:44 - 000002553 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Word.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000002530 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\PowerPoint.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000002525 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Excel.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000002518 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype pro firmy.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000002486 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Access.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000002451 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Outlook.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000002447 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Publisher.lnk
2018-10-22 20:44 - 2018-10-22 20:44 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Nástroje Microsoft Office 2016
2018-10-22 20:23 - 2018-10-22 20:44 - 000000000 ____D C:\Program Files (x86)\Microsoft Office
2018-10-22 20:23 - 2018-10-22 20:23 - 000000000 ____D C:\Program Files\Microsoft Office 15
2018-10-22 20:22 - 2018-10-22 20:22 - 005080776 _____ (Microsoft Corporation) C:\Users\Petr\Downloads\Setup.X86.cs-cz_O365ProPlusRetail_05c83fae-7f2f-4292-b8d2-2c1f636ac48e_TX_PR_b_64_.exe
2018-10-17 18:40 - 2018-10-17 18:40 - 000000000 ____D C:\Users\Petr\AppData\Local\mbamtray
2018-10-17 18:39 - 2018-11-03 12:20 - 000152688 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2018-10-17 18:39 - 2018-10-17 18:39 - 000001912 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-10-17 18:39 - 2018-10-17 18:39 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
==================== One Month Modified files and folders ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2018-11-13 21:54 - 2018-08-07 12:54 - 000000000 ____D C:\ProgramData\Package Cache
2018-11-13 21:54 - 2018-08-07 10:12 - 000000000 ____D C:\ProgramData\CheckPoint
2018-11-13 21:48 - 2018-04-12 00:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2018-11-13 21:41 - 2018-04-12 00:36 - 000000000 ____D C:\Windows\INF
2018-11-13 20:37 - 2018-08-07 09:59 - 000000000 ____D C:\Users\Petr\AppData\Local\Packages
2018-11-13 16:05 - 2018-08-07 12:54 - 000000000 ____D C:\Users\Petr\AppData\Roaming\TS3Client
2018-11-13 16:00 - 2018-08-07 09:46 - 000000000 ____D C:\Windows\system32\SleepStudy
2018-11-13 15:40 - 2018-04-12 00:38 - 000000000 ___HD C:\Program Files\WindowsApps
2018-11-13 15:40 - 2018-04-12 00:38 - 000000000 ____D C:\Windows\AppReadiness
2018-11-13 15:35 - 2018-08-09 20:26 - 000000000 ___RD C:\Users\Petr\OneDrive - SPŠ stavební Liberec
2018-11-13 15:34 - 2018-08-07 09:59 - 000000000 __SHD C:\Users\Petr\IntelGraphicsProfiles
2018-11-13 15:34 - 2018-04-12 00:30 - 000000000 ____D C:\Windows\CbsTemp
2018-11-08 17:04 - 2018-08-08 10:51 - 000003376 _____ C:\Windows\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3530969050-2372270893-3854167380-1001
2018-11-08 17:04 - 2018-08-07 10:06 - 000000000 ___RD C:\Users\Petr\OneDrive
2018-11-08 17:04 - 2018-08-07 09:58 - 000002388 _____ C:\Users\Petr\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2018-10-28 09:50 - 2018-08-13 20:57 - 000000000 ____D C:\Program Files (x86)\Rockstar Games
2018-10-28 09:49 - 2018-08-13 20:57 - 000000000 ____D C:\Program Files\Rockstar Games
2018-10-27 17:42 - 2018-08-13 17:44 - 000002301 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-10-27 17:42 - 2018-08-13 17:44 - 000002260 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-10-23 21:24 - 2018-08-07 09:46 - 000000000 ____D C:\Windows\system32\Drivers\wd
2018-10-22 20:23 - 2018-04-12 00:38 - 000000000 ____D C:\Program Files\Common Files\microsoft shared
2018-10-20 11:10 - 2018-08-27 17:03 - 000015507 _____ C:\Users\Petr\AppData\Roaming\WinSCP.ini
2018-10-20 11:10 - 2018-08-27 17:03 - 000000600 _____ C:\Users\Petr\AppData\Roaming\winscp.rnd
2018-10-17 18:40 - 2018-08-07 12:52 - 000559880 ____N (Microsoft Corporation) C:\Windows\system32\MpSigStub.exe
2018-10-15 21:48 - 2018-08-07 10:06 - 000000000 ____D C:\ProgramData\Packages
==================== Files in the root of some directories =======
2018-08-27 17:03 - 2018-10-20 11:10 - 000015507 _____ () C:\Users\Petr\AppData\Roaming\WinSCP.ini
2018-08-27 17:03 - 2018-10-20 11:10 - 000000600 _____ () C:\Users\Petr\AppData\Roaming\winscp.rnd
==================== Bamital & volsnap ======================
(There is no automatic fix for files that do not pass verification.)
