Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

Prosím o preventivní kontrolu logu

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Zamčeno
Zpráva
Autor
C4P3KD4V1D
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 28 lis 2018 02:37

Prosím o preventivní kontrolu logu

#1 Příspěvek od C4P3KD4V1D »

Ahoj,

prosím Vás o kontrolu dnešního FRST logu - viz níže.
Moc děkuju a zdravím,

David


==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-05-21 22:50

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27.11.2018
Ran by capek (28-11-2018 02:45:45)
Running from C:\Users\capek\Desktop
Windows 10 Home Version 1803 17134.407 (X64) (2018-05-21 22:02:14)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1430255689-644748606-1314969473-500 - Administrator - Disabled)
capek (S-1-5-21-1430255689-644748606-1314969473-1001 - Administrator - Enabled) => C:\Users\capek
DefaultAccount (S-1-5-21-1430255689-644748606-1314969473-503 - Limited - Disabled)
Guest (S-1-5-21-1430255689-644748606-1314969473-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-1430255689-644748606-1314969473-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Acer Care Center (HKLM\...\{1AF41E84-3408-499A-8C93-8891F0612719}) (Version: 2.00.3027 - Acer Incorporated)
Acer Configuration Manager (HKLM-x32\...\{414D554E-4453-454E-0201-000000016258}) (Version: 2.1.16258 - Acer)
Acer Jumpstart (HKLM-x32\...\{4B92BFBE-917D-4FA1-97E9-DB9D91286E90}) (Version: 3.0.18135.100 - Acer)
Acer Quick Access (HKLM\...\{8BBF04F1-C68A-441C-B5EF-446EE9960EAF}) (Version: 2.01.3012 - Acer Incorporated)
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.008.20081 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.25.2001.0 - Acer Incorporated)
App Explorer (HKU\S-1-5-19\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-20\...\Host App Service) (Version: 0.272.1.295 - SweetLabs) <==== ATTENTION
App Explorer (HKU\S-1-5-21-1430255689-644748606-1314969473-1001\...\Host App Service) (Version: 0.273.2.973 - SweetLabs) <==== ATTENTION
DriverSetupUtility (HKLM\...\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}) (Version: 1.00.3019 - Acer Incorporated)
ELAN HIDI2C Filter Driver X64 13.6.9.4_WHQL (HKLM\...\Elantech) (Version: 13.6.9.4 - ELAN Microelectronic Corp.)
FormApps Signing Extension (HKLM-x32\...\{2246B06F-AED2-42BA-A6D7-B72F591C1116}) (Version: 2.19.1.39 - Software602 a.s.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 70.0.3538.110 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
HP LaserJet Pro MFP M127-M128 (HKLM-x32\...\{3b050369-8d19-413d-9dec-84ff278472eb}) (Version: 15.0.15309.1258 - Hewlett-Packard)
HP Photo Creations (HKLM-x32\...\HP Photo Creations) (Version: 1.0.0.7702 - HP)
HP Update (HKLM-x32\...\{912D30CF-F39E-4B31-AD9A-123C6B794EE2}) (Version: 5.005.002.002 - Hewlett-Packard)
HPDXP (HKLM-x32\...\{EF292659-1504-4F78-A737-471E50D8E0A1}) (Version: 3.0.26.40 - HP) Hidden
HPLJDXPHelper (HKLM-x32\...\{010788AB-706E-4604-A46B-6785EAB64B5E}) (Version: 140.069.007 - HP) Hidden
HPLJProMFPM127M128 (HKLM-x32\...\{B5409C23-DE0C-4B48-8C8A-50AE38694955}) (Version: 1.00.0000 - Hewlett-Packard)
HPLJUTCore (HKLM-x32\...\{B445502B-2F83-4873-90F1-06059F71A46A}) (Version: 014.000.0001 - HP) Hidden
HPLJUTM127_128 (HKLM-x32\...\{2C886751-51BD-4A8C-B33A-B4C513AB5B9A}) (Version: 008.000.0001 - HP) Hidden
hppLaserJetService (HKLM-x32\...\{0C4C3664-157A-4D69-B474-31EBF2EE1AE3}) (Version: 009.033.00926 - Hewlett-Packard) Hidden
