Kontrola log

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 05 úno 2021 16:37

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 03-02-2021
Ran by lucka (04-02-2021 17:59:09)
Running from C:\Users\lucka\Desktop
Windows 8.1 Connected (Update) (X64) (2017-03-05 07:18:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Comodo Dragon (HKLM-x32\...\Comodo Dragon) (Version: 75.0.3770.100 - Comodo)
COMODO Internet Security Premium (HKLM\...\{9D9A22A4-C382-4340-9843-AB8C54FC9D49}) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.) Hidden
COMODO Internet Security Premium (HKLM\...\COMODO Internet Security) (Version: 12.2.2.7098 - COMODO Security Solutions Inc.)
COMODO Secure Shopping (HKLM-x32\...\{D15DF9B0-3A98-4BEF-B7D5-FC3AEA478445}) (Version: 1.4.159.0 - COMODO) Hidden
COMODO Secure Shopping (HKLM-x32\...\Comodo Secure_Shopping_list_uninstall) (Version: 1.4.478445.159 - Comodo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.146 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.36.51 - Google LLC) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
Internet Security Essentials (HKLM-x32\...\ComodoIse) (Version: 1.6.472587.185 - Comodo)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.26.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

staci?

Reklama
Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola log

Příspěvekod jaro3 » 05 úno 2021 18:42

Stačí.

máš prázdný:
==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)


nejlépe odinstalovat Comodo títo:
https://www.techsupportall.com/download ... oval-tool/

pak nainstalovat znovu..
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 05 úno 2021 21:17

Hotovo ale divej
je to ok?
Přílohy
Screenshot (6).png

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola log

Příspěvekod jaro3 » 05 úno 2021 22:08

Není , vypnul si předtím ten antivir?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 05 úno 2021 22:34

ja uz nevim ale odinstaloval se akorat tam zustal po nem comodo shopp a dragon browser
mam ho vypnout a udelat to znovu?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola log

Příspěvekod jaro3 » 05 úno 2021 22:45

Zkus to.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 06 úno 2021 09:20

Tak sem ho vypnul a odinstaloval ale zase tam neco blblo v te prvni tabulce screen.Po restartu mi to vyhodilo ale jeste 2 takovy a tam uz to vypadalo ok ale neslo mi to screen.Mam ho nainstalovat zpatky?
Přílohy
Screenshot (7).png

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola log

Příspěvekod jaro3 » 06 úno 2021 13:41

No jo , přístup odepřen.Dával si restart?

Nejlíp bude když uděláš znovu FRST ( oba logy) a já to potom scriptem udmažu celé.
Pak teprve bude možné znovu nainstalovat antivir.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 07 úno 2021 07:53

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 04-02-2021
Ran by lucka (administrator) on LENOVO-PC (LENOVO INVALID) (07-02-2021 07:44:48)
Running from C:\Users\lucka\Desktop
Loaded Profiles: lucka
Platform: Windows 8.1 Connected (Update) (X64) Language: English (United States)
Default browser: IE
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTAgent.exe
(AVB Disc Soft, SIA -> Disc Soft Ltd) C:\Program Files\DAEMON Tools Lite\DTShellHlp.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(CyberLink Corp. -> CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <11>
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel Corporation - pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel Corporation-Wireless Connectivity Solutions -> Intel Corporation) C:\Windows\System32\ibtsiva.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Intel(R) Wireless Connectivity Solutions -> Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(Intel(R) Wireless Connectivity Solutions -> Intel® Corporation) C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe
(Lenovo (Beijing) Limited -> ) C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Windows\System32\LenovoWiFiHotspotSvr.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MpCmdRun.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\Camera\Camera.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\rundll32.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\devmonsrv.exe
(Motorola Solutions Inc. -> Motorola Solutions, Inc.) C:\Program Files (x86)\Intel\Bluetooth\obexsrv.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Synaptics Incorporated -> Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(VideoLAN -> VideoLAN) C:\Program Files (x86)\VideoLAN\VLC\vlc.exe

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7818552 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [6340312 2014-01-21] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10841584 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI
HKLM\...\Run: [WindowsDefender] => "%ProgramFiles%\Windows Defender\MSASCuiL.exe"
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink Corp. -> CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp. -> CyberLink Corp.)
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\...\Run: [DAEMON Tools Lite Automount] => C:\Program Files\DAEMON Tools Lite\DTAgent.exe [408888 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\...\MountPoints2: {12438d51-68b0-11eb-829c-507b9d91ec18} - "F:\autorun.exe"
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\88.0.4324.150\Installer\chrmstp.exe [2021-02-04] (Google LLC -> Google LLC)
HKLM\Software\...\Authentication\Credential Providers: [{d0869df6-64b0-4289-b483-9bff61394420}] -> C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfCredProv.dll [2015-01-05] (Lenovo (Beijing) Limited -> )

