Jaro ten disk sama čistit nemůžu myslím že to by byla pro notas konečná kdybych ho otevřela. Ale lepší to je než to bylo a viry už taky asi nikde nejsou...udělám ještě ten sken a uvidíme co ty na to ? ...moc děkuji za snahu a trpělivost.
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 06.06.2018 01
Ran by harmo (13-06-2018 20:12:33)
Running from C:\Users\harmo\Desktop
Windows 10 Home Version 1709 16299.492 (X64) (2018-06-08 18:33:41)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-434026076-1674770585-2464308185-500 - Administrator - Disabled)
DefaultAccount (S-1-5-21-434026076-1674770585-2464308185-503 - Limited - Disabled)
Guest (S-1-5-21-434026076-1674770585-2464308185-501 - Limited - Disabled)
harmo (S-1-5-21-434026076-1674770585-2464308185-1001 - Administrator - Enabled) => C:\Users\harmo
WDAGUtilityAccount (S-1-5-21-434026076-1674770585-2464308185-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: Malwarebytes (Enabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AS: Malwarebytes (Enabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . (HKLM\...\{657DF44E-16FB-46D9-A2E6-476E54F694D3}) (Version: 7.1 - Intel) Hidden
. . . (HKLM-x32\...\{94EBC126-1FC8-4528-859F-591460B2E7C2}) (Version: 3.4.0.4 - Intel) Hidden
Aktualizace NVIDIA 31.2.0.0 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Update) (Version: 31.2.0.0 - NVIDIA Corporation) Hidden
Cisco EAP-FAST Module (HKLM-x32\...\{64BF0187-F3D2-498B-99EA-163AF9AE6EC9}) (Version: 2.2.14 - Cisco Systems, Inc.)
Cisco LEAP Module (HKLM-x32\...\{AF312B06-5C5C-468E-89B3-BE6DE2645722}) (Version: 1.0.19 - Cisco Systems, Inc.)
Cisco PEAP Module (HKLM-x32\...\{0A4EF0E6-A912-4CDE-A7F3-6E56E7C13A2F}) (Version: 1.1.6 - Cisco Systems, Inc.)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.66.29.53 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.5521 - CyberLink Corp.)
Discord (HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\Discord) (Version: 0.0.301 - Discord Inc.)
DisplayDriverAnalyzer (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_DisplayDriverAnalyzer) (Version: 398.11 - NVIDIA Corporation) Hidden
GameCenter My.Com (HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\GameCenter) (Version: 4.1438 - My.Com B.V.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.79 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Intel(R) Computing Improvement Program (HKLM\...\{F6B5BD59-21F0-47F8-A6C6-63BAEB1A6569}) (Version: 2.1.03720 - Intel Corporation)
Intel(R) Chipset Device Software (HKLM-x32\...\{c7f54569-0018-439c-809a-48046a4d4ebc}) (Version: 10.1.1.9 - Intel(R) Corporation) Hidden
Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 11.0.0.1153 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.15.4271 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 14.5.2.1088 - Intel Corporation)
Intel® Driver & Support Assistant (HKLM-x32\...\{917c2887-4ed0-4389-9b51-616905bcf34f}) (Version: 3.4.0.4 - Intel)
Lenovo EasyCamera (HKLM-x32\...\{E8266049-8C7B-4A09-9E11-8BD100E0076A}) (Version: 8.0.1.2376 - GenesysLogic)
Lenovo Experience Improvement (HKLM\...\LenovoExperienceImprovement) (Version: 2.0.9.0 - Lenovo)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.4706 - CyberLink Corp.)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 2.5.5720.01 - CyberLink Corp.)
Lenovo PowerDVD12 (HKLM-x32\...\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.) Hidden
Lenovo PowerDVD12 (HKLM-x32\...\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}) (Version: 12.0.5328.55 - CyberLink Corp.)