hppM125LaserJetService (HKLM-x32\...\{18D5B189-DBDD-4E57-A84B-58C7700E9BB0}) (Version: 001.032.00682 - Hewlett-Packard) Hidden
hpStatusAlerts (HKLM-x32\...\{7504A7B0-003E-4875-A454-B627E127E9D9}) (Version: 100.040.00218 - Hewlett Packard) Hidden
hpStatusAlertsM127-M128 (HKLM-x32\...\{10D7EBAF-A550-48CD-8511-7D947184EE44}) (Version: 080.046.00112 - Hewlett-Packard) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{5f5c7829-a6ba-4fc6-9f47-d068f51ed99b}) (Version: 10.1.1.35 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 21.20.16.4599 - Intel Corporation)
Intel(R) Serial IO (HKLM\...\{9FD91C5C-44AE-4D9D-85BE-AE52816B0294}) (Version: 30.100.1631.3 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 3.0.11.1131 - Intel Corporation)
Intel(R) Wireless Bluetooth(R) (HKLM-x32\...\{7FADF1ED-241A-4F82-B8FD-19BD0A82FFA0}) (Version: 19.11.1639.0649 - Intel Corporation)
Intel® PROSet/Wireless Software (HKLM-x32\...\{66614300-cd9b-4a62-8b18-c97e9562dc3e}) (Version: 19.50.0 - Intel Corporation)
Java 8 Update 191 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180191F0}) (Version: 8.0.1910.12 - Oracle Corporation)
LJDXPHelperUI (HKLM-x32\...\{DEB23FB1-04FF-44AC-98B5-EEB243D65A28}) (Version: 140.069.007 - HP) Hidden
Microsoft Office 365 - cs-cz (HKLM\...\O365HomePremRetail - cs-cz) (Version: 16.0.11001.20108 - Microsoft Corporation)
Microsoft OneDrive (HKU\.DEFAULT\...\OneDriveSetup.exe) (Version: 17.3.6743.1212 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-1430255689-644748606-1314969473-1001\...\OneDriveSetup.exe) (Version: 18.192.0920.0015 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{071c9b48-7c32-4621-a0ac-3f809523288f}) (Version: 8.0.56336 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.12.25810 (HKLM-x32\...\{e2ee15e2-a480-4bc5-bfb7-e9803d1d9823}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.12.25810 (HKLM-x32\...\{56e11d69-7cc9-40a5-a4f9-8f6190c4d84d}) (Version: 14.12.25810.0 - Microsoft Corporation)
Microsoft WSE 2.0 SP3 Runtime (HKLM-x32\...\{F3CA9611-CD42-4562-ADAB-A554CF8E17F1}) (Version: 2.0.5050.0 - Microsoft Corp.)
Office 16 Click-to-Run Extensibility Component (HKLM-x32\...\{90160000-008C-0000-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Extensibility Component 64-bit Registration (HKLM\...\{90160000-00DD-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Licensing Component (HKLM\...\{90160000-008F-0000-1000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Office 16 Click-to-Run Localization Component (HKLM-x32\...\{90160000-008C-0405-0000-0000000FF1CE}) (Version: 16.0.11001.20108 - Microsoft Corporation) Hidden
Open XML SDK 2.5 for Microsoft Office (HKLM-x32\...\{3EA16E23-14D2-466A-8268-D7CD40DC46B6}) (Version: 2.5.5631 - Microsoft Corporation)
PS4 Remote Play (HKLM-x32\...\{A8718C73-772B-4EFC-89BB-009596608E39}) (Version: 2.7.0.07270 - Sony Interactive Entertainment Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.14393.21292 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.12.1007.2016 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.8083 - Realtek Semiconductor Corp.)
SDL Trados 2015 - Remove suite of products (HKLM-x32\...\TranslationStudio2015) (Version: 4.0.4809 - SDL)
SDL Trados Legacy Compatibility Module (HKLM-x32\...\{7F8F4AF6-0CE2-46E9-BA14-C55F19968926}) (Version: 2.1.128 - SDL)
SDL Trados Studio 2015 (HKLM-x32\...\{27FA26BF-7D3F-458F-A4FF-3F972177B1DC}) (Version: 4.0.4809 - SDL)