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
LastRegBack: 2018-08-07 09:46
==================== End of FRST.txt ============================
Log z Addition:
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11.11.2018
Ran by Petr (13-11-2018 21:57:35)
Running from C:\Users\Petr\Desktop
Windows 10 Home Version 1803 17134.345 (X64) (2018-08-07 08:49:13)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-3530969050-2372270893-3854167380-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-3530969050-2372270893-3854167380-503 - Limited - Disabled)
defaultuser0 (S-1-5-21-3530969050-2372270893-3854167380-1000 - Limited - Disabled)
Guest (S-1-5-21-3530969050-2372270893-3854167380-501 - Limited - Disabled)
Petr (S-1-5-21-3530969050-2372270893-3854167380-1001 - Administrator - Enabled) => C:\Users\Petr
WDAGUtilityAccount (S-1-5-21-3530969050-2372270893-3854167380-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
FW: ZoneAlarm Free Firewall Firewall (Enabled) {8D637332-9C08-995E-98D7-8237936B0E9F}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
ACA & MEP 2018 Object Enabler (HKLM\...\{28B89EEF-1004-0000-5102-CF3F3A09B77D}) (Version: 8.0.40.0 - Autodesk) Hidden
ACAD Private (HKLM\...\{28B89EEF-1001-0000-3102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3038 - Acer Incorporated)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3025 - Acer Incorporated)
Adobe Flash Player 31 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 31.0.0.108 - Adobe Systems Incorporated)
Akamai NetSession Interface (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\Akamai) (Version: - Akamai Technologies, Inc)
Assassin's Creed III (HKLM-x32\...\Uplay Install 54) (Version: - Ubisoft)
Assassin's Creed IV Black Flag (HKLM-x32\...\Uplay Install 273) (Version: - Ubisoft)
AutoCAD 2018 – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-2102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 (HKLM\...\{28B89EEF-1001-0000-0102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
AutoCAD 2018 Language Pack – Čeština (Czech) (HKLM\...\{28B89EEF-1001-0405-1102-CF3F3A09B77D}) (Version: 22.0.49.0 - Autodesk) Hidden
Autodesk Advanced Material Library Image Library 2018 (HKLM-x32\...\{177AD7F6-9C77-4E50-BA53-B7259C5F282D}) (Version: 16.11.1.0 - Autodesk)
Autodesk App Manager 2016-2018 (HKLM-x32\...\{20EC0CA2-346E-4660-9903-51B278DF15F6}) (Version: 2.4.0 - Autodesk)
Autodesk AutoCAD 2018 – Čeština (Czech) (HKLM\...\AutoCAD 2018 – Čeština (Czech)) (Version: 22.0.49.0 - Autodesk)
Autodesk AutoCAD Performance Feedback Tool 1.2.8 (HKLM-x32\...\{214D3370-746E-4886-8EAA-5769EB87D044}) (Version: 1.2.8.0 - Autodesk)
Autodesk License Service (x64) - 5.1.4 (HKLM\...\{3609A8D9-FC0C-4C9B-9F58-0B1D1A4FE556}) (Version: 5.1.4.0 - Autodesk)
Autodesk Material Library 2018 (HKLM-x32\...\{7847611E-92E9-4917-B395-71C91D523104}) (Version: 16.11.1.0 - Autodesk)
Autodesk Material Library Base Resolution Image Library 2018 (HKLM-x32\...\{FCDED119-A969-4E48-8A32-D21AD6B03253}) (Version: 16.11.1.0 - Autodesk)
Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
Epic Games Launcher (HKLM-x32\...\{E7B62E3F-0F70-4119-89A2-28DE1C3873CC}) (Version: 1.1.163.0 - Epic Games, Inc.)
Epic Games Launcher Prerequisites (x64) (HKLM\...\{66C5838F-B854-4A55-89E6-A6138747A4DF}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.77 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP ePrint SW (HKLM-x32\...\{cdb5f70f-5107-4613-bf69-15de903b5b5d}) (Version: 5.5.22560 - HP Inc.)
Check Point SBA (HKLM\...\{85A0CE49-6563-4208-86CC-B4297B836283}) (Version: 86.4.4023 - Check Point Software Technologies Ltd.) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 22.20.16.4815 - Intel Corporation)
Java 8 Update 181 (64-bit) (HKLM\...\{26A24AE4-039D-4CA4-87B4-2F64180181F0}) (Version: 8.0.1810.13 - Oracle Corporation)
Launcher Prerequisites (x64) (HKLM-x32\...\{c6c5a357-c7ca-4a5f-9789-3bb1af579253}) (Version: 1.0.0.0 - Epic Games, Inc.) Hidden
Malwarebytes verze 3.6.1.2711 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.6.1.2711 - Malwarebytes)
Microsoft Office 365 ProPlus - cs-cz (HKLM\...\O365ProPlusRetail - cs-cz) (Version: 16.0.9126.2295 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24215 (HKLM-x32\...\{d992c12e-cab2-426f-bde3-fb8c53950b0d}) (Version: 14.0.24215.1 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24212 (HKLM-x32\...\{462f63a8-6347-4894-a1b3-dbfe3a4c981d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.9126.2295 - Microsoft Corporation) Hidden
Počítačová aplikace Autodesk (HKLM-x32\...\Autodesk Desktop App) (Version: 7.0.4.332 - Autodesk)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8378 - Realtek Semiconductor Corp.)