Lenovo QuickOptimizer (HKLM\...\{8D2C871B-1B9F-45AC-9C43-2BB18089CDFA}) (Version: 1.0.006.00 - Lenovo)
Lenovo Service Bridge (HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\{2C74547D-EF88-47F4-85F5-BE46A31E26B7}_is1) (Version: 4.0.6.3 - Lenovo)
Lenovo Solution Center (HKLM\...\{F925868A-2F2C-414B-A5A7-C613039CE9E4}) (Version: 3.1.001.00 - Lenovo)
Lenovo System Update (HKLM-x32\...\TVSU_is1) (Version: 5.07.0072 - Lenovo)
Lenovo Yoga Mode Control (Inf Install) (HKLM\...\ACPIVPC) (Version: 15.11.28.173 - Lenovo)
LenovoUtility (HKLM-x32\...\{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo) Hidden
LenovoUtility (HKLM-x32\...\InstallShield_{6ADA7E88-8D16-4D0D-BC90-2B93AC5E56DA}) (Version: 3.0.0.4 - Lenovo)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0010.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4693.1005 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\OneDriveSetup.exe) (Version: 18.065.0329.0002 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.51106 (HKLM-x32\...\{6e8f74e0-43bd-4dce-8477-6ff6828acc07}) (Version: 11.0.51106.1 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x64) - 14.13.26020 (HKLM-x32\...\{7474cd6e-76cc-4257-837e-5b9261e526af}) (Version: 14.13.26020.0 - Microsoft Corporation)
Microsoft Visual C++ 2017 Redistributable (x86) - 14.13.26020 (HKLM-x32\...\{5c045b7f-e561-4794-91f8-c6cda0893107}) (Version: 14.13.26020.0 - Microsoft Corporation)
NVIDIA GeForce Experience 3.14.0.139 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.GFExperience) (Version: 3.14.0.139 - NVIDIA Corporation)
NVIDIA Ovladač 3D Vision 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.3DVision) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Ovladače grafiky 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 398.11 - NVIDIA Corporation)
NVIDIA Systémový software PhysX 9.17.0524 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.PhysX) (Version: 9.17.0524 - NVIDIA Corporation)
Ovládací panel NVIDIA 398.11 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.ControlPanel) (Version: 398.11 - NVIDIA Corporation) Hidden
Project Icarus version 3.2 (HKLM-x32\...\{FBADE33F-A219-466C-9CA4-848E776F98ED}_is1) (Version: 3.2 - Project Icarus Online)
REACHit (HKLM-x32\...\{4532E4C5-C84D-4040-A044-ECFCC5C6995B}) (Version: 2.1.0.11 - Lenovo)
REALTEK Bluetooth Driver (HKLM-x32\...\{9D3D8C60-A5EF-4123-B2B9-172095903AB}) (Version: 3.868.867.071015 - REALTEK Semiconductor Corp.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31214 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
REALTEK Wireless LAN Driver (HKLM-x32\...\{9DAABC60-A5EF-41FF-B2B9-17329590CD5}) (Version: 1.213.243 - REALTEK Semiconductor Corp.)
Revelation Online (HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\Revelation Online) (Version: 1.104 - My.com B.V.)
Seznam Software (HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\SeznamInstall) (Version: 2.1.32 - Seznam.cz)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.5.5.0 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 4.0.0.1 - Lenovo)
WinRAR 5.50 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.50.0 - win.rar GmbH)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ContextMenuHandlers1: [BtSendToMenuEx] -> {CF24E6B8-F148-4BCB-9108-ADF313966E80} => C:\Program Files (x86)\REALTEK\Realtek Bluetooth\DevMenuExt.dll [2014-07-03] (Realtek Semiconductor Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2015-07-21] (Cyberlink)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2015-07-13] (Lenovo)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-12-01] (Intel Corporation)
ContextMenuHandlers5: [NvCplDesktopContext] -> {3D1975AF-48C6-4f8e-A182-BE0E08FA86A9} => C:\WINDOWS\system32\nvshext.dll [2018-06-01] (NVIDIA Corporation)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2017-08-11] (Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2017-08-11] (Alexander Roshal)
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0504CEBC-F556-48E9-BC47-FBE74EBB0616} - System32\Tasks\Lenovo\SHPrompt => C:\Program Files (x86)\Lenovo\SHAREit\ShareitPrompt.exe [2015-07-13] ()
Task: {2042BCFF-41C3-4257-ADEA-3520F9D80CBD} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Scheduled Maintenance => "%windir%\system32\sc.exe" START ImControllerService
Task: {2541EAC4-F2BD-4E55-A1FF-833DD941C772} - System32\Tasks\Lenovo\ImController\Lenovo iM Controller Monitor => C:\WINDOWS\system32\ImController.InfInstaller.exe [2018-04-24] (Lenovo Group Limited)
Task: {271300B2-0431-4581-BBA7-62F7307F2C4B} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [2015-08-07] ()
Task: {2E1378DA-50F5-4310-B5A5-CAD16D45F842} - System32\Tasks\PDVDServ12 Task => C:\Program Files (x86)\Lenovo\PowerDVD12\PDVD12Serv.exe [2015-05-28] (CyberLink Corp.)