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {01B0672D-13C0-4FC0-8DFD-CEE159881970} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17184 2014-09-10] (LENOVO -> Lenovo)
Task: {10D9ADD6-58F6-4012-A1FD-41A13851E5A8} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe [256824 2014-09-11] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {149FCF80-BA39-407F-A5BC-92D359631E0F} - System32\Tasks\{8331F916-D37B-4883-8E9A-C2A75724AF41} => C:\windows\system32\pcalua.exe -a "C:\Users\lucka\Desktop\zoek (1).exe" -d C:\Users\lucka\Desktop
Task: {177C642E-7F10-4D72-8255-5AA816434884} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2781936 2013-12-24] (Synaptics Incorporated -> Synaptics Incorporated)
Task: {3C7D587E-A3BD-4B2E-A799-0DB54F80AB81} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {484AA85E-1243-4D93-8D53-4EDC85268486} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Task: {5AF4093C-FCE7-4789-B705-F949D28484F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Task: {5F5D770B-B82F-4B08-870F-88AB4A737C7F} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [35584 2014-07-30] (LENOVO -> )
Task: {6C1AB129-102B-4DA1-BF15-5E718CD47117} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [17152 2014-08-19] (LENOVO -> Lenovo)
Task: {6FBD2DC9-651A-44F9-9DB3-6A16C51DDD7A} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D21ABD2A-F492-4A86-8555-CAE5E1851009} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {D90399AF-50A8-4DB2-B1F5-14C9022ECFA1} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
Task: {E6431623-D652-4878-BBF5-7112B6AFBF20} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\Program Files\Windows Defender\\MpCmdRun.exe [410792 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{51AF7BC3-537D-4648-B5FB-E691F51BF9FF}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{E60D511B-C0E6-474F-8897-14A388D55888}: [DhcpNameServer] 178.22.112.22 178.22.118.10

Edge:
=======
Edge Profile: C:\Users\lucka\AppData\Local\Microsoft\Edge\User Data\Default [2021-02-05]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