Roblox Player for Petr (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\{373B1718-8CC5-4567-8EE2-9033AD08A680}) (Version: - Roblox Corporation)
Rockstar Games Social Club (HKLM-x32\...\Rockstar Games Social Club) (Version: 1.2.4.1 - Rockstar Games)
Speciální aplikace Autodesk 2016-2018 (HKLM-x32\...\{384C4B74-B749-4AB6-9367-4D51A6AA9CB8}) (Version: 2.4.0 - Autodesk)
TeamSpeak 3 Client (HKLM\...\TeamSpeak 3 Client) (Version: 3.1.10 - TeamSpeak Systems GmbH)
TeamSpeak 3 Client (HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\...\TeamSpeak 3 Client) (Version: 3.1.9 - TeamSpeak Systems GmbH)
TruckersMP Launcher 1.0.0.4 (HKLM\...\{A227B892-C548-4490-9C5D-DB341F8194A6}_is1) (Version: 1.0.0.4 - TruckersMP Team)
Uplay (HKLM-x32\...\Uplay) (Version: 70.0 - Ubisoft)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.4 - VideoLAN)
Vulkan Run Time Libraries 1.0.54.1 (HKLM\...\VulkanRT1.0.54.1) (Version: 1.0.54.1 - LunarG, Inc.) Hidden
Watch_Dogs (HKLM-x32\...\Uplay Install 274) (Version: - Ubisoft)
ZoneAlarm Anti-Ransomware (HKLM-x32\...\{0B8C3231-9818-4CB9-8213-4AB839836791}) (Version: 1.001.0534 - Check Point Software) Hidden
ZoneAlarm Firewall (HKLM-x32\...\{6F277433-5A52-4DC5-AA23-ECE8FD045EBD}) (Version: 15.4.062.17802 - Check Point Software Technologies Ltd.) Hidden
ZoneAlarm Free Firewall (HKLM-x32\...\ZoneAlarm Free Firewall) (Version: 15.4.062.17802 - Check Point)
ZoneAlarm Security (HKLM-x32\...\{37F2A556-851C-46BA-BDD4-48745E7A106B}) (Version: 15.4.062.17802 - Check Point Software Technologies Ltd.) Hidden
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
CustomCLSID: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{9AAF0EB6-42D8-46C1-A2EF-679511B37A0D}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{B6EB585B-B467-4E46-A9C7-48D7D6FD26CB}\localserver32 -> C:\Program Files\Autodesk\AutoCAD 2018\acad.exe (Autodesk, Inc.)
CustomCLSID: HKU\S-1-5-21-3530969050-2372270893-3854167380-1001_Classes\CLSID\{E2C40589-DE61-11ce-BAE0-0020AF6D7005}\InprocServer32 -> C:\Program Files\Autodesk\AutoCAD 2018\cs-CZ\acadficn.dll (Autodesk, Inc.)
ShellIconOverlayIdentifiers: [AutoCAD Digital Signatures Icon Overlay Handler] -> {36A21736-36C2-4C11-8ACB-D4136F2B57BD} => C:\Windows\system32\AcSignIcon.dll [2017-02-03] (Autodesk, Inc.)
ContextMenuHandlers1: [AcShellExtension.AcContextMenuHandler] -> {2E7A2C6C-B938-40a4-BA1C-C7EC982DC202} => C:\Program Files\Common Files\Autodesk Shared\AcShellEx\AcShellExtension.dll [2017-02-03] (Autodesk)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\Windows\System32\DriverStore\FileRepository\igdlh64.inf_amd64_ab736fe7f232ee1e\igfxDTCM.dll [2017-11-13] (Intel Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-09-19] (Malwarebytes)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {087FCCB0-1B36-48BC-8082-7F43D2FF2E40} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {15047319-D736-443F-9656-8FC891D52623} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {21CC9ABD-8C0A-4860-8902-9298C7448AD9} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-22] (Microsoft Corporation)
Task: {2360D5E2-BE85-4BB6-B042-3324E20368F1} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2018-03-09] (Acer Incorporated)
Task: {29C54487-41A1-4D8C-B3C4-662400BCFCCA} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-05-24] ()
Task: {33C362CC-5F07-4CC8-82CE-458F8EF6F6DC} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentLogOn2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-22] (Microsoft Corporation)
Task: {3978B705-8F5D-4A5A-AAEC-B5D479FF1723} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2017-05-24] (Acer Incorporated)
Task: {3EE1F44F-9722-4287-8B68-6A5BACB207E2} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-13] (Google Inc.)