Task: {330DF18F-E123-4E75-8BBC-5D3694DD3E86} - System32\Tasks\Microsoft\Windows\Setup\Notifier => C:\WINDOWS\system32\Notifier.exe [2018-05-18] (Microsoft Corporation)
Task: {38E99269-E0A0-474D-B3D2-63B97DB76837} - System32\Tasks\NvTmRepCR3_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {3F9581B4-E529-4C97-8C46-B57C947C789F} - System32\Tasks\TVT\TVSUUpdateTask => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2018-03-26] ()
Task: {43E49BE0-20AE-460A-9C4C-6EB8DB6E13D5} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [2015-08-07] (Lenovo)
Task: {4A1B74FD-FE21-421F-8EC0-22BB743F5301} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSCService.exe [2015-08-07] (Lenovo)
Task: {4E9D4473-968C-4963-9B1D-EA9C8F99A659} - System32\Tasks\NvProfileUpdaterOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {53418ED6-BBD6-47B1-A358-79F02076562B} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-08] (Google Inc.)
Task: {595797BC-7398-41DC-BEF9-BCF8F7FCEB55} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2015-07-07] (Lenovo)
Task: {637C9C70-F089-419F-ACB5-87263A07BBF0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2018-06-08] (Google Inc.)
Task: {64B54F02-D91E-468C-B22E-8344FB9127AC} - System32\Tasks\NvBatteryBoostCheckOnLogon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {6624B82A-0692-4C0E-A7E1-ABBE44D50E1B} - System32\Tasks\USER_ESRV_SVC_QUEENCREEK => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\QUEENCREEK\x64\task.vbs"
Task: {6A91170B-E0BA-4C59-A7DC-0B83ACFAC3D8} - System32\Tasks\Lenovo\Lenovo Service Bridge\S-1-5-21-434026076-1674770585-2464308185-1001 => C:\Users\harmo\AppData\Local\Programs\Lenovo\Lenovo Service Bridge\LSBUpdater.exe [2018-05-24] (Lenovo Group Limited)
Task: {6FD27264-0BAD-40AE-B0CD-FC5FE113DA61} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\14b36745-b54f-4492-84b6-60398255cf52 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {7288EC3D-AC16-4A40-9094-2018A0C6853A} - System32\Tasks\NvTmRepCR2_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {837E08AF-34AD-4390-9E4B-F78868F22800} - System32\Tasks\NvTmRep_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {867864A9-5981-446D-A307-9826501A5748} - System32\Tasks\CyberLink\Photo Master Gadget startup => C:\Program Files (x86)\Lenovo\Lenovo Photo Master\PhotoMasterWorker.exe [2016-09-22] (CyberLink Corp.)