SDL WorldServer Components (HKLM-x32\...\{CF32FB2A-0B13-4D6F-AB9F-9687D855C069}) (Version: 1.0.4809 - SDL)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{C5FDDED7-DEC7-48B4-AFD8-DFB8A0FD199A}) (Version: 2.51.0.0 - Microsoft Corporation)
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0) (Version: 1.0.33.0 - LunarG, Inc.) Hidden
Vulkan Run Time Libraries 1.0.33.0 (HKLM\...\VulkanRT1.0.33.0-2) (Version: 1.0.33.0 - LunarG, Inc.)
WhatsApp (HKU\S-1-5-21-1430255689-644748606-1314969473-1001\...\WhatsApp) (Version: 0.3.1475 - WhatsApp)
WinRAR 5.30 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
Základní software zařízení HP Deskjet 3050 J610 series (HKLM\...\{A74FCB98-0C9F-4D35-8F81-79BD5AA6A88F}) (Version: 28.0.1315.0 - Hewlett-Packard Co.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1430255689-644748606-1314969473-1001_Classes\CLSID\{3faa4380-a399-11cf-a466-00805fe418f6}\InprocServer32 -> C:\Program Files\Autodesk\DWG TrueView 2019 - English\en-US\dwgviewrficn.dll => No File
CustomCLSID: HKU\S-1-5-21-1430255689-644748606-1314969473-1001_Classes\CLSID\{74D0CE91-F931-4FAC-BEA9-EE32E43EAD37}\localserver32 -> C:\Program Files\Autodesk\DWG TrueView 2019 - English\dwgviewr.exe => No File
ContextMenuHandlers1-x32: [TranslationStudioShlExt2011] -> {F6C08E19-DCE1-45B5-A225-E94FADB585DD} => C:\Program Files (x86)\SDL\SDL Trados Studio\Studio4\TranslationStudioExt.dll [2015-06-25] (TODO: <Company name>)
ContextMenuHandlers1-x32: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers1-x32-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\System32\DriverStore\FileRepository\igdlh64.inf_amd64_559585f25e91610d\igfxDTCM.dll [2017-03-01] (Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext64.dll [2015-11-18] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files (x86)\WinRAR\rarext.dll [2015-11-18] (Alexander Roshal)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00113A5E-B5AA-415B-B71D-E9D2E693F568} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-05] (Google Inc.)
Task: {08868A2C-5711-4BBC-AC9A-924D9B30B684} - System32\Tasks\Power Button => C:\Program Files\Acer\Acer Quick Access\ePowerButton_NB.exe [2017-02-15] (Acer Incorporated)
Task: {1601E816-D10E-42FD-BF60-D2823ED183FA} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2018-08-13] (Adobe Systems Incorporated)
Task: {1AE0299F-06A8-4364-91B9-816E6EDF7620} - System32\Tasks\User Boot Experience Task => C:\OEM\Preload\FUBService\FUBService.exe [2015-05-14] ()
Task: {224CBF40-D129-4109-B522-ECDF2D36BD7D} - System32\Tasks\Microsoft\Office\Office Automatic Updates 2.0 => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {23FF6199-0A65-45FF-ACAB-46E26C8F95FF} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-capek.david@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe
Task: {2DE81910-A4F6-49B1-B30A-8C7F341C508C} - System32\Tasks\App Explorer => C:\Users\capek\AppData\Local\Host App Service\Engine\HostAppServiceUpdater.exe [2018-11-16] (SweetLabs, Inc) <==== ATTENTION
Task: {4D994C08-9A44-41BF-9EF7-BE1FCFB24E7B} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {4E544C3C-79E8-4AE6-8FB5-EAF3A4C54F9D} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerLogon => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {4FB1A99B-B81E-48CB-8002-ED4C6B5800A2} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {53691A12-7E63-4FC5-9A55-434FA2BC135F} - System32\Tasks\Quick Access => C:\Program Files\Acer\Acer Quick Access\QALauncher.exe [2017-02-15] (Acer Incorporated)