Task: {48C807D1-5790-4CD2-BDF5-88C72E4E484D} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-10-22] (Microsoft Corporation)
Task: {65242AD6-0A53-40AD-9195-A287287265D3} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2018-05-28] ()
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\Windows\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {6B85CCAD-594B-4F30-BEF1-A0887DD60B67} - System32\Tasks\RTKCPL => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-28] (Realtek Semiconductor)
Task: {6EF53B49-DCA3-430D-AE32-021D94899B35} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2017-05-24] ()
Task: {76E0FD63-F224-4BB8-A9A9-EC0A430398E9} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2018-03-09] (Acer Incorporated)
Task: {818F7B0F-CE21-4185-AF15-C9041A82EA45} - System32\Tasks\HPEA3JOBS => C:\Program [Argument = Files\HP\HP ePrint\hpeprint.exe /CheckJobs]
Task: {81FA23C5-E7AF-4D76-95EB-62AF9313AF1B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {CE06607E-733E-4E7A-AA63-3D667AFBC034} - System32\Tasks\Microsoft\Office\Office Automatic Updates => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-09-29] (Microsoft Corporation)
Task: {D058C289-D087-4745-94F4-34E0694491C6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_31_0_0_108_pepper.exe [2018-10-05] (Adobe Systems Incorporated)
Task: {D69A1D56-3A51-43AB-A138-F6C454515F78} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {DB1D340E-7DAB-4A01-9951-131092C52FA1} - System32\Tasks\RtHDVBg_ASC => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [2018-03-28] (Realtek Semiconductor)
Task: {DCF92235-5C42-4E6C-B381-C9940FFA320D} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-08-13] (Google Inc.)
Task: {E179051C-4097-4173-92B6-A3A6726BCBAF} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-10-22] (Microsoft Corporation)
Task: {F2696582-303F-4EB2-898E-4702EB14E628} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-23] (Microsoft Corporation)
Task: {FBF8B991-954F-4059-B7BC-378CAC09E8D3} - System32\Tasks\Microsoft\Office\OfficeTelemetryAgentFallBack2016 => C:\Program Files (x86)\Microsoft Office\root\Office16\msoia.exe [2018-10-22] (Microsoft Corporation)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2016-02-15 20:01 - 2016-02-15 20:01 - 000031256 _____ () C:\Windows\System32\us008lm.dll
2018-03-28 02:10 - 2018-03-28 02:10 - 000205808 _____ () C:\Windows\system32\cAVS\Intel(R) Audio Service\DetectionVerificationDrv.dll
2018-03-28 02:10 - 2018-03-28 02:10 - 000394688 _____ () C:\Windows\system32\cAVS\Intel(R) Audio Service\WppLoggerDll.dll
2018-10-17 18:39 - 2018-11-03 12:20 - 002695360 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-10-09 22:50 - 2018-09-20 04:38 - 002185728 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-05-28 19:00 - 2018-05-28 19:00 - 004696880 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2018-10-15 21:47 - 2018-10-15 21:47 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-13 15:38 - 2018-11-13 15:39 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-13 15:38 - 2018-11-13 15:39 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-11-13 15:38 - 2018-11-13 15:39 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-11-13 15:38 - 2018-11-13 15:39 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll
2018-11-13 15:38 - 2018-11-13 15:39 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-11-13 15:38 - 2018-11-13 15:39 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-11-13 15:39 - 2018-11-13 15:40 - 000478720 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
2018-11-13 15:39 - 2018-11-13 15:40 - 066031104 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.dll
2018-11-13 15:39 - 2018-11-13 15:40 - 000010752 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RenderingPlugin.dll
2018-08-08 11:02 - 2018-08-08 11:10 - 002523136 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\UnityEngineDelegates.dll
2018-11-13 15:39 - 2018-11-13 15:40 - 003715072 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngineCSWrapper.dll
2018-11-13 15:39 - 2018-11-13 15:40 - 000036352 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\WinMLWrapper.UWP.dll
2018-08-21 00:42 - 2018-08-21 00:44 - 002480640 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_imgproc320.dll
2018-08-21 00:42 - 2018-08-21 00:44 - 002280960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\opencv_core320.dll
2018-08-08 11:02 - 2018-08-08 11:10 - 002283008 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\TrackingDLLUWP.dll
2018-11-13 15:39 - 2018-11-13 15:40 - 014097920 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\PhotosApp.Windows.dll
2018-11-13 15:39 - 2018-11-13 15:40 - 003569152 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\MediaEngine.dll
2018-11-13 15:39 - 2018-11-13 15:40 - 002863616 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\AppCore.Windows.dll
2018-08-29 21:01 - 2018-08-29 21:03 - 000973312 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\RuntimeConfiguration.dll
2018-08-08 11:02 - 2018-08-08 11:10 - 004584960 _____ () C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2018.18091.17210.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-27 17:42 - 2018-10-23 22:24 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libglesv2.dll
