Prosím kontrolu logu Vyřešeno

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Prosím kontrolu logu

Příspěvekod Slegr » 12 črc 2018 09:53

Zdravím,

tentokrát kamarádčin zasekaný notebook, dá se předpokládat trošku havěti.

Díky za odezvu.

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 9:49:25, on 12. 7. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\moje programy\avg pc tuneup\Antivirus\AVGUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Users\lenovo\Downloads\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\moje programy\avg pc tuneup\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\moje programy\avg pc tuneup\Antivirus\x64\aswidsagenta.exe
O23 - Service: @oem15.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 8086 bytes

Reklama
Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 12 črc 2018 10:17

ATF, TFC hotovo.

Adw, Mbamb, JRT a RogueKiller logy níže.

Sophos a Zemana nic nenašel.

Momentálně testuju hardware. Disk je dle HDTune zdá se v pohodě, pokračuju s ram, ale to je na dýl.

Rád bych slyšel Váš názor dle logů.

Díky.

# -------------------------------
# Malwarebytes AdwCleaner 7.2.1.0
# -------------------------------
# Build: 06-26-2018
# Database: 2018-07-04.1
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 07-12-2018
# Duration: 00:00:53
# OS: Windows 8.1
# Scanned: 41371
# Detected: 0


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

No malicious folders found.

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

No malicious registry entries found.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries found.

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.


AdwCleaner[S00].txt - [2660 octets] - [11/07/2018 19:54:49]
AdwCleaner[C00].txt - [2626 octets] - [11/07/2018 20:01:07]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S01].txt ##########




_________________________________________________________________________________


Malwarebytes
http://www.malwarebytes.com

-Podrobnosti logovacího souboru-
Datum skenování: 12.07.18
Čas skenování: 10:10
Logovací soubor: 057b640a-85ab-11e8-b5cf-68f728762374.json
Správce: Ano

-Informace o softwaru-
Verze: 3.5.1.2522
Verze komponentů: 1.0.391
Aktualizovat verzi balíku komponent: 1.0.5877
Licence: Zkušební

-Systémová informace-
OS: Windows 8.1
CPU: x64
Systém souborů: NTFS
Uživatel: LENOVO-PC\lenovo

-Shrnutí skenování-
Typ skenování: Skenování hrozeb (Threat Scan)
Spuštění skenování: Ruční
Výsledek: Dokončeno
Skenované objekty: 246276
Zjištěné hrozby: 0
(Nebyly zjištěny žádné škodlivé položky)
Hrozby umístěné do karantény: 0
(Nebyly zjištěny žádné škodlivé položky)
Uplynulý čas: 4 min, 41 sek

-Možnosti skenování-
Paměť: Povoleno
Start: Povoleno
Systém souborů: Povoleno
Archivy: Povoleno
Rootkity: Zakázáno
Heuristika: Povoleno
Potenciálně nežádoucí program: Detekovat
Potenciálně nežádoucí modifikace: Detekovat

-Podrobnosti skenování-
Proces: 0
(Nebyly zjištěny žádné škodlivé položky)

Modul: 0
(Nebyly zjištěny žádné škodlivé položky)

Klíč registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Hodnota v registru: 0
(Nebyly zjištěny žádné škodlivé položky)

Data registrů: 0
(Nebyly zjištěny žádné škodlivé položky)

Datové proudy: 0
(Nebyly zjištěny žádné škodlivé položky)

Adresář: 0
(Nebyly zjištěny žádné škodlivé položky)

Soubor: 0
(Nebyly zjištěny žádné škodlivé položky)

Fyzický sektor: 0
(Nebyly zjištěny žádné škodlivé položky)

WMI: 0
(Nebyly zjištěny žádné škodlivé položky)


(end)



_________________________________________________________________________________________________________
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 8.1 x64
Ran by lenovo (Administrator) on źt 12. 07. 2018 at 10:24:05,38
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 2

Successfully deleted: HKLM\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)
Successfully deleted: HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} (Registry Key)




~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on źt 12. 07. 2018 at 10:33:39,54
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

__________________________________________________________________________________________________________

RogueKiller V12.12.26.0 (x64) [Jul 9 2018] (Free) by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : https://forum.adlice.com
Webová stránka : http://www.adlice.com/download/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 8.1 (6.3.9600) 64 bits version
Spuštěno : Normální režim
Uživatel : lenovo [Práva správce]
Started from : C:\Users\lenovo\Desktop\RogueKiller_portable64.exe
Mód : Prohledat -- Datum : 07/12/2018 12:54:21 (Duration : 01:20:46)

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 0 ¤¤¤

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ WMI : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 0 ¤¤¤

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 0 ¤¤¤

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD10JPCX-24UE4T0 +++++
--- User ---
[MBR] 4b8bd01b448fb3567f03befd9c41d8f2
[BSP] f0ddc6224311e133335a9383de159111 : Empty|VT.Unknown MBR Code
Partition table:
0 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2048 | Size: 1000 MB
1 - [SYSTEM][MAN-MOUNT] EFI system partition | Offset (sectors): 2050048 | Size: 260 MB
2 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 2582528 | Size: 1000 MB
3 - [MAN-MOUNT] Microsoft reserved partition | Offset (sectors): 4630528 | Size: 128 MB
4 - Basic data partition | Offset (sectors): 4892672 | Size: 912292 MB
5 - Basic data partition | Offset (sectors): 1873266688 | Size: 25600 MB
6 - [SYSTEM][MAN-MOUNT] Basic data partition | Offset (sectors): 1925695488 | Size: 13588 MB
User = LL1 ... OK
User = LL2 ... OK