Chrome:
=======
CHR DefaultProfile: Profile 3
CHR Profile: C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-02-04]
CHR Profile: C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Profile 3 [2021-02-07]
CHR Extension: (Chrome Web Store Payments) - C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Chrome Media Router) - C:\Users\lucka\AppData\Local\Google\Chrome\User Data\Profile 3\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-02-04]
CHR Profile: C:\Users\lucka\AppData\Local\Google\Chrome\User Data\System Profile [2021-02-04]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] (Lenovo (Beijing) Limited -> )
R3 Disc Soft Lite Bus Service; C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe [5026616 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Lenovo EasyPlus Hotspot; C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin\EPHotspot64.exe [561408 2014-09-23] (LENOVO -> Lenovo)
S2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584960 2014-07-30] (LENOVO -> LENOVO INCORPORATED.)
R2 LenovoWiFiHotspotSvr; C:\Windows\System32\LenovoWiFiHotspotSvr.exe [198192 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-02-08] (Maxthon (Asia) Limited. -> Maxthon)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2015-01-05] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
S2 UESDK1.0; C:\Program Files (x86)\Lenovo\UESDK\UESDK.exe [319472 2014-07-18] (Lenovo (Beijing) Limited -> Lenovo)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2015-01-05] (Lenovo (Beijing) Limited -> )
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation -> Microsoft Corporation)
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 btmaux; C:\windows\system32\DRIVERS\btmaux.sys [140600 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
S3 btmhsf; C:\windows\system32\DRIVERS\btmhsf.sys [1411384 2013-11-07] (Motorola Solutions Inc. -> Motorola Solutions, Inc.)
R3 dtlitescsibus; C:\windows\System32\drivers\dtlitescsibus.sys [42256 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
R3 dtliteusbbus; C:\windows\System32\drivers\dtliteusbbus.sys [59360 2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
S3 MpKsl82115176; C:\ProgramData\Microsoft\Windows Defender\Definition Updates\{AA2B4930-2BFE-4421-A9A9-CF470D1BAC1E}\MpKslDrv.sys [47344 2021-02-06] (Microsoft Windows -> Microsoft Corporation)
S0 WdBoot; C:\windows\System32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\windows\System32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)
S1 amsdk; \??\C:\windows\system32\drivers\amsdk.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-07 07:44 - 2021-02-07 07:46 - 000015733 _____ C:\Users\lucka\Desktop\FRST.txt
2021-02-07 07:42 - 2021-02-07 07:42 - 002297856 _____ (Farbar) C:\Users\lucka\Desktop\FRST64.exe
2021-02-07 07:30 - 2021-02-07 07:30 - 000000000 ____D C:\Users\lucka\AppData\Local\Riot Games
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\Public\Documents\Daemon Tools Images
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\Public\Documents\Catch!
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\lucka\AppData\Roaming\DAEMON Tools Lite
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\Users\lucka\AppData\Local\Disc_Soft_Ltd
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\ProgramData\Documents\Daemon Tools Images
2021-02-06 20:20 - 2021-02-06 20:20 - 000000000 ____D C:\ProgramData\Documents\Catch!
2021-02-06 20:15 - 2021-02-06 20:15 - 000059360 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtliteusbbus.sys
2021-02-06 20:15 - 2021-02-06 20:15 - 000000000 ____D C:\Users\lucka\AppData\Roaming\Disc-Soft
2021-02-06 20:14 - 2021-02-06 20:15 - 000042256 _____ (Disc Soft Ltd) C:\windows\system32\Drivers\dtlitescsibus.sys
2021-02-06 20:14 - 2021-02-06 20:14 - 000001656 _____ C:\Users\Public\Desktop\DAEMON Tools Lite.lnk
2021-02-06 20:14 - 2021-02-06 20:14 - 000001656 _____ C:\ProgramData\Desktop\DAEMON Tools Lite.lnk
2021-02-06 20:14 - 2021-02-06 20:14 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\DAEMON Tools Lite
2021-02-06 20:13 - 2021-02-06 20:15 - 000000000 ____D C:\Program Files\DAEMON Tools Lite
2021-02-06 20:13 - 2021-02-06 20:13 - 000000000 ____D C:\ProgramData\Disc-Soft
2021-02-06 17:44 - 2021-02-06 17:45 - 001743552 _____ (Disc Soft Ltd) C:\Users\lucka\Downloads\DTLiteInstaller.exe
2021-02-06 17:33 - 2021-02-06 17:33 - 000000424 _____ C:\Users\lucka\Desktop\This PC - Shortcut.lnk
2021-02-06 06:58 - 2021-02-06 08:54 - 2124041499 _____ C:\Users\lucka\Downloads\X-Men.2019.BluRay.1080p.AC3.CZ.dabing.mkv
2021-02-05 19:32 - 2021-02-05 19:32 - 005712000 _____ (COMODO) C:\Users\lucka\Downloads\cispremium_installer.exe
2021-02-05 19:31 - 2021-02-05 19:31 - 001688256 _____ (COMODO) C:\Users\lucka\Downloads\ciscleanuptool_x64.exe
2021-02-05 16:49 - 2021-02-05 18:28 - 1799282170 _____ C:\Users\lucka\Downloads\Once.upon.holywood.2019.BluRay.720p.AC3.5.1.CZ.mkv
2021-02-05 13:19 - 2021-02-06 08:53 - 000000000 ____D C:\Users\lucka\Desktop\New folder
2021-02-05 10:30 - 2021-02-05 10:30 - 000003332 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
2021-02-05 10:30 - 2021-02-05 10:30 - 000003204 _____ C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
2021-02-05 00:57 - 2021-02-05 00:57 - 000000451 _____ C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
2021-02-05 00:53 - 2021-02-05 00:53 - 000002254 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Edge.lnk
2021-02-05 00:53 - 2021-02-05 00:53 - 000002213 _____ C:\Users\Public\Desktop\Microsoft Edge.lnk
2021-02-05 00:53 - 2021-02-05 00:53 - 000002213 _____ C:\ProgramData\Desktop\Microsoft Edge.lnk
2021-02-05 00:52 - 2021-02-05 00:52 - 000003380 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineUA
2021-02-05 00:52 - 2021-02-05 00:52 - 000003252 _____ C:\windows\system32\Tasks\MicrosoftEdgeUpdateTaskMachineCore
2021-02-05 00:52 - 2020-10-02 21:58 - 000835472 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerApp.exe
2021-02-05 00:52 - 2020-10-02 21:58 - 000179608 _____ (Adobe) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2021-02-05 00:34 - 2021-02-05 00:35 - 000000000 ____D C:\windows\system32\Appraiser
2021-02-04 23:14 - 2021-01-08 02:21 - 000514048 _____ (Microsoft Corporation) C:\windows\system32\winspool.drv
2021-02-04 23:14 - 2021-01-08 02:13 - 000399360 _____ (Microsoft Corporation) C:\windows\SysWOW64\winspool.drv
2021-02-04 23:14 - 2020-10-13 05:31 - 002132992 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2021-02-04 23:14 - 2020-10-13 05:09 - 002058752 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2021-02-04 23:13 - 2020-08-11 07:16 - 000376072 _____ (Adobe Systems Incorporated) C:\windows\system32\atmfd.dll
2021-02-04 23:13 - 2020-08-11 05:33 - 000317176 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\atmfd.dll
2021-02-04 23:13 - 2020-06-11 04:24 - 000088064 _____ (Microsoft Corporation) C:\windows\system32\tdc.ocx
2021-02-04 23:13 - 2020-06-11 04:02 - 000073216 _____ (Microsoft Corporation) C:\windows\SysWOW64\tdc.ocx
2021-02-04 23:13 - 2020-05-10 05:23 - 000290816 _____ (Microsoft Corporation) C:\windows\system32\mpg2splt.ax
2021-02-04 23:13 - 2020-05-10 04:56 - 000233984 _____ (Microsoft Corporation) C:\windows\SysWOW64\mpg2splt.ax
2021-02-04 23:13 - 2020-01-28 09:06 - 001677024 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2021-02-04 23:13 - 2020-01-28 09:06 - 001500848 _____ (Microsoft Corporation) C:\windows\system32\winresume.efi
2021-02-04 23:13 - 2019-09-06 14:17 - 000249856 _____ (Gracenote, Inc.) C:\windows\SysWOW64\gnsdk_fp.dll
2021-02-04 23:13 - 2019-04-04 23:15 - 000513416 _____ C:\windows\SysWOW64\locale.nls
2021-02-04 23:13 - 2019-04-04 23:15 - 000513416 _____ C:\windows\system32\locale.nls
2021-02-04 23:13 - 2019-02-26 08:31 - 000417280 _____ (Microsoft Corporation) C:\windows\system32\html.iec
2021-02-04 23:13 - 2018-10-25 01:54 - 000151552 _____ (Microsoft Corporation) C:\windows\system32\wshom.ocx
2021-02-04 23:13 - 2018-10-25 01:51 - 000121344 _____ (Microsoft Corporation) C:\windows\SysWOW64\wshom.ocx
2021-02-04 23:13 - 2018-04-15 17:55 - 000669696 _____ (Microsoft Corporation) C:\windows\system32\hhctrl.ocx
2021-02-04 23:13 - 2018-04-15 17:16 - 000536576 _____ (Microsoft Corporation) C:\windows\SysWOW64\hhctrl.ocx
2021-02-04 23:12 - 2019-10-10 17:20 - 000044032 _____ (Adobe Systems) C:\windows\system32\atmlib.dll
2021-02-04 23:12 - 2019-10-10 16:50 - 000035840 _____ (Adobe Systems) C:\windows\SysWOW64\atmlib.dll
2021-02-04 23:12 - 2018-08-26 05:07 - 000004608 _____ (Microsoft Corporation) C:\windows\SysWOW64\msdxm.ocx
2021-02-04 20:20 - 2021-02-07 07:45 - 000000000 ____D C:\FRST
2021-02-04 19:55 - 2021-02-04 19:55 - 001060864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfc71.dll
2021-02-03 23:04 - 2021-02-05 21:01 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
2021-02-03 22:53 - 2021-02-03 23:42 - 000050388 _____ C:\windows\ZAM.krnl.trace
2021-02-03 13:51 - 2021-02-07 07:22 - 000000000 ____D C:\Users\lucka\AppData\Roaming\vlc
2021-02-03 13:29 - 2021-02-03 13:29 - 000001097 _____ C:\Users\Public\Desktop\VLC media player.lnk
2021-02-03 13:29 - 2021-02-03 13:29 - 000001097 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-02-03 13:29 - 2021-02-03 13:29 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VideoLAN
2021-02-03 12:34 - 2021-02-03 12:34 - 000000000 ____D C:\Users\lucka\AppData\Local\Conexant
2021-02-03 11:47 - 2021-02-03 11:47 - 000000000 ____D C:\Users\lucka\AppData\Local\Zemana
2021-02-03 11:47 - 2021-02-03 11:47 - 000000000 ____D C:\Program Files (x86)\Zemana
2021-02-03 11:46 - 2021-02-03 23:42 - 000000000 ____D C:\Users\lucka\AppData\Local\AMSDK
2021-02-03 11:38 - 2014-02-13 23:59 - 000024064 _____ C:\windows\zoek-delete.exe
2021-02-03 11:04 - 2021-02-03 22:53 - 000003122 _____ C:\windows\system32\Tasks\{8331F916-D37B-4883-8E9A-C2A75724AF41}
2021-02-03 11:03 - 2021-02-03 11:31 - 000000000 ____D C:\zoek_backup
2021-02-02 18:23 - 2021-02-02 18:23 - 000000000 ____D C:\ProgramData\Sophos
2021-02-02 15:14 - 2021-02-05 00:02 - 000000000 ____D C:\Users\lucka\AppData\Local\CrashDumps
2021-02-02 14:32 - 2021-02-02 14:32 - 000000000 ____D C:\Users\lucka\AppData\Local\mbam
2021-02-02 14:31 - 2021-02-02 14:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-02-02 14:29 - 2021-02-02 14:29 - 002086424 _____ (Malwarebytes) C:\Users\lucka\Downloads\MBSetup.exe
2021-02-02 14:18 - 2021-02-02 17:46 - 000000000 ____D C:\AdwCleaner
2021-02-01 19:59 - 2021-02-01 19:59 - 000000000 ____D C:\Users\lucka\AppData\Local\CyberLink
2021-02-01 15:45 - 2021-02-01 15:45 - 000000000 ____D C:\Users\lucka\AppData\Roaming\CyberLink