2018-10-27 17:42 - 2018-10-23 22:24 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.77\libegl.dll
2018-11-08 17:04 - 2018-11-08 17:04 - 000194048 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-11-08 17:04 - 2018-11-08 17:04 - 002538056 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-11-08 17:04 - 2018-11-08 17:04 - 001754112 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11810.1001.12.0_x64__8wekyb3d8bbwe\Microsoft.Membership.MeControl.dll
2018-11-13 15:38 - 2018-11-13 15:38 - 000015872 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingApplication.exe
2018-11-13 15:38 - 2018-11-13 15:38 - 010048000 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingApplication.dll
2018-11-13 15:38 - 2018-11-13 15:38 - 002338304 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingNativeBase.dll
2018-11-13 15:38 - 2018-11-13 15:38 - 004602880 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingNativeCore.dll
2018-11-13 15:38 - 2018-11-13 15:38 - 000787456 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingEntityExtractionProxy.dll
2018-11-13 15:38 - 2018-11-13 15:38 - 000496128 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\MessagingNativeStubExternal.dll
2018-11-13 15:38 - 2018-11-13 15:38 - 003867872 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-04-12 16:53 - 2018-04-12 16:53 - 002108416 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\Microsoft.People.AutoSuggest.dll
2018-04-12 16:53 - 2018-04-12 16:53 - 000258560 _____ () C:\Program Files\WindowsApps\Microsoft.Messaging_4.1810.2922.0_x64__8wekyb3d8bbwe\StoreRatingPromotion.dll
2018-03-20 08:49 - 2018-03-20 08:49 - 000035064 _____ () c:\program files (x86)\checkpoint\endpoint security\tpcommon\cipolla\sbacipollasrvhost.exe
2018-05-30 17:13 - 2018-05-30 17:13 - 000045936 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\Cipolla\ZAARUpdateService.exe
2018-09-05 22:17 - 2017-01-06 06:53 - 000061944 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_Service-head.dll
2018-09-05 22:17 - 2017-01-06 06:53 - 000110584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson0.dll
2018-09-05 22:17 - 2013-09-23 18:52 - 000043912 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\QtSolutions_MFCMigrationFramework_Ad_2.dll
2018-09-05 22:17 - 2015-11-05 13:07 - 000052224 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qoauth_Ad_1.dll
2018-09-05 22:17 - 2015-11-05 13:07 - 000195584 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qjson_Ad_0.dll
2018-09-05 22:17 - 2015-11-05 13:07 - 000742400 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\qca_Ad_2.dll
2018-09-05 22:17 - 2017-01-06 06:25 - 000280488 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\cs-CZ\AdWingManRes.dll
2018-09-05 22:17 - 2015-09-08 07:31 - 040640808 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libcef.dll
2018-09-05 22:17 - 2014-09-03 01:29 - 000912384 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libglesv2.dll
2018-09-05 22:17 - 2014-09-03 01:29 - 000134144 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\libegl.dll
2018-09-05 22:17 - 2014-09-03 01:29 - 000950272 _____ () C:\Program Files (x86)\Autodesk\Autodesk Desktop App\acwebbrowser\ffmpegsumo.dll
2018-03-22 19:42 - 2018-03-22 19:42 - 000153336 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\TPCommon\TPCommonCLI.dll
2015-07-20 11:26 - 2015-07-20 11:26 - 001058320 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\EFR\CloudServices.dll
2018-03-22 19:42 - 2018-03-22 19:42 - 000096504 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\RemediationProxyWrapperLib.dll
2018-03-22 19:42 - 2018-03-22 19:42 - 000063224 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\FileOperationsWrapperLib.dll
2018-03-22 19:42 - 2018-03-22 19:42 - 000059128 _____ () C:\Program Files (x86)\CheckPoint\Endpoint Security\Remediation\FileOperationsLib.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
AlternateDataStreams: C:\Users\Public\Shared Files:VersionCache [472]
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vsmon => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\Software\Classes\.scr: AutoCADScriptFile => C:\Windows\system32\notepad.exe "%1"
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2018-04-12 00:38 - 2018-04-12 00:36 - 000000824 _____ C:\Windows\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-3530969050-2372270893-3854167380-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Petr\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 8.8.8.8
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is disabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{7E0CE83B-7680-4290-AA50-1509A72FE5DB}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{B56008C9-59CA-41CD-B1D1-C62D0FE3C7C3}] => (Allow) E:\Steam\Steam.exe
FirewallRules: [{94D5E23F-88BD-49E5-A60E-DFC7C66AC8A3}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [{11F920C0-0604-4A26-AD08-EB89F502232A}] => (Allow) E:\Steam\bin\cef\cef.win7\steamwebhelper.exe
FirewallRules: [TCP Query User{0FF1FF10-32CA-45C1-97EC-8CD7FBFD857E}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [UDP Query User{D9F415D5-90EB-403F-8D37-416A23F405A5}C:\program files\java\jre1.8.0_181\bin\javaw.exe] => (Allow) C:\program files\java\jre1.8.0_181\bin\javaw.exe