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod jaro3 » 12 črc 2018 18:41

Sophos Virus Removal Tool je praktický softwarový nástroj, který by mohl odstranit infekce, které antivirový program nedetekuje .
Stáhněte si ho zde z některého odkazu:
http://www.majorgeeks.com/files/details ... _tool.html
http://www.majorgeeks.com/mg/get/sophos ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,1.html
http://www.majorgeeks.com/mg/getmirror/ ... ool,2.html

Viry mohou zpomalit počítač, nebo se snaží ukrást vaše data, a ani nevíte , že je máte. Co potřebujete, je rychlý a snadný způsob, jak je najít a zbavit se jich, pokud již máte antivirový program v počítači nainstalován , můžete nainstalovat i nástroj Sophos Virus Removal , který identifikuje a vyčistí zbylé infekce, které mohl Váš antivirový program přehlédnout.
K použití Sophos Virus Removal Tool na něj poklepejte a stiskněte tlačítko „Start scanning“ . Pak bude Sophos Virus Removal Tool vyhledávat a odstraňovat viry, které najde. Může být vyžadován restart.
Pokud byly nalezeny viry , tak po skenu klikni na „Details…“ a potom na „View log file“. Zkopíruj celý log a vlož ho sem. Potom zavři „threat detail“ a klikni na „Start cleanup“.
Jinak se log nachází zde:
C:\ProgramData\Sophos\Sophos Virus Removal Tool\Logs

Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

klik nahoře vpravo na .rar-file a uloz si ho na plochu.
Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
emptyclsid;
iedefaults;
FFdefaults;
CHRdefaults;
emptyalltemp;
resethosts;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.


Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 12 črc 2018 20:42

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by lenovo on źt 12. 07. 2018 at 18:31:05,00.
Microsoft Windows 8.1 6.3.9600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\lenovo\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

12. 7. 2018 18:35:37 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\COMMON~1\SWF Studio deleted successfully
C:\Program Files\VideoLAN deleted successfully
C:\PROGRA~3\ALM deleted successfully
C:\PROGRA~3\Office2013 deleted successfully
C:\Users\lenovo\AppData\Local\EmieSiteList deleted successfully
C:\Users\lenovo\AppData\Local\EmieUserList deleted successfully

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== Deleting Files \ Folders ======================

C:\PROGRA~2\New Folder not found
C:\PROGRA~2\Seznam.cz not found
C:\windows\sysWoW64\config\systemprofile\.android deleted
C:\PROGRA~3\Package Cache deleted
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Search.lnk deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
"C:\Users\lenovo\AppData\Local\{CE0EED3B-F8C2-4474-91E7-69EFBFBF843E}" deleted

==== Firefox XPI-files found: ======================

- AVG Web TuneUp - C:\AdwCleaner\quarantine\files\wyajysuxidzzzdcoopzveevnkvicansg\FireFoxExt\4.3.8.510\avg@toolbar.xpi

==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\Default\AppData\Local\Google\Chrome deleted

==== Chromium Look ======================

Google Chrome Version: 67.0.3396.99


HKEY_CURRENT_USER\SOFTWARE\Google\Chrome\Extensions
mbckjcfnjmoiinpgddefodcighgikkgn - No path found[]

Chrome Media Router - lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP"
"Use Search Asst"="yes"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=619797&pc=UE12&ocid=UE12DHP"
"Use Search Asst"="no"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{F7C0E4A0-BBBD-4000-8C79-7F99521064B8}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - No_Url_Value
HKLM\SearchScopes\{F7C0E4A0-BBBD-4000-8C79-7F99521064B8} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{F7C0E4A0-BBBD-4000-8C79-7F99521064B8}"
HKLM\Wow6432Node\SearchScopes\{F7C0E4A0-BBBD-4000-8C79-7F99521064B8} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02&pc=UE14
HKCU\SearchScopes\{F7C0E4A0-BBBD-4000-8C79-7F99521064B8} - http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IESR02

==== Reset Google Chrome ======================

C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\lenovo\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\lenovo\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

No FireFox Profiles found

==== Empty Chrome Cache ======================

C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=36 folders=38 98015781 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\lenovo\AppData\Local\Temp will be emptied at reboot
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\windows\Temp successfully emptied
C:\Users\lenovo\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 12. 07. 2018 at 20:37:19,49 ======================

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 12 črc 2018 20:48

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 20:43:52, on 12. 7. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\moje programy\avg pc tuneup\Antivirus\AVGUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Users\lenovo\Desktop\HijackThis.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\moje programy\avg pc tuneup\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\moje programy\avg pc tuneup\Antivirus\x64\aswidsagenta.exe
O23 - Service: @oem15.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 8357 bytes


Sophos a Zemana bez nálezů.

Ntb se chová lépe, ale stále mám podezření na disk, ikdyž SMART z HDTune i CrystalDisk chyby neukazují.

Pokud to bude z vaší strany čisté, půjdu po tom HW.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod jaro3 » 12 črc 2018 21:31

avg pc tuneup bych nepoužíval...