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-02-07 07:35 - 2017-03-05 08:26 - 000003930 _____ C:\windows\system32\Tasks\User_Feed_Synchronization-{A606ED3F-E5DF-4564-84C8-5A7985F67766}
2021-02-07 07:22 - 2017-03-05 08:25 - 000003598 _____ C:\windows\system32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4289856400-1582998229-3165114676-1001
2021-02-06 20:27 - 2017-03-05 08:19 - 000000000 __SHD C:\Users\lucka\IntelGraphicsProfiles
2021-02-06 20:26 - 2013-08-22 15:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2021-02-06 20:25 - 2015-01-05 13:07 - 000002560 _____ C:\windows\system32\VfService.trf
2021-02-06 20:15 - 2013-08-22 14:36 - 000000000 ____D C:\windows\Inf
2021-02-05 21:04 - 2013-08-22 16:36 - 000000000 ___RD C:\windows\ImmersiveControlPanel
2021-02-05 21:04 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\SecureBootUpdates
2021-02-05 20:32 - 2013-08-22 16:20 - 000000000 ____D C:\windows\CbsTemp
2021-02-05 19:56 - 2014-03-18 10:53 - 000865068 _____ C:\windows\system32\PerfStringBackup.INI
2021-02-05 13:05 - 2013-08-22 16:36 - 000000000 ____D C:\windows\rescache
2021-02-05 01:07 - 2015-01-05 12:51 - 000000000 ____D C:\windows\system32\Tasks\Lenovo
2021-02-05 00:57 - 2015-01-05 12:22 - 000000306 _____ C:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
2021-02-05 00:47 - 2013-08-22 15:44 - 000346744 _____ C:\windows\system32\FNTCACHE.DAT
2021-02-05 00:36 - 2013-08-22 16:36 - 000000000 ___RD C:\windows\ToastData
2021-02-05 00:35 - 2018-01-10 12:20 - 000000000 ___SD C:\windows\system32\CompatTel
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\SysWOW64\setup
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\setup
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\windows\PolicyDefinitions
2021-02-05 00:35 - 2013-08-22 16:36 - 000000000 ____D C:\Program Files\Common Files\System
2021-02-05 00:35 - 2013-08-22 14:36 - 000000000 ____D C:\windows\SysWOW64\Dism
2021-02-05 00:35 - 2013-08-22 14:36 - 000000000 ____D C:\windows\system32\oobe
2021-02-05 00:35 - 2013-08-22 14:36 - 000000000 ____D C:\windows\system32\Dism
2021-02-04 23:55 - 2015-01-05 11:59 - 000000000 ___HD C:\Intel
2021-02-04 23:45 - 2017-12-28 17:59 - 000000000 ____D C:\windows\system32\MRT
2021-02-04 23:29 - 2017-12-28 17:58 - 135062968 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2021-02-04 20:38 - 2018-01-03 13:05 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-02-04 20:38 - 2018-01-03 13:05 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2021-02-04 20:38 - 2018-01-03 13:05 - 000002214 _____ C:\ProgramData\Desktop\Google Chrome.lnk
2021-02-03 22:53 - 2015-01-05 13:06 - 000003056 _____ C:\windows\system32\Tasks\PDVDServ Task
2021-02-03 22:53 - 2015-01-05 12:09 - 000002990 _____ C:\windows\system32\Tasks\Synaptics TouchPad Enhancements
2021-02-03 13:28 - 2017-12-28 18:54 - 000000000 ____D C:\Program Files (x86)\VideoLAN
2021-02-03 12:34 - 2015-01-05 12:05 - 000000000 ____D C:\ProgramData\Conexant
2021-02-02 15:02 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\BBI
2021-02-02 14:47 - 2015-01-05 12:50 - 000000000 ____D C:\Program Files (x86)\Lenovo
2021-02-02 14:24 - 2013-08-22 16:36 - 000000000 ____D C:\windows\system32\NDF
2021-02-02 14:14 - 2013-08-22 14:25 - 000262144 ___SH C:\windows\system32\config\ELAM
2021-02-01 19:59 - 2015-01-05 13:06 - 000000000 ____D C:\ProgramData\CyberLink
2021-02-01 19:12 - 2013-08-22 16:36 - 000000000 ____D C:\windows\tracing
2021-02-01 13:59 - 2013-08-22 16:36 - 000000000 ___HD C:\Program Files\WindowsApps
2021-02-01 13:59 - 2013-08-22 16:36 - 000000000 ____D C:\windows\AppReadiness
2021-01-21 22:37 - 2018-01-17 11:53 - 000799104 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-02-05 19:04
==================== End of FRST.txt ========================

