Kontrola log

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: memphisto, Mods_senior, Security team

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 05 úno 2021 16:37

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2021
Ran by lucka (04-02-2021 17:59:09)
Running from C:\Users\lucka\Desktop
Windows 8.1 Connected (Update) (X64) (2017-03-05 07:18:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 75.0.3770.100 - Comodo)
COMODO Internet Security Premium (HKLM\...\{9D9A22A4-C382-4340-9843-AB8C54FC9D49}) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}) (Version: 1.4.159.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.4.478445.159 - Comodo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.26.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

staci?



Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41654
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola log

Příspěvekod jaro3 » 05 úno 2021 18:42

Stačí.

máš prázdný:
==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


nejlépe odinstalovat Comodo títo:
https://www.techsupportall.com/download ... oval-tool/

pak nainstalovat znovu..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 05 úno 2021 21:17

Hotovo ale divej
je to ok?
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41654
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola log

Příspěvekod jaro3 » 05 úno 2021 22:08

Není , vypnul si předtím ten antivir?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 05 úno 2021 22:34

ja uz nevim ale odinstaloval se akorat tam zustal po nem comodo shopp a dragon browser
mam ho vypnout a udelat to znovu?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41654
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola log

Příspěvekod jaro3 » 05 úno 2021 22:45

Zkus to.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 06 úno 2021 09:20

Tak sem ho vypnul a odinstaloval ale zase tam neco blblo v te prvni tabulce screen.Po restartu mi to vyhodilo ale jeste 2 takovy a tam uz to vypadalo ok ale neslo mi to screen.Mam ho nainstalovat zpatky?
Nemáte oprávnění prohlížet přiložené soubory.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41654
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola log

Příspěvekod jaro3 » 06 úno 2021 13:41

No jo , přístup odepřen.Dával si restart?

Nejlíp bude když uděláš znovu FRST ( oba logy) a já to potom scriptem udmažu celé.
Pak teprve bude možné znovu nainstalovat antivir.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 07 úno 2021 07:53

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-02-2021
Ran by lucka (administrator) on LENOVO-PC (LENOVO INVALID) (07-02-2021 07:44:48)
Running from C:\Users\lucka\Desktop
Loaded Profiles: lucka
Platform: Windows 8.1 Connected (Update) (X64) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VideoLAN -> VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818552 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408888 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\...\MountPoints2: {12438d51-68b0-11eb-829c-507b9d91ec18} - "F:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2015-01-05] (Lenovo (Beijing) Limited -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B0672D-13C0-4FC0-8DFD-CEE159881970} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {10D9ADD6-58F6-4012-A1FD-41A13851E5A8} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {149FCF80-BA39-407F-A5BC-92D359631E0F} - System32\Tasks\{8331F916-D37B-4883-8E9A-C2A75724AF41} => C:\windows\system32\pcalua.exe -a "C:\Users\lucka\Desktop\zoek (1).exe" -d C:\Users\lucka\Desktop
Task: {177C642E-7F10-4D72-8255-5AA816434884} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-24] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {3C7D587E-A3BD-4B2E-A799-0DB54F80AB81} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {484AA85E-1243-4D93-8D53-4EDC85268486} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Task: {5AF4093C-FCE7-4789-B705-F949D28484F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Task: {5F5D770B-B82F-4B08-870F-88AB4A737C7F} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [35584 2014-07-30] (LENOVO -> )
Task: {6C1AB129-102B-4DA1-BF15-5E718CD47117} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-08-19] (LENOVO -> Lenovo)
Task: {6FBD2DC9-651A-44F9-9DB3-6A16C51DDD7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D21ABD2A-F492-4A86-8555-CAE5E1851009} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D90399AF-50A8-4DB2-B1F5-14C9022ECFA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6431623-D652-4878-BBF5-7112B6AFBF20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{51AF7BC3-537D-4648-B5FB-E691F51BF9FF}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E60D511B-C0E6-474F-8897-14A388D55888}: [DhcpNameServer] 178.22.112.22 178.22.118.10