Zavři ostatní aplikace a prohlížeče, odpoj se od netu a fixni v HJT:
Návod

Kód: Vybrat vše

R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - - (no file)
F2 - REG:system.ini: UserInit=userinit.exe,
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [SunJavaUpdateSched] "C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe"


Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 12 črc 2018 22:13

Logfile of Trend Micro HijackThis v2.0.5
Scan saved at 21:57:11, on 12. 7. 2018
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.9600.19036)


Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
C:\moje programy\avg pc tuneup\Antivirus\AVGUI.exe
C:\windows\SysWOW64\RunDll32.exe
C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
C:\Users\lenovo\Desktop\HijackThis.exe
C:\windows\SysWOW64\DllHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkI ... id=UE12DHP
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [CLMLServer_For_P2G8] "C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe"
O4 - HKLM\..\Run: [CLVirtualDrive] "C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe" /R
O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [CCleaner Monitoring] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe"
O4 - HKUS\S-1-5-18\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [GarminExpressTrayApp] "C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe" (User 'Default user')
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~1\Office15\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\PROGRA~1\MICROS~1\Office15\ONBttnIE.dll/105
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: AVG Antivirus - AVG Technologies CZ, s.r.o. - C:\moje programy\avg pc tuneup\Antivirus\AVGSvc.exe
O23 - Service: avgbIDSAgent - AVG Technologies CZ, s.r.o. - C:\moje programy\avg pc tuneup\Antivirus\x64\aswidsagenta.exe
O23 - Service: @oem15.inf,%BlueBcmBtRSupport.SVCNAME%;Bluetooth Driver Management Service (BcmBtRSupport) - Unknown owner - C:\windows\system32\BtwRSupportService.exe (file missing)
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: CCSDK - Unknown owner - C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
O23 - Service: @C:\windows\system32\CxAudMsg64.exe,-100 (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: Garmin Device Interaction Service - Garmin Ltd. or its subsidiaries - C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Lenovo System Agent Service - LENOVO INCORPORATED. - C:\Program Files\Lenovo\iMController\SystemAgentService.exe
O23 - Service: LUService - Lenovo(beijing) Limited - C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: nProtect GameGuard Service (npggsvc) - Unknown owner - C:\windows\system32\GameMon.des.exe (file missing)
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: SynTPEnh Caller Service (SynTPEnhService) - Synaptics Incorporated - C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
O23 - Service: TeamViewer 12 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: VeriFaceSrv - Unknown owner - C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-320 (WdNisSvc) - Unknown owner - C:\Program Files (x86)\Windows Defender\NisSrv.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender\MpAsDesc.dll,-310 (WinDefend) - Unknown owner - C:\Program Files (x86)\Windows Defender\MsMpEng.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: ZAM Controller Service (ZAMSvc) - Copyright 2017. - C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe

--
End of file - 7916 bytes

____________________________________________________________________________________________________________

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 20.06.2018
Ran by lenovo (administrator) on LENOVO-PC (12-07-2018 22:00:04)
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Platform: Windows 8.1 (Update) (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(AVG Technologies CZ, s.r.o.) C:\moje programy\avg pc tuneup\Antivirus\AVGSvc.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
(Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Garmin Ltd. or its subsidiaries) C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe
(LENOVO INCORPORATED.) C:\Program Files\Lenovo\iMController\SystemAgentService.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe
(Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
() C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
() C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
(Copyright 2017.) C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(AVG Technologies CZ, s.r.o.) C:\moje programy\avg pc tuneup\Antivirus\x64\aswidsagenta.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
() C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Realtek semiconductor) C:\Windows\RTFTrack.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Broadcom Corporation.) C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
(CyberLink) C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe
(AVG Technologies CZ, s.r.o.) C:\moje programy\avg pc tuneup\Antivirus\AVGUI.exe
(Microsoft Corporation) C:\Windows\SysWOW64\rundll32.exe
() C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
() C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
(Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Lenovo Updates\LU.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20911_x64__8wekyb3d8bbwe\livecomm.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] ()
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1830616 2014-04-10] (Conexant Systems, Inc.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [919768 2014-11-20] (Conexant Systems, Inc.)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2856616 2014-12-22] (Synaptics Incorporated)
HKLM\...\Run: [RtsFT] => C:\windows\RTFTrack.exe [4060376 2014-10-22] (Realtek semiconductor)
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2015-02-26] (Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2015-02-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2015-02-26] (Lenovo(beijing) Limited)
HKLM\...\Run: [AdobeAAMUpdater-1.0] => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [500936 2015-04-28] (Adobe Systems Incorporated)
HKLM\...\Run: [AVGUI.exe] => C:\moje programy\avg pc tuneup\Antivirus\AvLaunch.exe [291568 2018-07-11] (AVG Technologies CZ, s.r.o.)
HKLM\...\Run: [ZAM] => C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\amd64\CLIStart.exe [767200 2014-06-11] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [CLMLServer_For_P2G8] => C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvc_P2G8.exe [110344 2014-09-09] (CyberLink)
HKLM-x32\...\Run: [CLVirtualDrive] => C:\Program Files (x86)\Lenovo\Power2Go\VirtualDrive.exe [492808 2014-09-09] (CyberLink Corp.)
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [27250144 2016-12-20] (Skype Technologies S.A.)
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [18385368 2018-06-24] (Piriform Ltd)
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\MountPoints2: {7abf1e26-3765-11e8-8509-68f728762374} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\MountPoints2: {c0b76895-e54a-11e6-8312-68f728762374} - "F:\autorun.exe"
HKU\S-1-5-18\...\Run: [GarminExpressTrayApp] => C:\Program Files (x86)\Garmin\Express Tray\ExpressTray.exe [1421736 2017-03-28] (Garmin Ltd. or its subsidiaries)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2015-02-26]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe (Broadcom Corporation.)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 83.240.0.214 83.240.0.135
Tcpip\..\Interfaces\{A8E7AD9D-D0EB-4E24-BEF8-D3A5E9DDC9F1}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{CD7C5C94-B32F-47E6-9818-D58DB930A9FC}: [DhcpNameServer] 83.240.0.214 83.240.0.135