Task: {5775961B-2AB6-4858-A20B-3F0052CB1503} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {5C29F13D-1938-4BE7-BE5A-37A222FD0193} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1810.5-0\MpCmdRun.exe [2018-10-22] (Microsoft Corporation)
Task: {5D39809A-8C72-4F7F-AA99-8C23839BA867} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2017-03-20] (Acer Incorporated)
Task: {65B85F6F-35B3-4459-A179-28255D5B7B25} - System32\Tasks\Microsoft\Windows\HelloFace\FODCleanupTask => C:\WINDOWS\System32\WinBioPlugIns\FaceFodUninstaller.exe [2018-04-12] ()
Task: {710F8B4A-2069-4196-8A17-C164E54E4C4A} - System32\Tasks\AdobeGCInvoker-1.0-MicrosoftAccount-capek.david@seznam.cz => C:\Program Files (x86)\Common Files\Adobe\AdobeGCClient\AGCInvokerUtility.exe [2018-09-10] (Adobe Systems, Incorporated)
Task: {718BD096-6240-411E-A6F8-123EF30669AD} - System32\Tasks\Microsoft\Office\Office Feature Updates => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {77E319A1-2AC8-469D-9931-8D94D8C32F9C} - System32\Tasks\Microsoft\Office\Office Subscription Maintenance => C:\Program Files (x86)\Microsoft Office\root\vfs\ProgramFilesCommonx86\Microsoft Shared\Office16\OLicenseHeartbeat.exe [2018-11-16] (Microsoft Corporation)
Task: {7C7E44FC-DD88-4595-8A61-83B624AA63DF} - System32\Tasks\HPLJCustParticipation => C:\Program Files (x86)\HP\HPLJUT\HPLJUTSCH.exe [2014-10-19] (Hewlett Packard)
Task: {8882D479-C887-497C-BFB5-BD27D44ADF63} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {8A7D6D25-462A-4E74-A3F3-8F1B3980BB25} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2017-12-05] (Google Inc.)
Task: {97BEEBBA-6F1E-4D3E-97CD-0C3997D3B724} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [2017-02-15] (Acer Incorporated)
Task: {9F245EBF-A81D-46BF-961C-B86EB5ADCC79} - System32\Tasks\AcerCMUpdateTask2.1.16258 => C:\Program Files (x86)\Acer\Amundsen\2.1.16258\AWC.exe [2016-09-20] ()
Task: {C2D525FC-101A-4D7E-AC1B-088008478CD8} - System32\Tasks\Microsoft\Office\OfficeBackgroundTaskHandlerRegistration => C:\Program Files (x86)\Microsoft Office\root\Office16\officebackgroundtaskhandler.exe [2018-11-16] (Microsoft Corporation)
Task: {CB33D081-894C-4789-BA66-A83B7EAF8883} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe [2017-02-21] ()
Task: {CEB2904C-F91D-4027-9977-2147AB616C75} - System32\Tasks\ACCBackgroundApplication => C:\Program Files (x86)\Acer\Care Center\ACCStd.exe [2017-02-21] ()
Task: {D25DEFCA-54CB-4E0D-9BC7-29E69F841475} - System32\Tasks\Intel PTT EK Recertification => C:\Program Files\Intel\TXE Components\iCLS\IntelPTTEKRecertification.exe [2016-05-24] (Intel(R) Corporation)
Task: {D32CEF2A-945C-4D31-ACCC-A077D8B17CED} - System32\Tasks\Microsoft\Office\Office Feature Updates Logon => C:\Program Files (x86)\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\sdxhelper.exe [2018-11-16] (Microsoft Corporation)
Task: {EAC47A48-360B-4D3D-A72E-E8077FF08EF7} - System32\Tasks\ACCAgent => C:\Program Files (x86)\Acer\Care Center\LiveUpdateAgent.exe [2017-02-21] ()
Task: {F5AAC574-38DD-4181-AEC2-864013998287} - System32\Tasks\Microsoft\Office\Office ClickToRun Service Monitor => C:\Program Files\Common Files\Microsoft Shared\ClickToRun\OfficeC2RClient.exe [2018-11-02] (Microsoft Corporation)
Task: {FFE79267-7033-44D2-A46C-A01B8F34D5C1} - System32\Tasks\Oem\AcerJumpstartTask => C:\Program Files (x86)\Acer\Acer Jumpstart\hermes.exe [2018-09-26] (Acer)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