Edge:
=======
Edge Profile: C:\Users\lucka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-04]
CHR Profile: C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Chrome Media Router) - C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-04]
CHR Profile: C:\Users\lucka\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] (Lenovo (Beijing) Limited -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5026616 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
S2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-07-30] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-08] (Maxthon (Asia) Limited. -> Maxthon)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [319472 2014-07-18] (Lenovo (Beijing) Limited -> Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2015-01-05] (Lenovo (Beijing) Limited -> )
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [42256 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [59360 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 MpKsl82115176; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA2B4930-2BFE-4421-A9A9-CF470D1BAC1E}\MpKslDrv.sys [47344 2021-02-06] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S1 amsdk; \??\C:\windows\system32\drivers\amsdk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-07 07:44 - 2021-02-07 07:46 - 000015733 _____ C:\Users\lucka\Desktop\FRST.txt
2021-02-07 07:42 - 2021-02-07 07:42 - 002297856 _____ (Farbar) C:\Users\lucka\Desktop\FRST64.exe
2021-02-07 07:30 - 2021-02-07 07:30 - 000000000 ____D C:\Users\lucka\AppData\Local\Riot Games
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\lucka\AppData\Roaming\DAEMON Tools Lite
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\lucka\AppData\Local\Disc_Soft_Ltd
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\ProgramData\Documents\Catch!
2021-02-06 20:15 - 2021-02-06 20:15 - 000059360 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtliteusbbus.sys
2021-02-06 20:15 - 2021-02-06 20:15 - 000000000 ____D C:\Users\lucka\AppData\Roaming\Disc-Soft
2021-02-06 20:14 - 2021-02-06 20:15 - 000042256 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtlitescsibus.sys
2021-02-06 20:14 - 2021-02-06 20:14 - 000001656 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2021-02-06 20:14 - 2021-02-06 20:14 - 000001656 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2021-02-06 20:14 - 2021-02-06 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2021-02-06 20:13 - 2021-02-06 20:15 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2021-02-06 20:13 - 2021-02-06 20:13 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-02-06 17:44 - 2021-02-06 17:45 - 001743552 _____ (Disc Soft Ltd) C:\Users\lucka\Downloads\DTLiteInstaller.exe
2021-02-06 17:33 - 2021-02-06 17:33 - 000000424 _____ C:\Users\lucka\Desktop\This PC - Shortcut.lnk
2021-02-06 06:58 - 2021-02-06 08:54 - 2124041499 _____ C:\Users\lucka\Downloads\X-Men.2019.BluRay.1080p.AC3.CZ.dabing.mkv
2021-02-05 19:32 - 2021-02-05 19:32 - 005712000 _____ (COMODO) C:\Users\lucka\Downloads\cispremium_installer.exe
2021-02-05 19:31 - 2021-02-05 19:31 - 001688256 _____ (COMODO) C:\Users\lucka\Downloads\ciscleanuptool_x64.exe
2021-02-05 16:49 - 2021-02-05 18:28 - 1799282170 _____ C:\Users\lucka\Downloads\Once.upon.holywood.2019.BluRay.720p.AC3.5.1.CZ.mkv
2021-02-05 13:19 - 2021-02-06 08:53 - 000000000 ____D C:\Users\lucka\Desktop\New folder
2021-02-05 10:30 - 2021-02-05 10:30 - 000003332 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 10:30 - 2021-02-05 10:30 - 000003204 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 00:57 - 2021-02-05 00:57 - 000000451 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2021-02-05 00:53 - 2021-02-05 00:53 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-05 00:53 - 2021-02-05 00:53 - 000002213 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-05 00:53 - 2021-02-05 00:53 - 000002213 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-05 00:52 - 2021-02-05 00:52 - 000003380 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 00:52 - 2021-02-05 00:52 - 000003252 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 00:52 - 2020-10-02 21:58 - 000835472 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2021-02-05 00:52 - 2020-10-02 21:58 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2021-02-05 00:34 - 2021-02-05 00:35 - 000000000 ____D C:\windows\system32\Appraiser