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.msn.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-1288416228-618668501-294838459-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.microsoft.com/isapi/redir.dl ... ar=msnhome
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1288416228-618668501-294838459-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}

FireFox:
========
FF Plugin: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect64.dll [2015-03-09] (Adobe Systems)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: adobe.com/AdobeAAMDetect -> C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\CCM\Utilities\npAdobeAAMDetect32.dll [2015-03-09] (Adobe Systems)

Chrome:
=======
CHR Profile: C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default [2018-07-12]
CHR Extension: (Prezentace) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2018-07-12]
CHR Extension: (Dokumenty) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2018-07-12]
CHR Extension: (Disk Google) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2018-07-12]
CHR Extension: (YouTube) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2018-07-12]
CHR Extension: (Tabulky) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2018-07-12]
CHR Extension: (Dokumenty Google offline) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-07-12]
CHR Extension: (AVG SafePrice) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn [2018-07-12]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-07-12]
CHR Extension: (Gmail) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2018-07-12]
CHR Extension: (Chrome Media Router) - C:\Users\lenovo\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-07-12]
CHR HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AVG Antivirus; C:\moje programy\avg pc tuneup\Antivirus\AVGSvc.exe [323512 2018-07-11] (AVG Technologies CZ, s.r.o.)
R3 avgbIDSAgent; C:\moje programy\avg pc tuneup\Antivirus\x64\aswidsagenta.exe [7829784 2018-07-11] (AVG Technologies CZ, s.r.o.)
R2 btwdins; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [976088 2014-03-15] (Broadcom Corporation.)
R2 CCSDK; C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe [592880 2014-07-10] ()
R2 Garmin Device Interaction Service; C:\Program Files (x86)\Garmin\Device Interaction Service\GarminService.exe [1099280 2017-03-28] (Garmin Ltd. or its subsidiaries)
R2 Lenovo System Agent Service; C:\Program Files\Lenovo\iMController\SystemAgentService.exe [584664 2015-12-14] (LENOVO INCORPORATED.)
R2 LUService; C:\Program Files (x86)\Lenovo\Lenovo Updates\LUService.exe [38896 2014-02-18] (Lenovo(beijing) Limited)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes)
S3 npggsvc; C:\windows\SysWOW64\GameMon.des [4362656 2016-02-24] (INCA Internet Co., Ltd.) [File not signed]
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2015-02-26] (Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [308720 2015-02-26] (Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] ()
R2 SynTPEnhService; C:\Program Files\Synaptics\SynTP\SynTPEnhService.exe [220840 2014-12-22] (Synaptics Incorporated)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [10885360 2017-05-31] (TeamViewer GmbH)
R2 VeriFaceSrv; C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe [67856 2015-02-26] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [361824 2017-01-12] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [119872 2017-01-12] (Microsoft Corporation)
R2 ZAMSvc; C:\Program Files (x86)\Zemana AntiMalware\ZAM.exe [15775888 2017-08-09] (Copyright 2017.)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 amdkmpfd; C:\windows\System32\drivers\amdkmpfd.sys [36608 2013-12-13] (Advanced Micro Devices, Inc.)
R3 AtiHDAudioService; C:\windows\system32\drivers\AtihdWB6.sys [222720 2014-03-11] (Advanced Micro Devices)
R1 avgArPot; C:\windows\System32\drivers\avgArPot.sys [189544 2018-07-11] (AVG Technologies CZ, s.r.o.)
R1 avgbidsdriver; C:\windows\System32\drivers\avgbidsdrivera.sys [222288 2018-07-11] (AVG Technologies CZ, s.r.o.)
R0 avgbidsh; C:\windows\System32\drivers\avgbidsha.sys [194224 2018-07-11] (AVG Technologies CZ, s.r.o.)
R0 avgblog; C:\windows\System32\drivers\avgbloga.sys [339048 2018-07-11] (AVG Technologies CZ, s.r.o.)
R0 avgbuniv; C:\windows\System32\drivers\avgbuniva.sys [51952 2018-07-11] (AVG Technologies CZ, s.r.o.)
S3 avgHwid; C:\windows\System32\drivers\avgHwid.sys [39352 2018-07-11] (AVG Technologies CZ, s.r.o.)
R2 avgMonFlt; C:\windows\System32\drivers\avgMonFlt.sys [152016 2018-07-11] (AVG Technologies CZ, s.r.o.)
R1 avgRdr; C:\windows\System32\drivers\avgRdr2.sys [104256 2018-07-11] (AVG Technologies CZ, s.r.o.)
R0 avgRvrt; C:\windows\System32\drivers\avgRvrt.sys [78352 2018-07-11] (AVG Technologies CZ, s.r.o.)
R1 avgSnx; C:\windows\System32\drivers\avgSnx.sys [1020112 2018-07-11] (AVG Technologies CZ, s.r.o.)
R1 avgSP; C:\windows\System32\drivers\avgSP.sys [455464 2018-07-11] (AVG Technologies CZ, s.r.o.)
R2 avgStm; C:\windows\System32\drivers\avgStm.sys [203544 2018-07-11] (AVG Technologies CZ, s.r.o.)
R0 avgVmm; C:\windows\System32\drivers\avgVmm.sys [373944 2018-07-11] (AVG Technologies CZ, s.r.o.)
R1 CLVirtualDrive; C:\windows\system32\DRIVERS\CLVirtualDrive.sys [91912 2013-11-13] (CyberLink)
S3 NETwNe64; C:\windows\system32\DRIVERS\NETwew02.sys [4649440 2013-06-18] (Intel Corporation)
R3 rtsuvc; C:\windows\system32\DRIVERS\rtsuvc.sys [2584280 2014-10-22] (Realtek Semiconductor Corp.)
S3 WdBoot; C:\windows\system32\drivers\WdBoot.sys [46600 2017-02-10] (Microsoft Corporation)
S3 WdFilter; C:\windows\system32\drivers\WdFilter.sys [274776 2017-01-12] (Microsoft Corporation)
S3 WdNisDrv; C:\windows\System32\Drivers\WdNisDrv.sys [117592 2017-01-12] (Microsoft Corporation)
S3 wsvd; C:\windows\system32\DRIVERS\wsvd.sys [102376 2012-06-14] ("CyberLink)
R1 ZAM; C:\windows\System32\drivers\zam64.sys [203680 2018-07-12] (Zemana Ltd.)
R1 ZAM_Guard; C:\windows\System32\drivers\zamguard64.sys [203680 2018-07-12] (Zemana Ltd.)
S2 APXACC; \SystemRoot\system32\DRIVERS\appexDrv.sys [X]
S3 cpuz136; \??\C:\Users\lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] <==== ATTENTION