ShortcutWithArgument: C:\Users\capek\Desktop\FiremnĂ­.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 3"
ShortcutWithArgument: C:\Users\capek\Desktop\OsobnĂ­.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google Inc.) -> --profile-directory="Profile 2"

==================== Loaded Modules (Whitelisted) ==============

2018-04-12 00:34 - 2018-04-12 00:34 - 000491744 _____ () C:\Windows\System32\InputHost.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000472064 _____ () C:\Windows\ShellExperiences\TileControl.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 002759168 _____ () C:\Windows\ShellComponents\TaskFlowUI.dll
2018-11-15 11:23 - 2018-11-01 07:55 - 002185216 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2018-10-22 23:01 - 2018-10-22 23:02 - 000009216 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ImagePipelineNative.dll
2018-11-13 16:49 - 2018-11-13 16:49 - 000060416 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\ChakraBridge.dll
2018-11-13 16:49 - 2018-11-13 16:50 - 000019456 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeProxiesAndStubs.dll
2018-11-13 16:49 - 2018-11-13 16:49 - 010873344 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\LibWrapper.dll
2018-11-13 16:49 - 2018-11-13 16:50 - 002834432 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\skypert.dll
2018-11-13 16:49 - 2018-11-13 16:49 - 000685568 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-11-13 16:49 - 2018-11-13 16:50 - 000183808 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.34.81.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
2018-10-29 21:27 - 2018-10-29 21:27 - 035118592 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Video.UI.exe
2018-10-29 21:27 - 2018-10-29 21:27 - 000290816 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\SharedUI.dll
2018-10-29 21:27 - 2018-10-29 21:27 - 005987328 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntCommon.dll
2017-12-05 21:49 - 2017-12-05 21:51 - 003553704 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-10-29 21:27 - 2018-10-29 21:27 - 009064448 _____ () C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.18082.13811.0_x64__8wekyb3d8bbwe\EntPlat.dll
2017-04-28 15:29 - 2015-05-14 08:10 - 000030976 _____ () C:\OEM\Preload\FUBService\FUBService.exe
2017-02-21 22:26 - 2017-02-21 22:26 - 004645168 _____ () C:\Program Files (x86)\Acer\Care Center\ACCStd.exe
2017-02-21 22:27 - 2017-02-21 22:27 - 006832432 _____ () C:\Program Files (x86)\Acer\Care Center\CareCenter.exe
2017-02-21 22:32 - 2017-02-21 22:32 - 000236336 _____ () C:\Program Files (x86)\Acer\Care Center\ManagedNativeUtilities.dll
2018-11-26 20:41 - 2018-11-16 06:43 - 005020504 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libglesv2.dll
2018-11-26 20:41 - 2018-11-16 06:43 - 000116056 _____ () C:\Program Files (x86)\Google\Chrome\Application\70.0.3538.110\libegl.dll
2018-11-15 11:23 - 2018-11-01 07:55 - 005471232 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIDataModel.dll
2018-04-12 00:34 - 2018-04-12 00:34 - 000047616 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUITelemetry.dll
2018-11-15 11:23 - 2018-11-01 07:56 - 005082112 _____ () C:\Windows\SystemApps\Microsoft.Windows.SecHealthUI_cw5n1h2txyewy\SecHealthUIViewModels.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2016-07-16 12:47 - 2016-07-16 12:45 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1430255689-644748606-1314969473-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Windows\img0.jpg
DNS Servers: 10.111.1.2 - 109.205.75.156
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKU\S-1-5-21-1430255689-644748606-1314969473-1001\...\StartupApproved\Run: => "OneDrive"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{985B329E-FF2A-4D73-92EB-9FC52922DB51}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\EWSProxy.exe
FirewallRules: [{F21C172E-C76C-468A-A252-8D0C0F1E4197}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{285F8DD0-63EE-42EF-9358-707DB9A1026D}] => (Allow) C:\Program Files (x86)\HP\HP LaserJet Pro MFP M127-M128\bin\FaxApplications.exe
FirewallRules: [{051D03D8-FB8F-4625-9119-F3DE75DFDB13}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\FaxPrinterUtility.exe
FirewallRules: [{201942A5-EA93-4030-B20B-FDB52BB1B5A7}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{37406610-6456-43C0-91C6-BF4DEA3CC3F8}] => (Allow) C:\Program Files\HP\HP LaserJet Pro MFP M127-M128\bin\SendAFax.exe