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 07 úno 2021 07:54

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 04-02-2021
Ran by lucka (07-02-2021 07:49:27)
Running from C:\Users\lucka\Desktop
Windows 8.1 Connected (Update) (X64) (2017-03-05 07:18:20)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4289856400-1582998229-3165114676-500 - Administrator - Disabled)
Guest (S-1-5-21-4289856400-1582998229-3165114676-501 - Limited - Disabled)
lucka (S-1-5-21-4289856400-1582998229-3165114676-1001 - Administrator - Enabled) => C:\Users\lucka

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 3.4.0.2710 - Adobe Systems Incorporated)
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{6da487a6-c50d-494e-aaa0-6d8ce9c37ef3}) (Version: 20.10.2 - Intel Corporation)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.28.50 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
DAEMON Tools Lite (HKLM\...\DAEMON Tools Lite) (Version: 10.14.0.1679 - Disc Soft Ltd)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.26.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{503B47A9-E34A-4841-ADD7-417191D5DB5E}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5B2190E9-199D-450A-94B3-4D6826C770C2}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{5BEFE1E1-F597-4B79-913B-15FFDB25B744}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{63DE35C9-B080-4D03-B110-99E14FD35BCE}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{E966DBE4-5075-465E-BA81-BC9A3A3204B3}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.21 - Lenovo)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 88.0.4324.150 - Google LLC)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.4276 - Intel Corporation)
Intel(R) PROSet/Wireless Software for Bluetooth(R) Technology(patch version 17.0.1347.2) (HKLM\...\{302600C1-6BDF-4FD1-1312-148929CC1385}) (Version: 17.0.1312.0414 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1064 - Intel Corporation)
League of Legends (HKLM-x32\...\League of Legends 1.0) (Version: 1.0 - Riot Games, Inc)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.26.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo FusionEngine (HKLM-x32\...\Lenovo FusionEngine) (Version: 1.0.13.0 - Lenovo, Inc.)
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo) Hidden
Lenovo Mobile Phone Wireless Import (HKLM-x32\...\InstallShield_{DFB2E0D6-8DDE-49A4-B8F7-03C14DACCBA6}) (Version: 1.1.1.9 - Lenovo)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo Photo Master (HKLM-x32\...\{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.) Hidden
Lenovo Photo Master (HKLM-x32\...\InstallShield_{BC94C56A-3649-420C-8756-2ADEBE399D33}) (Version: 1.0.1823.01 - CyberLink Corp.)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.4.2.2000 - Maxthon International Limited)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4641.3004 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
SHAREit (HKLM-x32\...\SHAREit_is1) (Version: 2.1.8.0 - Lenovo Group Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.14.74 - Synaptics Incorporated)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
VLC media player (HKLM-x32\...\VLC media player) (Version: 3.0.12 - VideoLAN)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.60 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.60.0 - win.rar GmbH)