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-12 22:00 - 2018-07-12 22:00 - 000015403 _____ C:\Users\lenovo\Desktop\FRST.txt
2018-07-12 21:59 - 2018-07-12 22:00 - 000000000 ____D C:\FRST
2018-07-12 21:58 - 2018-07-12 21:58 - 002412544 _____ (Farbar) C:\Users\lenovo\Desktop\FRST64.exe
2018-07-12 21:56 - 2018-07-12 21:56 - 000000000 ____D C:\Users\lenovo\Desktop\backups
2018-07-12 20:03 - 2014-02-13 23:59 - 000024064 _____ C:\windows\zoek-delete.exe
2018-07-12 18:30 - 2018-07-12 19:40 - 000000000 ____D C:\zoek_backup
2018-07-12 18:29 - 2018-07-12 18:29 - 002038755 _____ C:\Users\lenovo\Desktop\zoek.exe
2018-07-12 14:42 - 2018-07-12 14:42 - 000203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zamguard64.sys
2018-07-12 14:42 - 2018-07-12 14:42 - 000203680 _____ (Zemana Ltd.) C:\windows\system32\Drivers\zam64.sys
2018-07-12 14:42 - 2018-07-12 14:42 - 000001171 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2018-07-12 14:42 - 2018-07-12 14:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2018-07-12 12:51 - 2018-07-12 12:51 - 027086392 _____ (Adlice Software) C:\Users\lenovo\Desktop\RogueKiller_portable64.exe
2018-07-12 12:48 - 2018-07-12 12:48 - 000000037 _____ C:\Users\lenovo\Downloads\file-not-found (1).txt
2018-07-12 10:42 - 2018-07-12 10:42 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2018-07-12 10:42 - 2018-07-12 10:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2018-07-12 10:41 - 2018-07-12 10:41 - 000000000 ____D C:\Program Files (x86)\Sophos
2018-07-12 10:36 - 2018-07-12 10:39 - 195958672 _____ (Sophos Limited) C:\Users\lenovo\Downloads\Sophos Virus Removal Tool (1).exe
2018-07-12 10:33 - 2018-07-12 10:34 - 000000830 _____ C:\Users\lenovo\Desktop\JRT.txt
2018-07-12 10:21 - 2018-07-12 10:21 - 001790024 _____ (Malwarebytes) C:\Users\lenovo\Desktop\JRT.exe
2018-07-12 10:15 - 2018-07-12 10:15 - 000001767 _____ C:\Users\lenovo\Desktop\mbamb.txt
2018-07-12 10:08 - 2018-07-12 10:08 - 000001894 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2018-07-12 10:08 - 2018-07-12 10:08 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2018-07-12 10:08 - 2018-06-19 14:09 - 000152688 _____ (Malwarebytes) C:\windows\system32\Drivers\mbae64.sys
2018-07-12 10:07 - 2018-07-12 10:07 - 000000000 ____D C:\Program Files\Malwarebytes
2018-07-12 10:06 - 2018-07-12 10:06 - 000001360 _____ C:\Users\lenovo\Desktop\AdwCleaner[S01].txt
2018-07-12 10:02 - 2018-07-12 10:02 - 000000000 ____D C:\Users\lenovo\AppData\Local\Adobe
2018-07-12 09:57 - 2018-07-12 09:58 - 075378680 _____ (Malwarebytes ) C:\Users\lenovo\Desktop\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.5867.exe
2018-07-12 09:56 - 2018-07-12 09:56 - 007395536 _____ (Malwarebytes) C:\Users\lenovo\Desktop\AdwCleaner.exe
2018-07-12 09:56 - 2018-07-12 09:56 - 000448512 _____ (OldTimer Tools) C:\Users\lenovo\Desktop\TFC.exe
2018-07-12 09:55 - 2018-07-12 09:55 - 000050688 _____ (Atribune.org) C:\Users\lenovo\Desktop\ATF-Cleaner (1).exe
2018-07-12 09:47 - 2018-07-12 09:47 - 000388608 _____ (Trend Micro Inc.) C:\Users\lenovo\Desktop\HijackThis.exe
2018-07-12 08:12 - 2018-07-12 22:00 - 000083626 _____ C:\windows\ZAM.krnl.trace
2018-07-12 08:12 - 2018-07-12 22:00 - 000058343 _____ C:\windows\ZAM_Guard.krnl.trace
2018-07-12 08:12 - 2018-07-12 14:42 - 000000000 ____D C:\Program Files (x86)\Zemana AntiMalware
2018-07-12 08:11 - 2018-07-12 08:11 - 000000000 ____D C:\Users\lenovo\AppData\Local\Zemana
2018-07-12 08:10 - 2018-07-12 08:10 - 006625600 _____ (Zemana Ltd. ) C:\Users\lenovo\Downloads\Zemana.AntiMalware.Setup (1).exe
2018-07-12 07:59 - 2018-06-29 00:07 - 000835064 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
2018-07-12 07:59 - 2018-06-29 00:07 - 000179704 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
2018-07-11 21:21 - 2018-07-12 12:54 - 000028272 _____ C:\windows\system32\Drivers\TrueSight.sys
2018-07-11 21:20 - 2018-07-11 21:21 - 000000000 ____D C:\ProgramData\RogueKiller
2018-07-11 20:57 - 2018-07-11 20:57 - 000000037 _____ C:\Users\lenovo\Downloads\file-not-found.txt
2018-07-11 20:55 - 2018-07-11 20:55 - 000000000 ____D C:\ProgramData\Sophos
2018-07-11 20:11 - 2018-07-11 20:12 - 075160280 _____ (Malwarebytes ) C:\Users\lenovo\Downloads\mb3-setup-consumer-3.5.1.2522-1.0.391-1.0.5849.exe
2018-07-11 19:56 - 2018-06-20 22:01 - 007398232 _____ (Microsoft Corporation) C:\windows\system32\ntoskrnl.exe