FirewallRules: [{7DC13C1B-7A3A-4285-8477-B2BF60FD9078}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS6551\HP.EasyStart.exe
FirewallRules: [{D7A2849D-05BF-4D62-922C-FCE9DE08C430}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS228F\HPDiagnosticCoreUI.exe
FirewallRules: [{2665F138-2465-4291-86BC-C68824147191}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS228F\HPDiagnosticCoreUI.exe
FirewallRules: [{04CE2297-B00B-4650-98DF-408D9E084D78}] => (Block) C:\program files (x86)\x-plane 11\x-plane.exe
FirewallRules: [{D9F07217-2D45-4F77-AA68-391199D33DEE}] => (Block) C:\program files (x86)\x-plane 11\x-plane.exe
FirewallRules: [UDP Query User{26E17E27-895D-42D0-AF90-73C61B3FF1CB}C:\program files (x86)\x-plane 11\x-plane.exe] => (Allow) C:\program files (x86)\x-plane 11\x-plane.exe
FirewallRules: [TCP Query User{0878F729-3CE0-4D83-8C12-258FE4435786}C:\program files (x86)\x-plane 11\x-plane.exe] => (Allow) C:\program files (x86)\x-plane 11\x-plane.exe
FirewallRules: [{FC17579E-9AA2-4185-9A3E-F7D9BD3A190A}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS0A5B\HPDiagnosticCoreUI.exe
FirewallRules: [{0859AC9B-FEE7-4323-98EB-63102F9BACCB}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS0A5B\HPDiagnosticCoreUI.exe
FirewallRules: [{809EED5D-2CDC-4029-8452-F1FA0D5F3D44}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS7C64\HPDiagnosticCoreUI.exe
FirewallRules: [{866C4EB5-ED8C-4A97-9CB2-8191F4BAC558}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS7C64\HPDiagnosticCoreUI.exe
FirewallRules: [{0296F583-22A2-4876-A165-D8F21369C72A}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicatorCom.exe
FirewallRules: [{E1A4FEE2-666C-4817-A403-6DE8B17B79E7}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\HPNetworkCommunicator.exe
FirewallRules: [{AF5B4790-C6B2-472C-840C-09509C237375}] => (Allow) C:\Program Files\HP\HP Deskjet 3050 J610 series\Bin\DeviceSetup.exe
FirewallRules: [{6E1CD472-6129-4557-B494-ED22A593CEA7}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS316F\HPDiagnosticCoreUI.exe
FirewallRules: [{AD1566A2-FDE8-4B79-A220-ECD7A64B46C5}] => (Allow) C:\Users\capek\AppData\Local\Temp\7zS316F\HPDiagnosticCoreUI.exe
FirewallRules: [{D1D92AF4-1EE6-48DA-AE0E-F39C95DD2B78}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
FirewallRules: [{04087E21-D33F-4495-85AB-1527AFB09503}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
FirewallRules: [{B68D088D-2608-4C1A-8141-14CFA1AE4603}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{9EF4A7EF-B215-48C7-86EB-85DDE6673D46}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{B0ED4D04-E385-4636-9372-839AC24B4DC4}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{A88AC889-FD1F-43C1-880A-E0063D81F9B2}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe
FirewallRules: [{CD6D8981-4262-4210-B10E-3A8D02B5C12B}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{FD72BEB9-A212-42C5-A198-CB01A6EF9887}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe
FirewallRules: [{21652C5F-A210-450D-8BF8-02306EEBACCA}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{DD4C83C2-B92C-441E-93CE-07CC0CEC3F63}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
FirewallRules: [{7E8F4217-A654-4E1B-96AC-F8045771CB19}] => (Allow) C:\Program Files (x86)\Microsoft Office\root\Office16\outlook.exe
FirewallRules: [{E9529212-66CF-4390-A35A-AB28D9BB91D1}] => (Allow) C:\Program Files (x86)\Sony\PS4 Remote Play\RemotePlay.exe
FirewallRules: [{AEDDBCD1-E340-42CE-A101-830D9E732DE4}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{E2243A62-7777-4411-91C3-3C9A8108D276}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D0B00DAA-2DF3-46C5-BA22-A0DCBDBAEE72}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{D9F65F9F-EAAD-420E-8CB5-323D69EBD42D}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{00F64CA1-92BB-4C69-A67A-E0A5FD172EAB}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{B6B83A58-C4D4-4325-8AC7-CC78796FA9CE}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{0B79CCBE-2508-48D5-AF67-531FAD2FE122}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{CE9EB5E8-C051-4451-BFB7-7075B311DC41}] => (Allow) C:\Program Files\WindowsApps\SpotifyAB.SpotifyMusic_1.93.244.0_x86__zpdnekdrzrea0\Spotify.exe
FirewallRules: [{407BC522-AD36-45AD-8BB7-F24CFFD5FEA6}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