FirewallRules: [{CF3E911B-5D86-4449-B18B-2DD831BFD928}] => (Allow) E:\Steam\steamapps\common\Pillage\Pillage.exe
FirewallRules: [{4231D716-1AC1-4E27-904C-81D0F17186D4}] => (Allow) E:\Steam\steamapps\common\Pillage\Pillage.exe
FirewallRules: [TCP Query User{4D2D899F-0114-41A0-B715-EECD8366C268}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{EF2950D1-EC35-462E-B69E-94F484B982F7}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [{F106810C-A33C-449A-BC0E-4A1248A0BA0F}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [{29CB0DF4-081F-4236-9FFF-D080A803F7DA}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
FirewallRules: [TCP Query User{4582244D-3A97-4AA7-9F85-9B38E36C593C}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [UDP Query User{63476418-B3BD-408A-93B2-BF98625CEC30}E:\steam\steamapps\common\grand theft auto v\gta5.exe] => (Allow) E:\steam\steamapps\common\grand theft auto v\gta5.exe
FirewallRules: [TCP Query User{79695020-15D9-44B2-A3E1-6FDC4B9226B0}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{4E08CBCD-32A4-42D1-9DDA-BE45136BF0D0}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [TCP Query User{16A9A28D-BE54-413B-B5DD-F6A35785822E}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [UDP Query User{E7976988-A9D7-4C9B-92D0-97C79929C93D}E:\world_of_tanks\worldoftanks.exe] => (Allow) E:\world_of_tanks\worldoftanks.exe
FirewallRules: [{2352E6B4-FDC8-4A59-B8F0-CC1227AB1FC6}] => (Allow) E:\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{0B96FB69-8B57-4828-B94C-D6A22A7F5475}] => (Allow) E:\Steam\steamapps\common\wallpaper_engine\launcher.exe
FirewallRules: [{32E6B854-B3C9-42EF-97F7-04BCA2544DEC}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{23CC4593-5D13-4199-860C-62E4E1AB58A9}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{0EDB17AA-18FC-4935-A94F-E952E13CE5CB}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{A98B4952-B1A8-4EF7-8F2F-FA330A385638}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6483FBA7-F45E-4921-94CA-23597D4FCAA1}] => (Allow) E:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [{6DA84359-EF53-49CD-BEC5-7C16B7919F2F}] => (Allow) E:\Steam\steamapps\common\Robocraft\Robocraft.exe
FirewallRules: [TCP Query User{87CFB4AB-7718-40D1-9396-7C05433948D0}E:\steam\steamapps\common\robocraft\robocraftclient.exe] => (Allow) E:\steam\steamapps\common\robocraft\robocraftclient.exe
FirewallRules: [UDP Query User{15ECFC18-15FE-45C2-966F-A9AEB9924E54}E:\steam\steamapps\common\robocraft\robocraftclient.exe] => (Allow) E:\steam\steamapps\common\robocraft\robocraftclient.exe
FirewallRules: [{0903CE3B-B81C-416E-99C7-73A987E37399}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [{0881D597-F501-4947-84B0-5356FD1858F6}] => (Allow) E:\Steam\bin\cef\cef.win7x64\steamwebhelper.exe
FirewallRules: [TCP Query User{1B35C2AA-E32C-4A68-8ECE-9C8A513E024E}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [UDP Query User{B7262650-E407-4FCA-ACC7-16E65D3C99FA}E:\world_of_tanks\wotlauncher.exe] => (Allow) E:\world_of_tanks\wotlauncher.exe
FirewallRules: [{F731C650-8D58-4034-A7AA-390FE7CD8323}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{B779B572-DFBA-47E2-90BA-AB8898C9C53E}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{97849ABA-B151-4F0C-B00D-2727C8040DBE}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{5AD3FD57-4B98-4DEC-A0DD-CFC3E2916593}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [TCP Query User{B4EB75B1-B17F-4110-959B-EDF4483C2883}C:\users\petr\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\petr\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{6DAFEE06-959D-483D-924A-E5EFB7234E04}C:\users\petr\appdata\local\akamai\netsession_win.exe] => (Allow) C:\users\petr\appdata\local\akamai\netsession_win.exe
FirewallRules: [{8CC74015-CCED-4DB9-86BF-04FB8D66BB7E}] => (Allow) LPort=52124
FirewallRules: [{1FE2F70E-6611-472E-86C1-6891DB185513}] => (Allow) LPort=5000
FirewallRules: [TCP Query User{DB09FCA4-5D82-4389-A8AE-31CE4E92C894}C:\users\petr\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petr\appdata\local\akamai\netsession_win.exe
FirewallRules: [UDP Query User{927A5988-884C-44C0-A67E-956B1C5F738D}C:\users\petr\appdata\local\akamai\netsession_win.exe] => (Block) C:\users\petr\appdata\local\akamai\netsession_win.exe
FirewallRules: [TCP Query User{FD61BD5D-911E-423B-85FB-ADB98CBF0FC2}E:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [UDP Query User{A2D8F2FB-D84C-4EAF-BFC5-5FC22CC84B3E}E:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe] => (Allow) E:\epicgames\epic games\launcher\portal\binaries\win32\epicgameslauncher.exe
FirewallRules: [TCP Query User{EAB6FF34-A7A6-48C0-B635-C5C9857B15B6}E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{958DFDBC-32F9-4094-A774-6C94A2DA5491}E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [TCP Query User{24359A72-E93D-43A5-A408-80F964EF9B78}E:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [UDP Query User{0854D938-3A1C-4AC2-AA6F-7A7AB8C66513}E:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe] => (Allow) E:\fortnite\fortnite\fortnitegame\binaries\win64\fortniteclient-win64-shipping.exe
FirewallRules: [{D0C7D769-41B5-4856-AEC2-E51B239C8D1C}] => (Allow) E:\uplay\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [{95A861E4-7357-4DB6-8526-90AB93FD9F76}] => (Allow) E:\uplay\Ubisoft Game Launcher\games\Watch_Dogs\bin\watch_dogs.exe