2018-07-11 19:56 - 2018-06-15 05:01 - 004169216 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
2018-07-11 19:56 - 2018-06-12 10:00 - 022374248 _____ (Microsoft Corporation) C:\windows\system32\shell32.dll
2018-07-11 19:56 - 2018-06-12 09:57 - 019790760 _____ (Microsoft Corporation) C:\windows\SysWOW64\shell32.dll
2018-07-11 19:56 - 2018-06-11 18:55 - 025744896 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
2018-07-11 19:56 - 2018-06-11 18:36 - 003119616 _____ (Microsoft Corporation) C:\windows\system32\ExplorerFrame.dll
2018-07-11 19:56 - 2018-06-11 18:06 - 005779968 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
2018-07-11 19:56 - 2018-06-11 17:36 - 015283200 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
2018-07-11 19:56 - 2018-06-09 18:40 - 020286976 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
2018-07-11 19:56 - 2018-06-09 17:37 - 004496384 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
2018-07-11 19:56 - 2018-06-09 17:36 - 013680128 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
2018-07-11 19:55 - 2018-07-11 19:54 - 000379120 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\avgBoot.exe
2018-07-11 19:55 - 2018-06-20 21:44 - 001676064 _____ (Microsoft Corporation) C:\windows\system32\winload.efi
2018-07-11 19:55 - 2018-06-20 21:44 - 001536120 _____ (Microsoft Corporation) C:\windows\system32\winload.exe
2018-07-11 19:55 - 2018-06-20 20:48 - 000095744 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdk8.sys
2018-07-11 19:55 - 2018-06-20 20:48 - 000027136 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fxppm.sys
2018-07-11 19:55 - 2018-06-20 18:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\intelppm.sys
2018-07-11 19:55 - 2018-06-20 18:58 - 000098816 _____ (Microsoft Corporation) C:\windows\system32\Drivers\amdppm.sys
2018-07-11 19:55 - 2018-06-20 18:58 - 000092672 _____ (Microsoft Corporation) C:\windows\system32\Drivers\processr.sys
2018-07-11 19:55 - 2018-06-11 18:14 - 000576512 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
2018-07-11 19:55 - 2018-06-11 18:04 - 000794624 _____ (Microsoft Corporation) C:\windows\system32\jscript.dll
2018-07-11 19:55 - 2018-06-11 17:39 - 001033216 _____ (Microsoft Corporation) C:\windows\system32\inetcomm.dll
2018-07-11 19:55 - 2018-06-11 17:31 - 000809472 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
2018-07-11 19:55 - 2018-06-11 17:22 - 003241472 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
2018-07-11 19:55 - 2018-06-11 17:11 - 001545216 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
2018-07-11 19:55 - 2018-06-11 16:59 - 000800768 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
2018-07-11 19:55 - 2018-06-09 18:26 - 002712064 _____ (Microsoft Corporation) C:\windows\SysWOW64\ExplorerFrame.dll
2018-07-11 19:55 - 2018-06-09 18:09 - 000498176 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
2018-07-11 19:55 - 2018-06-09 17:59 - 000662016 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript.dll
2018-07-11 19:55 - 2018-06-09 17:37 - 000880640 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcomm.dll
2018-07-11 19:55 - 2018-06-09 17:32 - 000696320 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
2018-07-11 19:55 - 2018-06-09 17:11 - 002767872 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
2018-07-11 19:55 - 2018-06-09 17:08 - 001313792 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
2018-07-11 19:55 - 2018-06-09 17:06 - 000710144 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
2018-07-11 19:55 - 2018-06-09 04:47 - 002176072 _____ (Microsoft Corporation) C:\windows\system32\combase.dll
2018-07-11 19:55 - 2018-06-09 03:44 - 001565528 _____ (Microsoft Corporation) C:\windows\SysWOW64\combase.dll
2018-07-11 19:55 - 2018-06-08 20:26 - 000440832 _____ (Microsoft Corporation) C:\windows\system32\zipfldr.dll
2018-07-11 19:55 - 2018-06-08 19:54 - 000656384 _____ (Microsoft Corporation) C:\windows\system32\dnsapi.dll
2018-07-11 19:55 - 2018-06-08 19:53 - 000252416 _____ (Microsoft Corporation) C:\windows\system32\dnsrslvr.dll
2018-07-11 19:55 - 2018-06-08 19:07 - 000404992 _____ (Microsoft Corporation) C:\windows\SysWOW64\zipfldr.dll
2018-07-11 19:55 - 2018-06-08 18:44 - 000499200 _____ (Microsoft Corporation) C:\windows\SysWOW64\dnsapi.dll