Task: {89639D8F-7F83-4D00-AFFF-B23C20169E0C} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132 => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {8CCBB3A6-C1F2-4999-89F4-B352363E082E} - System32\Tasks\Lenovo\REACHit Agent Startup => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {95A73E6C-7C20-40D9-8144-F70F2A8F32E0} - System32\Tasks\Lenovo\SHUpdate => C:\Program Files (x86)\Lenovo\SHAREit\ShareitUpdater.exe [2015-07-13] ()
Task: {A4180F25-6840-403E-BCF6-4FDB68F17E00} - System32\Tasks\IntelSURQC-Upgrade-86621605-2a0b-4128-8ffc-15514c247132-Logon => C:\Program Files\Intel\SUR\QUEENCREEK\Updater\bin\IntelSoftwareAssetManagerService.exe [2017-07-13] (Intel Corporation)
Task: {AC369280-B42A-49D6-BA51-74AC2FB01CD5} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\19f8f265-18a2-4aed-b225-2849878c3d38 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {AD5B9034-CFD9-4293-815C-3FFD4851E066} - System32\Tasks\NvTmRepCR1_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmRep.exe [2018-05-20] (NVIDIA Corporation)
Task: {AF7C465D-9A75-4AB5-AE9C-873A2FD4A6E1} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\02e53f4a-6e9a-4435-9c51-71bb42274916 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
Task: {B0ECF924-30B3-48E3-BCAF-C182BF5D0383} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe
Task: {CAB2F818-B586-463D-90AD-99A737C114B4} - System32\Tasks\NvNodeLauncher_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\NvNode\nvnodejslauncher.exe [2018-05-20] (NVIDIA Corporation)
Task: {D0312FC4-4BB5-4746-82A1-AC742D4E7A7A} - System32\Tasks\NvProfileUpdaterDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\Update Core\NvProfileUpdater64.exe [2018-05-20] (NVIDIA Corporation)
Task: {E4517440-1B45-4096-A4D8-87AEC2242068} - System32\Tasks\Lenovo\ImController\Plugins\LenovoSystemUpdatePlugin_WeeklyTask => %windir%\System32\reg.exe add hklm\SOFTWARE\Lenovo\SystemUpdatePlugin\scheduler /v start /t reg_dword /d 1 /f /reg:32
Task: {E616F332-3E08-4F69-9988-023B9DAD8050} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\Windows\system32\rundll32.exe C:\Windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {E8A583B1-F8E3-4862-B205-F9DFE01366FF} - System32\Tasks\Lenovo\Experience Improvement => C:\Program Files\Lenovo\ExperienceImprovement\LenovoExperienceImprovement.exe [2018-06-09] (Lenovo)
Task: {E8CB7620-5763-485C-922B-8E06D3798579} - System32\Tasks\Lenovo\QuickOptimizer => C:\Program Files\lenovo\QuickOptimizer\QuickOptimizerIcon.exe [2015-07-11] (Lenovo)
Task: {EA8B5BA2-31FF-40BA-8CEB-9CF49822A308} - System32\Tasks\NvTmMon_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files (x86)\NVIDIA Corporation\Update Core\NvTmMon.exe [2018-05-20] (NVIDIA Corporation)
Task: {EB5E3C2D-58AF-4CD6-8F7F-CA28555CEC03} - System32\Tasks\NVIDIA GeForce Experience SelfUpdate_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NVIDIA GeForce Experience\NVIDIA GeForce Experience.exe [2018-05-20] (NVIDIA Corporation)
Task: {F20686DD-BEC3-4CE6-BC3D-791C48E9D04D} - System32\Tasks\Lenovo\REACHit Agent Update => C:\Program Files (x86)\Lenovo\REACHit\webAgent.exe [2015-06-12] (Lenovo)
Task: {F6F6081A-13BC-4302-B94D-50F52AEDFAF9} - System32\Tasks\NvDriverUpdateCheckDaily_{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8} => C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe [2018-05-20] (NVIDIA Corporation)
Task: {F8B3BD11-BFD9-4E9B-AE75-CE602A44F338} - System32\Tasks\TVT\TVSUUpdateTask_UserLogOn => C:\Program Files (x86)\Lenovo\System Update\tvsuShim.exe [2018-03-26] ()
Task: {FE65F26A-BF2C-4198-BE32-622438817016} - System32\Tasks\Lenovo\ImController\TimeBasedEvents\39617ce5-471e-4164-8694-52974f47ea44 => C:\Program Files\Lenovo\ImController\Service\Lenovo.Modern.ImController.exe [2018-04-24] (Lenovo Group Limited)
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
==================== Loaded Modules (Whitelisted) ==============
2017-09-29 15:41 - 2017-09-29 15:41 - 000184432 ____N () C:\WINDOWS\SYSTEM32\inputhost.dll
2015-10-12 11:18 - 2015-07-02 18:41 - 000120024 _____ () C:\Program Files (x86)\REALTEK\Realtek Bluetooth\BTDevMgr.exe
2018-06-08 22:03 - 2018-04-25 13:16 - 002297040 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\SelfProtectionSdk.dll