2021-02-04 23:14 - 2021-01-08 02:21 - 000514048 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2021-02-04 23:14 - 2021-01-08 02:13 - 000399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2021-02-04 23:14 - 2020-10-13 05:31 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2021-02-04 23:14 - 2020-10-13 05:09 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2021-02-04 23:13 - 2020-08-11 07:16 - 000376072 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2021-02-04 23:13 - 2020-08-11 05:33 - 000317176 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2021-02-04 23:13 - 2020-06-11 04:24 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2021-02-04 23:13 - 2020-06-11 04:02 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2021-02-04 23:13 - 2020-05-10 05:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2021-02-04 23:13 - 2020-05-10 04:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2021-02-04 23:13 - 2020-01-28 09:06 - 001677024 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2021-02-04 23:13 - 2020-01-28 09:06 - 001500848 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2021-02-04 23:13 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\windows\SysWOW64\gnsdk_fp.dll
2021-02-04 23:13 - 2019-04-04 23:15 - 000513416 _____ C:\windows\SysWOW64\locale.nls
2021-02-04 23:13 - 2019-04-04 23:15 - 000513416 _____ C:\windows\system32\locale.nls
2021-02-04 23:13 - 2019-02-26 08:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2021-02-04 23:13 - 2018-10-25 01:54 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2021-02-04 23:13 - 2018-10-25 01:51 - 000121344 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2021-02-04 23:13 - 2018-04-15 17:55 - 000669696 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2021-02-04 23:13 - 2018-04-15 17:16 - 000536576 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2021-02-04 23:12 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2021-02-04 23:12 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2021-02-04 23:12 - 2018-08-26 05:07 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2021-02-04 20:20 - 2021-02-07 07:45 - 000000000 ____D C:\FRST
2021-02-04 19:55 - 2021-02-04 19:55 - 001060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2021-02-03 23:04 - 2021-02-05 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2021-02-03 22:53 - 2021-02-03 23:42 - 000050388 _____ C:\windows\ZAM.krnl.trace
2021-02-03 13:51 - 2021-02-07 07:22 - 000000000 ____D C:\Users\lucka\AppData\Roaming\vlc
2021-02-03 13:29 - 2021-02-03 13:29 - 000001097 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-03 13:29 - 2021-02-03 13:29 - 000001097 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-03 13:29 - 2021-02-03 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-02-03 12:34 - 2021-02-03 12:34 - 000000000 ____D C:\Users\lucka\AppData\Local\Conexant
2021-02-03 11:47 - 2021-02-03 11:47 - 000000000 ____D C:\Users\lucka\AppData\Local\Zemana
2021-02-03 11:47 - 2021-02-03 11:47 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-02-03 11:46 - 2021-02-03 23:42 - 000000000 ____D C:\Users\lucka\AppData\Local\AMSDK
2021-02-03 11:38 - 2014-02-13 23:59 - 000024064 _____ C:\windows\zoek-delete.exe
2021-02-03 11:04 - 2021-02-03 22:53 - 000003122 _____ C:\windows\system32\Tasks\{8331F916-D37B-4883-8E9A-C2A75724AF41}
2021-02-03 11:03 - 2021-02-03 11:31 - 000000000 ____D C:\zoek_backup
2021-02-02 18:23 - 2021-02-02 18:23 - 000000000 ____D C:\ProgramData\Sophos
2021-02-02 15:14 - 2021-02-05 00:02 - 000000000 ____D C:\Users\lucka\AppData\Local\CrashDumps
2021-02-02 14:32 - 2021-02-02 14:32 - 000000000 ____D C:\Users\lucka\AppData\Local\mbam
2021-02-02 14:31 - 2021-02-02 14:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-02 14:29 - 2021-02-02 14:29 - 002086424 _____ (Malwarebytes) C:\Users\lucka\Downloads\MBSetup.exe
2021-02-02 14:18 - 2021-02-02 17:46 - 000000000 ____D C:\AdwCleaner
2021-02-01 19:59 - 2021-02-01 19:59 - 000000000 ____D C:\Users\lucka\AppData\Local\CyberLink
2021-02-01 15:45 - 2021-02-01 15:45 - 000000000 ____D C:\Users\lucka\AppData\Roaming\CyberLink