Packages:
=========
Amazon -> C:\Program Files\WindowsApps\Amazon.com.Amazon_3.1.2.8_neutral__343d40qqvtj1t [2017-12-29] (Amazon.com)
Companion -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_2.2.26.0_x86__k1h2ywk1493x8 [2017-12-29] (LENOVO INC.)
Dailymotion -> C:\Program Files\WindowsApps\DailymotionSA.Dailymotion_2.0.1.63_x64__6dqnvyezrysvy [2017-12-29] (Dailymotion SA)
Evernote Touch -> C:\Program Files\WindowsApps\Evernote.Evernote_3.3.0.102_x86__q4d96b2w5wcc2 [2017-12-29] (Evernote)
Hry -> C:\Program Files\WindowsApps\Microsoft.XboxLIVEGames_2.0.139.0_x64__8wekyb3d8bbwe [2017-08-30] (Microsoft Corporation) [MS Ad]
Hudba -> C:\Program Files\WindowsApps\Microsoft.ZuneMusic_2.6.672.0_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2017-12-29] (FilmOn TV Inc.)
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2018-04-03] (McAfee_Inc)
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Finance -> C:\Program Files\WindowsApps\Microsoft.BingFinance_3.0.4.344_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_3.0.4.350_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Sport -> C:\Program Files\WindowsApps\Microsoft.BingSports_3.0.4.345_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
MSN Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_3.0.4.344_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2017-12-29] (LENOVO INC)
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2017-12-29] (CYBERLINK COM CORPORATION)
Skype -> C:\Program Files\WindowsApps\Microsoft.SkypeApp_3.1.0.1016_x86__kzf8qxf38zg5c [2017-12-29] (Skype) [MS Ad]
The Weather Channel for Lenovo -> C:\Program Files\WindowsApps\Weather.TheWeatherChannelforLenovo_2.1.20.1_x64__t3yemqpq4kp7p [2017-12-29] (The Weather Channel.)
Translator -> C:\Program Files\WindowsApps\Microsoft.BingTranslator_1.18.3.0_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation)
TripAdvisor Hotels Flights Restaurants -> C:\Program Files\WindowsApps\TripAdvisorLLC.TripAdvisorHotelsFlightsRestaurants_1.2.0.24_neutral__qj0v5chwq8f2g [2017-08-30] (TripAdvisor LLC)
Video -> C:\Program Files\WindowsApps\Microsoft.ZuneVideo_2.6.446.0_x64__8wekyb3d8bbwe [2017-12-29] (Microsoft Corporation) [MS Ad]
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2017-12-29] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\windows\system32\igfxEM.exe (Intel Corporation - pGFX -> Intel Corporation)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers1: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (CyberLink Corp. -> Cyberlink)
ContextMenuHandlers2: [DaemonShellExtDriveLite] -> {C06369D6-E77D-4626-9656-1256312BD576} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers3: [DaemonShellExtImageLite] -> {1D1B5D7B-0FC9-452E-902C-12BACD4FBC20} => C:\Program Files\DAEMON Tools Lite\dtshl64.dll [2021-02-06] (AVB Disc Soft, SIA -> Disc Soft Ltd)
ContextMenuHandlers4: [SHAREit.FileContextMenuExt] -> {430BD134-576D-4E75-87CD-0F5C6221A82B} => C:\Program Files (x86)\Lenovo\SHAREit\ShellEx\ShellExt64.dll [2014-08-13] (Lenovo) [File not signed]
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\windows\system32\igfxDTCM.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers5: [igfxOSP] -> {FA507C3F-30C6-4DCA-9EE5-2656072EEC14} => C:\windows\system32\igfxOSP.dll [2015-08-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2018-06-24] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\lucka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\225bb61db2f318c1\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 3"

==================== Loaded Modules (Whitelisted) =============

2015-01-05 13:07 - 2015-01-05 13:07 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2015-01-05 13:07 - 2015-01-05 13:07 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2015-01-05 13:02 - 2015-01-05 13:02 - 000348160 _____ (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\Software\Microsoft\Internet Explorer\Main,Secondary Start Pages = hxxp://mystart.lenovo.com
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {2B2489C6-450C-4C75-AE03-5600D36E818A} URL =

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2021-02-04 09:28 - 000000813 _____ C:\windows\system32\drivers\etc\hosts
127.0.0.1 localhost

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Lenovo\FusionEngine;C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files (x86)\Common Files\lenovo\easyplussdk\bin;C:\Program Files\Intel\WiFi\bin\;C:\Program Files\Common Files\Intel\WirelessCommon\
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lucka\Pictures\water.jpg
DNS Servers: Media is not connected to internet.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{238E7177-2177-46E1-90F5-44A4B7A4E727}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{6135B7A6-8AE8-49F9-9885-62E8F350D8F3}] => (Allow) C:\Program Files (x86)\Lenovo\SHAREit\SHAREit.exe (LENOVO -> Lenovo)
FirewallRules: [{131F1D07-101A-4F36-9A5B-55E0111B69C1}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{D382C858-3B36-4482-ACF7-06BE08BCDF9C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{69F0FB2A-60AD-4B34-8AFD-DF6CACC76D3D}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{6E2C7393-55E6-4889-8731-023034F67E8C}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{015D3E69-D0DC-45A9-941E-E1BCFD08EDE9}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5C872768-5E0B-4EED-A03F-FC1540E452BC}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{5CA9C6D2-699C-4686-872D-083F0DABFDB5}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{A843F6C8-7B49-4931-A921-59F5B68703D1}] => (Allow) C:\Program Files (x86)\Lenovo\Lenovo Photo Master\subsys\AdvPhotoEditor\PhotoDirector5.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F9002769-A790-4660-A813-2333925E8EC9}] => (Allow) LPort=55100
FirewallRules: [{A439B9C4-BB84-415C-92F9-74DCA59AD1B5}] => (Allow) C:\Program Files\Lenovo PhotoMasterImport\PhotoMasterImport.exe (Lenovo (Beijing) Limited -> Lenovo)
FirewallRules: [{4C48707D-B398-4FDF-A26F-35A6AEA3942D}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel(R) Wireless Connectivity Solutions -> )
FirewallRules: [{D8EF3C6B-42BE-42A9-A474-02E1E4AF5854}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{57F9E9E2-26CD-46D7-98B7-F2828F33A33E}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)
FirewallRules: [{6B968F51-D220-48FD-B590-666D578E2270}] => (Allow) C:\Program Files\DAEMON Tools Lite\DiscSoftBusServiceLite.exe (AVB Disc Soft, SIA -> Disc Soft Ltd)