2018-06-08 22:03 - 2018-05-30 09:22 - 002493648 _____ () C:\PROGRAM FILES\MALWAREBYTES\ANTI-MALWARE\MwacLib.dll
2018-06-09 12:05 - 2018-05-20 19:33 - 001315112 _____ () C:\Program Files\NVIDIA Corporation\NvContainer\libprotobuf.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000885992 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
2018-04-06 20:54 - 2018-04-06 20:54 - 002309864 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_modeler.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000270056 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\pl_agent_lib.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000260328 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_acpi_battery_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000306920 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_wifi_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000231144 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\devices_use_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000277736 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_system_power_state_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000638696 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_os_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000212200 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_winstat_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000453352 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_upnp_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000375528 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_process_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000609512 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_hw_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000248040 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_sgx_input.dll
2018-04-06 20:55 - 2018-04-06 20:55 - 000708328 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\sql_logger.dll
2018-06-08 20:07 - 2018-06-01 10:39 - 000137664 _____ () C:\Program Files\NVIDIA Corporation\Display\NvSmartMax64.dll
2015-07-11 02:40 - 2015-07-11 02:40 - 000048544 _____ () C:\Program Files\Lenovo\QuickOptimizer\LNBPrismAssistInf.dll
2015-07-11 02:40 - 2015-07-11 02:40 - 000016288 _____ () C:\Program Files\lenovo\QuickOptimizer\ShowTaskbarIcon.dll
2015-07-11 02:40 - 2015-07-11 02:40 - 005067168 _____ () C:\Program Files\lenovo\QuickOptimizer\DTPrismAssistInf.dll
2017-12-01 01:12 - 2017-12-01 01:12 - 000401840 _____ () C:\WINDOWS\system32\igfxTray.exe
2018-06-13 00:17 - 2018-06-08 08:00 - 011044864 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\CortanaApi.dll
2018-06-13 00:17 - 2018-06-08 07:56 - 001804288 _____ () C:\Windows\SystemApps\Microsoft.Windows.Cortana_cw5n1h2txyewy\Cortana.Core.dll
2015-10-12 10:01 - 2015-10-12 10:01 - 000791848 _____ () C:\Program Files\Lenovo\LenovoUtility\utility.exe
2015-10-12 10:01 - 2015-10-12 10:01 - 000097048 _____ () C:\Program Files\Lenovo\LenovoUtility\kbdhook.dll
2018-06-09 11:02 - 2018-03-26 18:13 - 000023880 _____ () C:\Program Files (x86)\Lenovo\System Update\SUService.exe
2018-06-08 13:24 - 2018-06-08 13:25 - 000086528 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeHost.exe
2018-06-08 13:24 - 2018-06-08 13:25 - 000195072 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkypeBackgroundTasks.dll
2018-06-08 13:24 - 2018-06-08 13:25 - 022374400 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\SkyWrap.dll
2018-06-08 13:24 - 2018-06-08 13:25 - 002610176 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\skypert.dll
2018-06-08 13:24 - 2018-06-08 13:24 - 000654848 _____ () C:\Program Files\WindowsApps\Microsoft.SkypeApp_12.1815.209.0_x64__kzf8qxf38zg5c\RtmMvrUap.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000818408 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv.exe
2018-04-06 20:54 - 2018-04-06 20:54 - 000214760 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\foreground_window_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000279272 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_user_waiting_input.dll
2018-04-06 20:54 - 2018-04-06 20:54 - 000207080 _____ () C:\Program Files\Intel\SUR\QUEENCREEK\x64\intel_events_input.dll
2018-06-08 13:15 - 2018-06-08 13:16 - 000084992 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Preview.dll