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-07 07:35 - 2017-03-05 08:26 - 000003930 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{A606ED3F-E5DF-4564-84C8-5A7985F67766}
2021-02-07 07:22 - 2017-03-05 08:25 - 000003598 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4289856400-1582998229-3165114676-1001
2021-02-06 20:27 - 2017-03-05 08:19 - 000000000 __SHD C:\Users\lucka\IntelGraphicsProfiles
2021-02-06 20:26 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-02-06 20:25 - 2015-01-05 13:07 - 000002560 _____ C:\windows\system32\VfService.trf
2021-02-06 20:15 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2021-02-05 21:04 - 2013-08-22 16:36 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2021-02-05 21:04 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2021-02-05 20:32 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2021-02-05 19:56 - 2014-03-18 10:53 - 000865068 _____ C:\windows\system32\PerfStringBackup.INI
2021-02-05 13:05 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2021-02-05 01:07 - 2015-01-05 12:51 - 000000000 ____D C:\windows\system32\Tasks\Lenovo
2021-02-05 00:57 - 2015-01-05 12:22 - 000000306 _____ C:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2021-02-05 00:47 - 2013-08-22 15:44 - 000346744 _____ C:\windows\system32\FNTCACHE.DAT
2021-02-05 00:36 - 2013-08-22 16:36 - 000000000 ___RD C:\windows\ToastData
2021-02-05 00:35 - 2018-01-10 12:20 - 000000000 ___SD C:\windows\system32\CompatTel
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\setup
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\setup
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\PolicyDefinitions
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-05 00:35 - 2013-08-22 14:36 - 000000000 ____D C:\windows\SysWOW64\Dism
2021-02-05 00:35 - 2013-08-22 14:36 - 000000000 ____D C:\windows\system32\oobe
2021-02-05 00:35 - 2013-08-22 14:36 - 000000000 ____D C:\windows\system32\Dism
2021-02-04 23:55 - 2015-01-05 11:59 - 000000000 ___HD C:\Intel
2021-02-04 23:45 - 2017-12-28 17:59 - 000000000 ____D C:\windows\system32\MRT
2021-02-04 23:29 - 2017-12-28 17:58 - 135062968 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2021-02-04 20:38 - 2018-01-03 13:05 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-04 20:38 - 2018-01-03 13:05 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-04 20:38 - 2018-01-03 13:05 - 000002214 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-03 22:53 - 2015-01-05 13:06 - 000003056 _____ C:\windows\system32\Tasks\PDVDServ Task
2021-02-03 22:53 - 2015-01-05 12:09 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-02-03 13:28 - 2017-12-28 18:54 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-02-03 12:34 - 2015-01-05 12:05 - 000000000 ____D C:\ProgramData\Conexant
2021-02-02 15:02 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2021-02-02 14:47 - 2015-01-05 12:50 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-02-02 14:24 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2021-02-02 14:14 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2021-02-01 19:59 - 2015-01-05 13:06 - 000000000 ____D C:\ProgramData\CyberLink
2021-02-01 19:12 - 2013-08-22 16:36 - 000000000 ____D C:\windows\tracing
2021-02-01 13:59 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-01 13:59 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2021-01-21 22:37 - 2018-01-17 11:53 - 000799104 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-02-05 19:04
==================== End of FRST.txt ========================