==================== Restore Points =========================

06-02-2021 08:56:21 Comodo Internet Security: Custom Uninstaller

==================== Faulty Device Manager Devices ============


==================== Event log errors: ========================

Application errors:
==================
Error: (02/06/2021 09:15:07 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: SystemAgentService.exe, version: 1.6.1.0, time stamp: 0x53d9aaa5
Faulting module name: SystemAgentService.exe, version: 1.6.1.0, time stamp: 0x53d9aaa5
Exception code: 0xc0000409
Fault offset: 0x0000b15e
Faulting process id: 0x620
Faulting application start time: 0x01d6fcbde8bb2fe3
Faulting application path: C:\Program Files\Lenovo\iMController\SystemAgentService.exe
Faulting module path: C:\Program Files\Lenovo\iMController\SystemAgentService.exe
Report Id: 00bd2238-68b8-11eb-829d-507b9d91ec18
Faulting package full name:
Faulting package-relative application ID:

Error: (02/06/2021 08:28:29 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: CCSDK.exe, version: 1.0.3.4, time stamp: 0x53bcd5bf
Faulting module name: SensorsApi.dll_unloaded, version: 6.3.9600.17415, time stamp: 0x54504285
Exception code: 0xc0000005
Fault offset: 0x0000a580
Faulting process id: 0x110c
Faulting application start time: 0x01d6fcbe3a7b63c2
Faulting application path: C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
Faulting module path: SensorsApi.dll
Report Id: 7cfb06a2-68b1-11eb-829d-507b9d91ec18
Faulting package full name:
Faulting package-relative application ID:

Error: (02/06/2021 08:56:21 AM) (Source: VSS) (EventID: 8194) (User: )
Description: Volume Shadow Copy Service error: Unexpected error querying for the IVssWriterCallback interface. hr = 0x80070005, Access is denied.
.
This is often caused by incorrect security settings in either the writer or requestor process.


Operation:
Gathering Writer Data

Context:
Writer Class Id: {e8132975-6f93-4464-a53e-1050253ae220}
Writer Name: System Writer
Writer Instance ID: {f30afc64-a4f8-4290-b0e0-364aaa6e83c6}

Error: (02/05/2021 08:49:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Internet Security Essentials.

System Error:
The system cannot find the file specified.
.

Error: (02/05/2021 08:49:48 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary COMODO Secure Shopping.

System Error:
The system cannot find the file specified.
.

Error: (02/05/2021 08:46:07 PM) (Source: Perflib) (EventID: 1023) (User: )
Description: Windows cannot load the extensible counter DLL rdyboost. The first four bytes (DWORD) of the Data section contains the Windows error code.

Error: (02/05/2021 08:31:42 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Faulting application name: mbamtray.exe, version: 4.0.0.887, time stamp: 0x600f4741
Faulting module name: Qt5Core.dll, version: 5.14.1.0, time stamp: 0x5f84e8d4
Exception code: 0xc0000005
Fault offset: 0x0000000000219dc5
Faulting process id: 0xb24
Faulting application start time: 0x01d6fbf56c4c7cc3
Faulting application path: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Faulting module path: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
Report Id: c60b4345-67e8-11eb-8297-507b9d91ec18
Faulting package full name:
Faulting package-relative application ID:

Error: (02/05/2021 08:08:53 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Cryptographic Services failed while processing the OnIdentity() call in the System Writer Object.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Internet Security Essentials.

System Error:
The system cannot find the file specified.
.


System errors:
=============
Error: (02/07/2021 07:20:28 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/06/2021 09:15:10 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The Lenovo System Agent Service service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2021 08:28:43 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: The CCSDK service terminated unexpectedly. It has done this 1 time(s).

Error: (02/06/2021 08:26:07 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Firewall Core Service service depends on the following service: mfevtp. This service might not be installed.

Error: (02/06/2021 08:18:56 PM) (Source: Service Control Manager) (EventID: 7003) (User: )
Description: The McAfee Firewall Core Service service depends on the following service: mfevtp. This service might not be installed.

Error: (02/06/2021 08:17:37 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: The application-specific permission settings do not grant Local Activation permission for the COM Server application with CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
and APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
to the user NT AUTHORITY\SYSTEM SID (S-1-5-18) from address LocalHost (Using LRPC) running in the application container Unavailable SID (Unavailable). This security permission can be modified using the Component Services administrative tool.

Error: (02/06/2021 08:09:34 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.

Error: (02/06/2021 08:09:34 PM) (Source: DCOM) (EventID: 10010) (User: Lenovo-PC)
Description: The server {4545DEA0-2DFC-4906-A728-6D986BA399A9} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2018-07-22 14:12:03.915
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

Date: 2018-07-21 22:39:15.642
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: Real-Time Protection
Process Name: C:\Windows\System32\WindowsPowerShell\v1.0\powershell.exe
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

Date: 2018-07-21 20:07:39.640
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {A7D4AE3E-054B-4E9E-9795-7A5D3191F3A9}
Scan Type: Antimalware
Scan Parameters: Full Scan

Date: 2018-07-21 16:10:56.701
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

Date: 2018-07-20 23:20:10.650
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Program:Win32/CompromisedCert.A
ID: 208268
Severity: Severe
Category: Potentially Unwanted Software
Path: clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{02966FA9-C01A-47E7-A169-C83AEA1FB0BA};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{05FF6A00-76A3-4AA1-A9A4-A782152ABE60};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{10A7F29D-4B00-40EC-B07D-8616DF8135E6};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{4EECDED2-40FB-4500-85B4-86FB0EBECA68};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{533403E2-6E21-4615-9E28-43F4E97E977B};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{5780633B-414C-446F-8EB2-FF1C9A731C99};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{70C7334A-66D9-46DE-A4E2-6B923C7DB94E};clsid:_HKLM\SOFTWARE\CLASSES\Wow6432Node\CLSID\{9AD5C084-B6E6-456A-8BA2-A559663780E5};file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\Run.exe;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VDWFP.sys;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VDWFPInstaller.exe;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe;file:_C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.tl
Detection Origin: Local machine
Detection Type: Concrete
Detection Source: System
Process Name: C:\Program Files (x86)\Lenovo\VisualDiscovery\VisualDiscovery.exe
Signature Version: AV: 1.261.1370.0, AS: 1.261.1370.0, NIS: 118.2.0.0
Engine Version: AM: 1.1.14500.5, NIS: 2.1.14202.0