2018-06-08 13:15 - 2018-06-08 13:16 - 001873120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\Microsoft.UI.Xaml.dll
2018-06-08 13:15 - 2018-06-08 13:16 - 007813120 _____ () C:\Program Files\WindowsApps\Microsoft.WindowsStore_11804.1001.10.0_x64__8wekyb3d8bbwe\WinStore.Entertainment.Mobile.dll
2015-10-12 10:03 - 2015-02-13 01:02 - 000224696 _____ () C:\Program Files (x86)\Lenovo\CCSDK\SDKClient.dll
2018-06-09 12:05 - 2018-05-20 19:33 - 001033000 _____ () C:\Program Files (x86)\NVIDIA Corporation\NvContainer\libprotobuf.dll
2015-10-12 10:07 - 2014-07-04 06:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 21:35 - 2014-07-04 21:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKU\S-1-5-21-434026076-1674770585-2464308185-1001\Control Panel\Desktop\\Wallpaper -> c:\windows\web\wallpaper\theme1\img2.jpg
DNS Servers: 213.46.172.37 - 213.46.172.36
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: )
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
HKLM\...\StartupApproved\Run32: => "Discord"
HKLM\...\StartupApproved\Run32: => "seznam-listicka-distribuce"
HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\StartupApproved\Run: => "Discord"
HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\StartupApproved\Run: => "cz.seznam.software.autoupdate"
HKU\S-1-5-21-434026076-1674770585-2464308185-1001\...\StartupApproved\Run: => "cz.seznam.software.szndesktop"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{A2E88322-BFC1-4BEF-9F1F-9EDB66253CD9}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{5974D754-0408-4422-A628-39BAE1D02F8C}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe
FirewallRules: [{8D3D1800-6287-4BE5-A7C6-983B280DA4C1}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [TCP Query User{CD6B3ABF-8C6F-4AE5-97C5-5A35A2A6D51E}C:\users\harmo\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\harmo\appdata\local\gamecenter\gamecenter.exe
FirewallRules: [UDP Query User{615E07D4-27B1-4878-AEC0-5A172DD6F943}C:\users\harmo\appdata\local\gamecenter\gamecenter.exe] => (Block) C:\users\harmo\appdata\local\gamecenter\gamecenter.exe
FirewallRules: [TCP Query User{D55BDD14-9D54-4756-9BC1-84BA00465958}C:\mygames\revelation online\game\tianyu.exe] => (Allow) C:\mygames\revelation online\game\tianyu.exe
FirewallRules: [UDP Query User{16593A93-B2FD-4055-9A74-BF7DAF366CD9}C:\mygames\revelation online\game\tianyu.exe] => (Allow) C:\mygames\revelation online\game\tianyu.exe
FirewallRules: [TCP Query User{FA5DB767-F7FB-401A-95CC-1C379FFA3AF0}C:\program files (x86)\project icarus 3.2\bin64\launcher.exe] => (Allow) C:\program files (x86)\project icarus 3.2\bin64\launcher.exe
FirewallRules: [UDP Query User{A173A801-90E5-4C26-B69C-76D197590D00}C:\program files (x86)\project icarus 3.2\bin64\launcher.exe] => (Allow) C:\program files (x86)\project icarus 3.2\bin64\launcher.exe
FirewallRules: [{8F368735-D08E-4052-B497-57FA8C0903BE}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{BBB80C22-9550-4E63-9374-5AE38F15F246}] => (Allow) C:\Program Files (x86)\Lenovo\System Update\uncserver.exe
FirewallRules: [{700BF99A-D203-4384-890D-F12B0C9D4574}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{FACA3331-925D-452A-9067-4DDEA2F3628B}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{361895D0-7FB1-4F6A-88AD-52BD689A91DC}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{3EBFEF7C-4589-4AFC-A83B-0BEDD42D413C}] => (Allow) C:\Program Files\NVIDIA Corporation\NvContainer\nvcontainer.exe
FirewallRules: [{0F1CD685-7295-4BC1-9541-5924955916A9}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{44326D6C-6A75-4B3C-BF2A-EA89EC99BBCE}] => (Allow) C:\Program Files\NVIDIA Corporation\NvStreamSrv\nvstreamer.exe
FirewallRules: [{CF6F41BE-5F58-4430-8BBA-53960B70C84F}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{423C51FD-C7A0-40A8-A29A-9DD725F9D72E}] => (Block) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{439CF899-977B-4D38-A6B4-AD67049583A7}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
FirewallRules: [{B6EFAEEB-EADE-495B-88A0-96DABA239FA4}] => (Allow) C:\Program Files\Intel\SUR\QUEENCREEK\x64\esrv_svc.exe
==================== Restore Points =========================
10-06-2018 08:59:51 JRT Pre-Junkware Removal
12-06-2018 20:22:36 Removed Sophos Virus Removal Tool.