2018-07-11 19:55 - 2018-06-07 20:51 - 000074240 _____ (Microsoft Corporation) C:\windows\system32\Drivers\mpsdrv.sys
2018-07-11 19:55 - 2018-05-24 23:29 - 002449752 _____ (Microsoft Corporation) C:\windows\system32\Drivers\tcpip.sys
2018-07-11 19:55 - 2018-05-24 23:29 - 000428888 _____ (Microsoft Corporation) C:\windows\system32\Drivers\FWPKCLNT.SYS
2018-07-11 19:55 - 2018-05-15 10:42 - 000590680 _____ (Microsoft Corporation) C:\windows\system32\Drivers\fvevol.sys
2018-07-11 19:55 - 2018-05-04 01:02 - 000439640 _____ (Microsoft Corporation) C:\windows\system32\Drivers\usbport.sys
2018-07-11 19:55 - 2018-05-04 01:02 - 000325456 _____ (Microsoft Corporation) C:\windows\system32\Drivers\USBXHCI.SYS
2018-07-11 19:55 - 2018-05-04 01:02 - 000187728 _____ (Microsoft Corporation) C:\windows\system32\Drivers\UCX01000.SYS
2018-07-11 19:55 - 2018-04-26 15:43 - 000918296 _____ (Microsoft Corporation) C:\windows\SysWOW64\ucrtbase.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000065880 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000021848 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000018776 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000017240 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000015704 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000015192 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000013656 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000013152 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000012120 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:43 - 000011608 _____ (Microsoft Corporation) C:\windows\SysWOW64\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000998912 _____ (Microsoft Corporation) C:\windows\system32\ucrtbase.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000063832 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-private-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000020824 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-math-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000019288 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-string-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000017752 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000016216 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000015704 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000014168 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-time-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000013656 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000012640 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000012632 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-process-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2018-07-11 19:55 - 2018-04-26 15:19 - 000012120 _____ (Microsoft Corporation) C:\windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2018-07-11 19:55 - 2018-04-25 19:38 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srvnet.sys
2018-07-11 19:49 - 2018-06-12 21:01 - 000149632 _____ (Microsoft Corporation) C:\windows\system32\CompatTelRunner.exe
2018-07-11 19:49 - 2018-06-08 15:15 - 002860032 _____ (Microsoft Corporation) C:\windows\system32\aitstatic.exe
2018-07-11 19:49 - 2018-06-08 15:15 - 001602048 _____ (Microsoft Corporation) C:\windows\system32\appraiser.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000783872 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000680960 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000612352 _____ (Microsoft Corporation) C:\windows\system32\devinv.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000470016 _____ (Microsoft Corporation) C:\windows\system32\centel.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000443392 _____ (Microsoft Corporation) C:\windows\system32\invagent.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000301056 _____ (Microsoft Corporation) C:\windows\system32\acmigration.dll
2018-07-11 19:49 - 2018-06-08 15:15 - 000246272 _____ (Microsoft Corporation) C:\windows\system32\aepic.dll
2018-07-11 19:33 - 2018-07-11 19:33 - 000050688 _____ (Atribune.org) C:\Users\lenovo\Downloads\ATF-Cleaner.exe
2018-07-11 19:29 - 2018-07-11 19:29 - 000000845 _____ C:\Users\Public\Desktop\CCleaner.lnk
2018-07-11 19:25 - 2018-07-11 19:26 - 015989160 _____ (Piriform Ltd) C:\Users\lenovo\Downloads\ccsetup544.exe