Date: 2021-02-05 19:57:16.994
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 119.0.0.0
Update Source: Microsoft Malware Protection Center
Signature Type: Network Inspection System
Update Type: Full
Current Engine Version:
Previous Engine Version: 2.1.14600.4
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2021-02-05 19:57:16.805
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.331.231.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiSpyware
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2021-02-05 19:57:16.804
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.331.231.0
Update Source: Microsoft Malware Protection Center
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x80072ee7
Error description: The server name or address could not be resolved

Date: 2021-02-05 19:57:16.492
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.331.231.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.17800.5
Error code: 0x8024402c
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2018-07-21 15:40:47.435
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.261.1370.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.14500.5
Error code: 0x80240438
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

CodeIntegrity:
===================================

Date: 2021-02-05 20:53:05.235
Description:
Windows is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\guard64.dll because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

Date: 2021-02-05 20:03:43.085
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 19:56:43.285
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\svchost.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 19:55:53.718
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\NisSrv.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-05 19:55:39.905
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MpCmdRun.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-05 19:55:36.624
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2021-02-05 19:51:03.033
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

Date: 2021-02-05 19:46:21.686
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\System32\services.exe) attempted to load \Device\HarddiskVolume5\Windows\System32\cssguard64.dll that did not meet the Windows signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A7CN48WW 08/03/2015
Motherboard: LENOVO VIUU4
Processor: Intel(R) Celeron(R) CPU N2840 @ 2.16GHz
Percentage of memory in use: 55%
Total physical RAM: 3979.2 MB
Available physical RAM: 1766.82 MB
Total Virtual: 4427.2 MB
Available Virtual: 2134.84 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:424.82 GB) (Free:358.55 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:21.95 GB) NTFS

\\?\Volume{9f995edd-2123-4fe3-aa87-e3b6497d0d6c}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.66 GB) NTFS
\\?\Volume{9aa61b3e-0b8e-47c4-a783-100ec55eee80}\ (PBR_DRV) (Fixed) (Total:13.61 GB) (Free:2.78 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 465.8 GB) (Disk ID: 798ED846)

Partition: GPT.

==================== End of Addition.txt =======================

lycantrop321
Level 1
Level 1
Příspěvky: 64
Registrován: únor 21
Pohlaví: Nespecifikováno
Stav:
Offline

Re: Kontrola log

Příspěvekod lycantrop321 » 07 úno 2021 07:55

jo daval.chces i log s ciscleanuptool ?

Date: 2018-07-21 16:10:56.701
Description:
Windows Defender has detected malware or other potentially unwanted software.
For more information please see the following:
http://go.microsoft.com/fwlink/?linkid= ... terprise=0
Name: Trojan:Win32/CoinMiner.C!cl
ID: 2147722604
Severity: Severe
Category: Trojan
Path: file:_C:\Windows\Explorero.exe
Detection Origin: Local machine
Detection Type: FastPath
Detection Source: System
Process Name: Unknown
Signature Version: AV: 1.273.127.0, AS: 1.273.127.0, NIS: 119.0.0.0
Engine Version: AM: 1.1.15100.1, NIS: 2.1.14600.4

to mam v pc minera/y?

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Kontrola log

Příspěvekod jaro3 » 07 úno 2021 17:26

OK.
Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [COMODO Autostart {D5EFF3B3-E126-4AF6-BCE9-852A72129E10}] => C:\Program Files\COMODO\COMODO Internet Security\cis.exe --cistrayUI
HKU\S-1-5-21-4289856400-1582998229-3165114676-1001\...\MountPoints2: {12438d51-68b0-11eb-829c-507b9d91ec18} - "F:\autorun.exe"
Task: {484AA85E-1243-4D93-8D53-4EDC85268486} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Task: {5AF4093C-FCE7-4789-B705-F949D28484F3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2018-01-03] (Google Inc -> Google Inc.)
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]
S2 mfefire; "C:\Program Files\Common Files\McAfee\SystemCore\\mfefire.exe" [X]
C:\Users\lucka\Downloads\cispremium_installer.exe
C:\Users\lucka\Downloads\ciscleanuptool_x64.exe
C:\windows\system32\Tasks\GoogleUpdateTaskMachineUA
C:\windows\system32\Tasks\GoogleUpdateTaskMachineCore
C:\windows\system32\{F33C3B9B-72AF-418A-B3FD-560646F7CDA2}.bat
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Comodo
C:\windows\system32\{86F549EB-A66B-4D6C-958D-CDDD66410751}.bat
Amazon 1Button App (HKLM-x32\...\{3E69CC95-C0F6-4C74-8F43-74F9046F20B2}) (Version: 1.0.10 - Amazon) <==== ATTENTION
McAfee® Central for Lenovo -> C:\Program Files\WindowsApps\McAfeeInc.06.McAfeeSecurityAdvisorforLenovo_5.0.173.1_x64__bq6yxensn79aw [2018-04-03] (McAfee_Inc)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4289856400-1582998229-3165114676-1001 -> {2B2489C6-450C-4C75-AE03-5600D36E818A} URL =

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Pak si můžeš nainstalovat antivir.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 13 hostů