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (06/13/2018 03:17:07 AM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (06/11/2018 11:22:39 PM) (Source: Perflib) (EventID: 1008) (User: )
Description: Procedura Open pro službu BITS v knihovně DLL C:\Windows\System32\bitsperf.dll se nezdařila. Výkonnostní data pro tuto službu nebudou k dispozici. Vrácený kód stavu představují první čtyři bajty (DWORD) datové části.
Error: (06/11/2018 09:34:35 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x8007001f, Zařízení připojené k systému nefunguje.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (06/11/2018 05:39:24 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 2484) (User: PETRA)
Description: Balíček Microsoft.Windows.Photos_2018.18041.15530.0_x64__8wekyb3d8bbwe+App se ukončil, protože jeho pozastavování trvalo moc dlouho.
Error: (06/11/2018 08:32:57 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: conhost.exe, verze: 10.0.16299.15, časové razítko: 0x4dbabb31
Název chybujícího modulu: ConhostV2.dll, verze: 10.0.16299.15, časové razítko: 0x9407c601
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000006404
ID chybujícího procesu: 0x112c
Čas spuštění chybující aplikace: 0x01d4014db43473d5
Cesta k chybující aplikaci: C:\WINDOWS\system32\conhost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ConhostV2.dll
ID zprávy: 521487a5-c3ee-48b4-b565-7f2e73a1637a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/11/2018 08:30:42 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: zoek.exe, verze: 0.0.0.0, časové razítko: 0x00000000
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.16299.402, časové razítko: 0x81d25214
Kód výjimky: 0xc0000409
Posun chyby: 0x00103f12
ID chybujícího procesu: 0x1c8c
Čas spuštění chybující aplikace: 0x01d4014db3db3ff9
Cesta k chybující aplikaci: C:\Users\harmo\Desktop\zoek.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: e8b9415f-a2a3-4afd-8218-6bac6ba071f7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
Error: (06/11/2018 08:28:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: ShellExperienceHost.exe, verze: 10.0.16299.334, časové razítko: 0x5aa762bd
Název chybujícího modulu: msvcrt.dll, verze: 7.0.16299.125, časové razítko: 0x20688290
Kód výjimky: 0x40000015
Posun chyby: 0x000000000000ad32
ID chybujícího procesu: 0xf54
Čas spuštění chybující aplikace: 0x01d401433de765f7
Cesta k chybující aplikaci: C:\Windows\SystemApps\ShellExperienceHost_cw5n1h2txyewy\ShellExperienceHost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\msvcrt.dll
ID zprávy: eb8d353d-e46a-4f77-90cf-3168bc1aa38d
Úplný název chybujícího balíčku: Microsoft.Windows.ShellExperienceHost_10.0.16299.402_neutral_neutral_cw5n1h2txyewy
ID aplikace související s chybujícím balíčkem: App
Error: (06/10/2018 11:12:26 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: conhost.exe, verze: 10.0.16299.15, časové razítko: 0x4dbabb31
Název chybujícího modulu: ConhostV2.dll, verze: 10.0.16299.15, časové razítko: 0x9407c601
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000006404
ID chybujícího procesu: 0xb94
Čas spuštění chybující aplikace: 0x01d400ff2767a6fd
Cesta k chybující aplikaci: C:\WINDOWS\system32\conhost.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ConhostV2.dll
ID zprávy: 6ea7dc27-e6db-49e5-bfde-121b67d93fb3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:
System errors:
=============
Error: (06/13/2018 07:58:17 PM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 05:09:55 PM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 05:05:43 PM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 05:05:42 PM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 05:05:41 PM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 05:05:40 PM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
a APPID
{8BC3F05E-D86B-11D0-A075-00C04FB68820}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Microsoft.Windows.ContentDeliveryManager_10.0.16299.15_neutral_neutral_cw5n1h2txyewy – SID (S-1-15-2-350187224-1905355452-1037786396-3028148496-2624191407-3283318427-1255436723). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 03:27:35 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\LOCAL SERVICE (SID: S-1-5-19) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (06/13/2018 11:45:52 AM) (Source: DCOM) (EventID: 10016) (User: PETRA)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli PETRA\harmo (SID: S-1-5-21-434026076-1674770585-2464308185-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2018-06-12 11:21:32.258