FirewallRules: [TCP Query User{3428CCB9-AF9F-44D9-9DB4-E116DD311ABC}E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [UDP Query User{A29CA023-836F-43DD-B38A-2141651CC511}E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe] => (Allow) E:\epicgames\epic games\launcher\portal\binaries\win64\epicgameslauncher.exe
FirewallRules: [{0CCA7E0C-1C1F-4598-A725-75B1222E8761}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{B02069D4-FCBC-4E09-B107-43CA29683ACC}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe
FirewallRules: [{22D8E06D-C807-44D7-80C9-4224D191041A}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{C5593509-6532-4CC6-9BAD-074514D84A06}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{D83A693C-20FF-4A5B-A411-75D22B765AF8}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F6E03BFA-95FB-4246-A1BA-2B8071CFAFEA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B6DD1A46-BDD9-4C18-9B5D-36F7EFA49D39}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{389B4C17-0199-4D7C-844F-98BE680F8A7B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{F405A330-A182-4C7D-B04F-50F0584D13FC}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7DC1EBA9-EEE7-49CE-91A1-F241FF91CE4B}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{A386F125-9FB1-4F23-84DB-5A3013B8E176}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{02ED4343-8CB8-4F10-ABDF-99AA37A81D82}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.91.183.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{29E1B75F-A0F5-4654-9655-BDD04D0C33F4}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{3D1B114D-D204-440B-8228-12DD86B2D198}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{9392BFD0-3D4B-4AC3-A8E0-F6EF6E772435}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\Lync.exe
FirewallRules: [{52820B76-6EE5-4129-BD68-02B65F994148}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A8ABA371-3895-4863-8AAC-DE75EAAE4F70}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\UcMapi.exe
FirewallRules: [{A11EE622-A5FB-4325-A542-460771F369DB}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{B586009E-1DA5-44E8-B09E-EFB825983BD3}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9932E035-8FB3-4AA9-9E35-0664ACBD4ED6}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{9A1C4929-DF89-423C-A3A1-6DB05B0BD25D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{7D1EFA3F-E86D-4EC8-82E2-A50ECBABFEFA}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0D5CEEF6-51D9-4AE3-AF0F-8FDA88EA5219}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{DE8453E4-AC74-43B7-9EF0-B74F15296C4D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B9EEE518-94C7-4764-950E-BB7B94262C29}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B4082EA4-D7B3-44F7-8605-21F8095A61BF}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{8C504226-858C-4522-B45F-3D81B3CD2D13}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{BB93AFEE-3B84-489A-A21E-C1F56F4547DD}] => (Allow) E:\Steam\steamapps\common\Grand Theft Auto V\GTAVLauncher.exe
FirewallRules: [{8B7D43CC-DDEC-46CF-A389-6ACB9383A83A}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{2D768867-9C1E-48C0-80AF-E05A5D14F15B}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x64\eurotrucks2.exe
FirewallRules: [{BBF99A7D-6146-47DC-B260-2D132ACE46A3}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{D91FDB58-C694-4B27-A5A9-5802881AF9A0}] => (Allow) E:\Steam\steamapps\common\Euro Truck Simulator 2\bin\win_x86\eurotrucks2.exe
FirewallRules: [{6CC2D1CD-BCF3-4F1A-B366-5672A3400152}] => (Allow) E:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe
FirewallRules: [{D01F26C4-F339-41EC-8E4E-26A307BEA696}] => (Allow) E:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe
FirewallRules: [{F327E948-F590-4858-B0E9-83C033AFCAB8}] => (Allow) E:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe
FirewallRules: [{A288E3B4-E322-467D-893C-7578671522E2}] => (Allow) E:\Steam\steamapps\common\wallpaper_engine\bin\diagnostics32.exe
FirewallRules: [{AC4E905B-2748-4220-8B27-1C3C44D1AE20}] => (Allow) E:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{F5C54EC0-EACE-4041-97E6-143EC543B0FE}] => (Allow) E:\Steam\steamapps\common\BattleBlock Theater\BattleBlockTheater.exe
FirewallRules: [{FD5706BE-80FC-45CD-BFB3-742E139F856D}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{7781C2CC-7969-48CB-8B37-23C6C2B5F40E}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{755CB8B5-C17D-4498-A472-C68B1C6C9568}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
FirewallRules: [{C3E8DE65-6F57-4EC3-B037-D297EBABB6A4}] => (Allow) C:\Program Files (x86)\CheckPoint\ZoneAlarm\vsmon.exe
==================== Restore Points =========================
19-10-2018 20:07:28 Instalační služba modulů systému Windows
21-10-2018 08:17:36 Instalační služba modulů systému Windows
27-10-2018 18:17:38 Instalační služba modulů systému Windows
29-10-2018 10:15:07 Instalační služba modulů systému Windows
03-11-2018 11:16:00 Instalační služba modulů systému Windows
04-11-2018 20:16:10 Instalační služba modulů systému Windows
13-11-2018 21:10:16 Windows Update
==================== Faulty Device Manager Devices =============
Name: Detection Verification
Description: Detection Verification
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.