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 07 úno 2021 07:54

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by lucka (07-02-2021 07:49:27)
Running from C:\Users\lucka\Desktop
Windows 8.1 Connected (Update) (X64) (2017-03-05 07:18:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4289856400-1582998229-3165114676-500 - Administrator - Disabled)
Guest (S-1-5-21-4289856400-1582998229-3165114676-501 - Limited - Disabled)
lucka (S-1-5-21-4289856400-1582998229-3165114676-1001 - Administrator - Enabled) => C:\Users\lucka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1679 - Disc Soft Ltd)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.26.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2017-12-29] (Amazon.com)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-12-29] (LENOVO INC.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_2.0.1.63_x64__6dqnvyezrysvy [2017-12-29] (Dailymotion SA)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-12-29] (Evernote)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-08-30] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-12-29] (FilmOn TV Inc.)
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2018-04-03] (McAfee_Inc)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2017-12-29] (LENOVO INC)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2017-12-29] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-12-29] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-12-29] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-08-30] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-12-29] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\lucka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2015-01-05 13:07 - 2015-01-05 13:07 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2015-01-05 13:07 - 2015-01-05 13:07 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2015-01-05 13:02 - 2015-01-05 13:02 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {2B2489C6-450C-4C75-AE03-5600D36E818A} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2021-02-04 09:28 - 000000813 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucka\Pictures\water.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{238E7177-2177-46E1-90F5-44A4B7A4E727}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{6135B7A6-8AE8-49F9-9885-62E8F350D8F3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{131F1D07-101A-4F36-9A5B-55E0111B69C1}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{D382C858-3B36-4482-ACF7-06BE08BCDF9C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{69F0FB2A-60AD-4B34-8AFD-DF6CACC76D3D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{6E2C7393-55E6-4889-8731-023034F67E8C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{015D3E69-D0DC-45A9-941E-E1BCFD08EDE9}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5C872768-5E0B-4EED-A03F-FC1540E452BC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5CA9C6D2-699C-4686-872D-083F0DABFDB5}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A843F6C8-7B49-4931-A921-59F5B68703D1}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F9002769-A790-4660-A813-2333925E8EC9}] => (Allow) LPort=55100
FirewallRules: [{A439B9C4-BB84-415C-92F9-74DCA59AD1B5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{4C48707D-B398-4FDF-A26F-35A6AEA3942D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{D8EF3C6B-42BE-42A9-A474-02E1E4AF5854}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{57F9E9E2-26CD-46D7-98B7-F2828F33A33E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6B968F51-D220-48FD-B590-666D578E2270}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)

==================== Restore Points =========================

06-02-2021 08:56:21 Comodo Internet Security: Custom Uninstaller

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/06/2021 09:15:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemAgentService.exe, version: 1.6.1.0, time stamp: 0x53d9aaa5
Faulting module name: SystemAgentService.exe, version: 1.6.1.0, time stamp: 0x53d9aaa5
Exception code: 0xc0000409
Fault offset: 0x0000b15e
Faulting process id: 0x620
Faulting application start time: 0x01d6fcbde8bb2fe3
Faulting application path: C:\Program Files\Lenovo\iMController\SystemAgentService.exe
Faulting module path: C:\Program Files\Lenovo\iMController\SystemAgentService.exe
Report Id: 00bd2238-68b8-11eb-829d-507b9d91ec18
Faulting package full name:
Faulting package-relative application ID:

Error: (02/06/2021 08:28:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCSDK.exe, version: 1.0.3.4, time stamp: 0x53bcd5bf
Faulting module name: SensorsApi.dll_unloaded, version: 6.3.9600.17415, time stamp: 0x54504285
Exception code: 0xc0000005
Fault offset: 0x0000a580
Faulting process id: 0x110c
Faulting application start time: 0x01d6fcbe3a7b63c2
Faulting application path: C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
Faulting module path: SensorsApi.dll
Report Id: 7cfb06a2-68b1-11eb-829d-507b9d91ec18
Faulting package full name:
Faulting package-relative application ID:

Error: (02/06/2021 08:56:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f30afc64-a4f8-4290-b0e0-364aaa6e83c6}

Error: (02/05/2021 08:49:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Internet Security Essentials.