ATTENTION: System Restore is disabled

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (11/27/2018 10:01:29 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-7CPR5OAV)
Description: httphttp-2147467263

Error: (11/27/2018 08:53:31 AM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-7CPR5OAV)
Description: httphttp-2147467263

Error: (11/27/2018 07:00:18 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/26/2018 06:02:31 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/26/2018 10:40:02 AM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/23/2018 06:02:33 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/22/2018 06:02:31 PM) (Source: Office 2016 Licensing Service) (EventID: 0) (User: )
Description: Event-ID 0

Error: (11/22/2018 05:35:50 PM) (Source: Microsoft-Windows-SpellChecker) (EventID: 33) (User: LAPTOP-7CPR5OAV)
Description: httphttp-2147467263


System errors:
=============
Error: (11/28/2018 02:39:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 02:29:11 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 02:20:47 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 02:20:26 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-7CPR5OAV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-7CPR5OAV\capek (SID: S-1-5-21-1430255689-644748606-1314969473-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 01:46:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 01:46:41 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 01:45:01 AM) (Source: DCOM) (EventID: 10016) (User: LAPTOP-7CPR5OAV)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli LAPTOP-7CPR5OAV\capek (SID: S-1-5-21-1430255689-644748606-1314969473-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (11/28/2018 01:44:33 AM) (Source: EventLog) (EventID: 6008) (User: )
Description: Předchozí vypnutí systému (1:36:34, ‎28.‎11.‎2018) bylo neočekávané.