==================== Event log errors: =========================
Application errors:
==================
Error: (11/13/2018 09:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 22579
Error: (11/13/2018 09:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 22579
Error: (11/13/2018 09:18:24 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/13/2018 09:18:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 20844
Error: (11/13/2018 09:18:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 20844
Error: (11/13/2018 09:18:22 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (11/13/2018 09:18:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 19079
Error: (11/13/2018 09:18:20 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 19079
System errors:
=============
Error: (11/13/2018 04:26:31 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 04:06:43 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1BAQ5EU)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1BAQ5EU\Petr (SID: S-1-5-21-3530969050-2372270893-3854167380-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 03:37:45 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 03:35:28 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1BAQ5EU)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1BAQ5EU\Petr (SID: S-1-5-21-3530969050-2372270893-3854167380-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací SpotifyAB.SpotifyMusic_1.92.390.0_x86__zpdnekdrzrea0 – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 03:35:12 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-1BAQ5EU)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli DESKTOP-1BAQ5EU\Petr (SID: S-1-5-21-3530969050-2372270893-3854167380-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 03:34:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 03:34:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{6B3B8D23-FA8D-40B9-8DBD-B950333E2C52}
a APPID
{4839DDB7-58C2-48F5-8283-E1D1807D0D7D}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (11/13/2018 03:34:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-10-29 10:06:58.916
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {12190800-ED65-4314-A7E8-CDD94A15C66D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-10-29 09:59:21.287
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CA3E3CF0-DA08-44D9-9164-B7DB52E198AD}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-10-27 20:24:51.041
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {CDBC4125-060C-443C-B90B-2D56B58529FB}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2018-10-21 09:06:51.337
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo podezřelé chování.
Název: Informational:Behavior/ModifiedKernel
ID: 2001870135
Závažnost: Nízké
Kategorie: Podezřelé chování
Nalezená cesta: process:_0
Původ zjištění: Neznámý
Typ zjištění: Podezřelý
Zdroj zjištění: Ochrana v reálném čase
Stav: Provádění
Uživatel: Unknown\Unknown
Název procesu: Unknown
ID podpisu: 717259538435
Verze podpisu: AV: 1.279.208.0, AS: 1.279.208.0
Verze modulu: 1.1.15400.4
Štítek věrnosti: Nízké
Název cílového souboru:
Date: 2018-10-21 08:51:18.504
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {2552C967-C99F-4E07-82BD-991B7A00B439}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
CodeIntegrity:
===================================
Date: 2018-11-13 21:37:53.177
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:37:53.175
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:10:44.476
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:10:44.474
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:10:32.912
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:10:32.910
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:10:15.343
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
Date: 2018-11-13 21:10:15.341
Description:
Code Integrity determined that a process (\Device\HarddiskVolume9\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume9\Program Files\Bonjour\mdnsNSP.dll that did not meet the Microsoft signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-8250U CPU @ 1.60GHz
Percentage of memory in use: 49%
Total physical RAM: 8067.6 MB
Available physical RAM: 4068.51 MB
Total Virtual: 10883.6 MB
Available Virtual: 6039.95 MB
==================== Drives ================================
Drive c: () (Fixed) (Total:232.28 GB) (Free:179.04 GB) NTFS
Drive d: (Acer) (Fixed) (Total:588.6 GB) (Free:498.92 GB) NTFS
Drive e: (Uloziste) (Fixed) (Total:341.8 GB) (Free:101.51 GB) NTFS
\\?\Volume{483cf2fa-3fe4-45bd-9f10-fe179ec59f4c}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.59 GB) NTFS
\\?\Volume{56ef905f-6532-47a9-ab14-e865b1ea6fe0}\ (Obnovení) (Fixed) (Total:0.49 GB) (Free:0.47 GB) NTFS
\\?\Volume{bd716a03-9c31-4c2c-89d0-1d9a68212845}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
\\?\Volume{90784aba-de4d-44f6-9279-f9f9693be6e5}\ () (Fixed) (Total:0.09 GB) (Free:0.07 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 3D0A4DAC)
Partition: GPT.
========================================================
Disk: 1 (Size: 232.9 GB) (Disk ID: 464FED47)
Partition: GPT.
==================== End of Addition.txt ============================
Přispějete na provoz fóra?