System Error:
The system cannot find the file specified.
.

Error: (02/05/2021 08:49:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary COMODO Secure Shopping.

System Error:
The system cannot find the file specified.
.

Error: (02/05/2021 08:46:07 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (02/05/2021 08:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.887, time stamp: 0x600f4741
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0xb24
Faulting application start time: 0x01d6fbf56c4c7cc3
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: c60b4345-67e8-11eb-8297-507b9d91ec18
Faulting package full name:
Faulting package-relative application ID:

Error: (02/05/2021 08:08:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Internet Security Essentials.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (02/07/2021 07:20:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/06/2021 09:15:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Lenovo System Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2021 08:28:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CCSDK service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2021 08:26:07 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Firewall Core Service service depends on the following service: mfevtp. This service might not be installed.

Error: (02/06/2021 08:18:56 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Firewall Core Service service depends on the following service: mfevtp. This service might not be installed.

Error: (02/06/2021 08:17:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/06/2021 08:09:34 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.

Error: (02/06/2021 08:09:34 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-07-22 14:12:03.915
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

Date: 2018-07-21 22:39:15.642
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

Date: 2018-07-21 20:07:39.640
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A7D4AE3E-054B-4E9E-9795-7A5D3191F3A9}
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2018-07-21 16:10:56.701
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

Date: 2018-07-20 23:20:10.650
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Program:Win32/CompromisedCert.A
ID: 208268
Severity: Severe
Category: Potentially Unwanted Software
Path: clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5};file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\Run.exe;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VDWFP.sys;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VDWFPInstaller.exe;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.tl
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
Signature Version: AV: 1.261.1370.0, AS: 1.261.1370.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2021-02-05 19:57:16.994
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2021-02-05 19:57:16.805
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.331.231.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2021-02-05 19:57:16.804
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.331.231.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2021-02-05 19:57:16.492
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.331.231.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-07-21 15:40:47.435
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.1370.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2021-02-05 20:53:05.235
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-02-05 20:03:43.085
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 19:56:43.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 19:55:53.718
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-05 19:55:39.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-05 19:55:36.624
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-05 19:51:03.033
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 19:46:21.686
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A7CN48WW 08/03/2015
Motherboard: LENOVO VIUU4
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 55%
Total physical RAM: 3979.2 MB
Available physical RAM: 1766.82 MB
Total Virtual: 4427.2 MB
Available Virtual: 2134.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.82 GB) (Free:358.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.95 GB) NTFS

\\?\Volume{9f995edd-2123-4fe3-aa87-e3b6497d0d6c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{9aa61b3e-0b8e-47c4-a783-100ec55eee80}\ (PBR_DRV) (Fixed) (Total:13.61 GB) (Free:2.78 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 798ED846)

Partition: GPT.

==================== End of Addition.txt =======================

lycantrop321
Level 1
Level 1
Příspěvky: 56
Registrován: únor 21
Pohlaví: Nespecifikováno

Re: Kontrola log

Příspěvekod lycantrop321 » 07 úno 2021 07:55

jo daval.chces i log s ciscleanuptool ?

Date: 2018-07-21 16:10:56.701
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

to mam v pc minera/y?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 41654
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž

Re: Kontrola log

Příspěvekod jaro3 » 07 úno 2021 17:26

OK.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\...\MountPoints2: {12438d51-68b0-11eb-829c-507b9d91ec18} - "F:\autorun.exe"
Task: {484AA85E-1243-4D93-8D53-4EDC85268486} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Task: {5AF4093C-FCE7-4789-B705-F949D28484F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
C:\Users\lucka\Downloads\cispremium_installer.exe
C:\Users\lucka\Downloads\ciscleanuptool_x64.exe
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
C:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2018-04-03] (McAfee_Inc)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {2B2489C6-450C-4C75-AE03-5600D36E818A} URL =

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Pak si můžeš nainstalovat antivir.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: CommonCrawl [Bot] a 4 hosti