Windows Defender:
===================================
Date: 2018-11-28 02:44:17.925
Description:
Řízený přístup ke složkám zablokoval pro C:\Users\capek\Desktop\FRST64.exe možnost upravit %desktopdirectory%\.
ÄŚas detekce: 2018-11-28T01:44:17.922Z
UĹľivatel: LAPTOP-7CPR5OAV\capek
Cesta: %desktopdirectory%\
Název procesu: C:\Users\capek\Desktop\FRST64.exe
Verze podpisu: 1.281.943.0
Verze stroje: 1.1.15400.5
Verze produktu: 4.18.1810.5

Date: 2018-11-13 16:52:47.271
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C0CB0949-2C42-4B1D-A0D0-650D1E716100}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
UĹľivatel: NT AUTHORITY\SYSTEM

Date: 2018-11-06 15:28:01.534
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {DA6D47EB-6383-48AC-B4B4-F1CE30AD7112}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
UĹľivatel: NT AUTHORITY\SYSTEM

Date: 2018-11-06 14:47:36.829
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {6CF0D3A1-F845-406F-84B8-356D737FF9AE}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
UĹľivatel: NT AUTHORITY\SYSTEM

Date: 2018-10-24 12:57:10.506
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {D28F0DC2-DD31-4A23-876C-ADA3120E3AEF}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
UĹľivatel: NT AUTHORITY\SYSTEM

==================== Memory info ===========================

Processor: Intel(R) Pentium(R) CPU N4200 @ 1.10GHz
Percentage of memory in use: 76%
Total physical RAM: 3936.22 MB
Available physical RAM: 923.16 MB
Total Virtual: 10848.22 MB
Available Virtual: 6920.66 MB

==================== Drives ================================

Drive c: (Acer) (Fixed) (Total:118.13 GB) (Free:53.84 GB) NTFS

\\?\Volume{d2e2fca7-2a4c-4e79-bc22-806420d78415}\ (Recovery) (Fixed) (Total:1 GB) (Free:0.61 GB) NTFS
\\?\Volume{5fac2511-8e66-4915-bafb-21a42a1d6442}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.05 GB) FAT32

==================== MBR & Partition Table ==================

==================== End of Addition.txt ============================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o preventivní kontrolu logu

#2 Příspěvek od JaRon »

ahoj,
vycisti PC s CCleanerom, vcetne registrov
restart
vycisti PC s ADWCleanerom - log sem
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

C4P3KD4V1D
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 28 lis 2018 02:37

Re: Prosím o preventivní kontrolu logu

#3 Příspěvek od C4P3KD4V1D »

JaRon píše:ahoj,
vycisti PC s CCleanerom, vcetne registrov
restart
vycisti PC s ADWCleanerom - log sem
Děkuji moc. Provedeno podle pokynů.
Log po čištění ADWCleanerem:

# -------------------------------
# Malwarebytes AdwCleaner 7.2.5.0
# -------------------------------
# Build: 11-26-2018
# Database: 2018-11-26.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-28-2018
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 14
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Deleted C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
Deleted C:\Users\Public\Documents\Downloaded Installers
Deleted C:\Users\capek\AppData\Local\slimware utilities inc

***** [ Files ] *****

Deleted C:\Windows\System32\Tasks_Migrated\App Explorer
Deleted C:\Windows\System32\drivers\swdumon.sys

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKU\S-1-5-20\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-19\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Deleted HKU\S-1-5-20\Software\Host App Service
Deleted HKU\S-1-5-19\Software\Host App Service
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
Deleted HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries cleaned.

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [2554 octets] - [28/11/2018 13:32:15]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o preventivní kontrolu logu

#4 Příspěvek od JaRon »

vycistene par drobnosti, inac cisto :)
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

C4P3KD4V1D
Návštěvník
Návštěvník
Příspěvky: 3
Registrován: 28 lis 2018 02:37

Re: Prosím o preventivní kontrolu logu

#5 Příspěvek od C4P3KD4V1D »

JaRon píše:vycistene par drobnosti, inac cisto :)
Mnohokrát děkuji! :)

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15198
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: Prosím o preventivní kontrolu logu

#6 Příspěvek od JaRon »

zamalicko
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Zamčeno