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Fuerboos.A!cl
ID: 2147723652
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Program Files (x86)\Project Icarus 3.2\Bin32\Cry3DEngineStub.dll
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PETRA\harmo
Název procesu: C:\Program Files (x86)\Project Icarus 3.2\Patcher.exe
Verze podpisu: AV: 1.269.1075.0, AS: 1.269.1075.0, NIS: 1.269.1075.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-06-11 11:57:21.329
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\$Recycle.Bin\S-1-5-21-434026076-1674770585-2464308185-1001\$R3956UB.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PETRA\harmo
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.269.1050.0, AS: 1.269.1050.0, NIS: 1.269.1050.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-06-11 08:54:46.671
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\harmo\Desktop\zoek.exe
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PETRA\harmo
Název procesu: C:\Windows\explorer.exe
Verze podpisu: AV: 1.269.1050.0, AS: 1.269.1050.0, NIS: 1.269.1050.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-06-11 08:27:11.864
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\harmo\Downloads\Nepotvrzeno 251965.crdownload
Původ zjišťování: Místní počítač
Typ zjišťování: FastPath
Zdroj zjišťování: Ochrana v reálném čase
Uživatel: PETRA\harmo
Název procesu: C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
Verze podpisu: AV: 1.269.1050.0, AS: 1.269.1050.0, NIS: 1.269.1050.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4
Date: 2018-06-11 08:26:59.949
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo malware nebo jiný potenciálně nežádoucí software.
Další informace:
https://go.microsoft.com/fwlink/?linkid ... terprise=0Název: Trojan:Win32/Tiggre!plock
ID: 2147723626
Závažnost: Vážné
Kategorie: Trojský kůň
Cesta: file:_C:\Users\harmo\Downloads\zoek.exe;webfile:_C:\Users\harmo\Downloads\zoek.exe|http://download.bleepingcomputer.com/smeenk/zoek.exe|pid:5644,ProcessStart:131731677875223356
Původ zjišťování: Internet
Typ zjišťování: FastPath
Zdroj zjišťování: Soubory ke stažení a přílohy
Uživatel: PETRA\harmo
Název procesu: Unknown
Verze podpisu: AV: 1.269.1050.0, AS: 1.269.1050.0, NIS: 1.269.1050.0
Verze modulu: AM: 1.1.14901.4, NIS: 1.1.14901.4
CodeIntegrity:
===================================
Date: 2018-06-13 11:11:45.920
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:11:41.687
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:08:40.542
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:08:39.835
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:08:15.426
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:07:35.084
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:07:05.169
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
Date: 2018-06-13 11:07:04.447
Description:
Code Integrity determined that a process (\Device\HarddiskVolume3\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume3\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.
==================== Memory info ===========================
Processor: Intel(R) Core(TM) i5-5200U CPU @ 2.20GHz
Percentage of memory in use: 34%
Total physical RAM: 6058.7 MB
Available physical RAM: 3998.46 MB
Total Virtual: 9770.7 MB
Available Virtual: 6486.25 MB
==================== Drives ================================
Drive c: (Windows) (Fixed) (Total:593.26 GB) (Free:469.59 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (Nový svazek) (Fixed) (Total:292.97 GB) (Free:263.02 GB) NTFS
Drive e: (LENOVO) (Fixed) (Total:25 GB) (Free:22.41 GB) NTFS
\\?\Volume{2f94babf-ecb7-4b9c-9125-364ee971a180}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32
\\?\Volume{491b8b51-84cb-47e8-b7cf-c346a01f8bf1}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.55 GB) NTFS
\\?\Volume{900f4202-882e-4e2f-a79e-61514fe2aaf3}\ (LENOVO_PART) (Fixed) (Total:18.06 GB) (Free:4.19 GB) NTFS
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 448AE571)
Partition: GPT.
==================== End of Addition.txt ============================