2018-07-11 19:21 - 2018-07-11 19:24 - 008458415 _____ (Piriform Ltd) C:\Users\lenovo\Downloads\Nepotvrzeno 403184.crdownload
2018-06-15 19:48 - 2018-05-25 05:56 - 000381440 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
2018-06-15 19:48 - 2018-05-25 05:55 - 000728064 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
2018-06-15 19:48 - 2018-05-25 05:53 - 002135552 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
2018-06-15 19:48 - 2018-05-25 05:38 - 002060288 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
2018-06-15 19:48 - 2018-05-25 05:38 - 000333312 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
2018-06-15 19:48 - 2018-05-23 07:45 - 000027480 ____C (Microsoft Corporation) C:\windows\system32\Drivers\uefi.sys
2018-06-15 19:48 - 2018-05-15 07:47 - 002334624 _____ (Microsoft Corporation) C:\windows\system32\mfcore.dll
2018-06-15 19:48 - 2018-05-15 07:47 - 000244304 _____ (Microsoft Corporation) C:\windows\system32\mfps.dll
2018-06-15 19:48 - 2018-05-15 07:33 - 001308352 _____ (Microsoft Corporation) C:\windows\system32\rpcrt4.dll
2018-06-15 19:48 - 2018-05-15 06:57 - 002324752 _____ (Microsoft Corporation) C:\windows\SysWOW64\mfcore.dll
2018-06-15 19:48 - 2018-05-15 06:17 - 000032640 ____C (Microsoft Corporation) C:\windows\system32\Drivers\hidparse.sys
2018-06-15 19:48 - 2018-05-15 06:04 - 000240128 _____ (Microsoft Corporation) C:\windows\system32\vdsbas.dll
2018-06-15 19:48 - 2018-05-15 05:05 - 000517120 _____ (Microsoft Corporation) C:\windows\system32\wimserv.exe
2018-06-15 19:48 - 2018-05-15 04:57 - 000672768 _____ (Microsoft Corporation) C:\windows\system32\wimgapi.dll
2018-06-15 19:48 - 2018-05-15 04:51 - 000561152 _____ (Microsoft Corporation) C:\windows\SysWOW64\wimgapi.dll
2018-06-15 19:48 - 2018-05-12 23:11 - 000532664 _____ (Microsoft Corporation) C:\windows\system32\ci.dll
2018-06-15 19:48 - 2018-05-12 23:06 - 000567152 _____ (Microsoft Corporation) C:\windows\system32\Drivers\cng.sys
2018-06-15 19:48 - 2018-05-12 22:51 - 002014040 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ntfs.sys
2018-06-15 19:48 - 2018-05-12 22:51 - 000923480 _____ (Microsoft Corporation) C:\windows\system32\Drivers\refs.sys
2018-06-15 19:48 - 2018-05-12 21:08 - 000445440 _____ (Microsoft Corporation) C:\windows\system32\certcli.dll
2018-06-15 19:48 - 2018-05-11 05:04 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\certcli.dll
2018-06-15 19:48 - 2018-05-05 21:05 - 001543800 _____ (Microsoft Corporation) C:\windows\system32\webservices.dll
2018-06-15 19:48 - 2018-05-05 20:15 - 001178136 _____ (Microsoft Corporation) C:\windows\SysWOW64\webservices.dll
2018-06-15 19:48 - 2018-05-05 18:38 - 000358912 _____ (Microsoft Corporation) C:\windows\system32\Wldap32.dll
2018-06-15 19:48 - 2018-05-05 18:23 - 000324096 _____ (Microsoft Corporation) C:\windows\SysWOW64\Wldap32.dll
2018-06-15 19:48 - 2018-04-07 18:43 - 000243200 _____ (Microsoft Corporation) C:\windows\system32\WinSCard.dll
2018-06-15 19:48 - 2018-04-07 18:09 - 000170496 _____ (Microsoft Corporation) C:\windows\SysWOW64\WinSCard.dll
2018-06-15 19:48 - 2018-04-07 17:34 - 002255360 _____ (Microsoft Corporation) C:\windows\system32\dwmcore.dll
2018-06-15 19:48 - 2018-04-07 17:15 - 001942016 _____ (Microsoft Corporation) C:\windows\SysWOW64\dwmcore.dll
2018-06-15 19:48 - 2018-04-05 19:47 - 000087552 _____ (Microsoft Corporation) C:\windows\system32\Drivers\netvsc63.sys
2018-06-15 19:48 - 2018-04-05 19:38 - 000066560 _____ (Microsoft Corporation) C:\windows\system32\NetVscCoinstall.dll
2018-06-15 19:48 - 2018-03-29 03:33 - 000070656 _____ (Microsoft Corporation) C:\windows\system32\WSManMigrationPlugin.dll
2018-06-15 19:48 - 2018-03-29 03:06 - 002608640 _____ (Microsoft Corporation) C:\windows\system32\WsmSvc.dll
2018-06-15 19:48 - 2018-03-29 03:05 - 000285184 _____ (Microsoft Corporation) C:\windows\system32\WsmWmiPl.dll
2018-06-15 19:48 - 2018-03-29 02:26 - 002170880 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmSvc.dll
2018-06-15 19:48 - 2018-03-29 02:24 - 000236032 _____ (Microsoft Corporation) C:\windows\SysWOW64\WsmWmiPl.dll
2018-06-15 19:47 - 2018-05-23 06:13 - 000251392 _____ (Microsoft Corporation) C:\windows\system32\microsoft-windows-system-events.dll
2018-06-15 19:47 - 2018-03-29 03:21 - 000015872 _____ (Microsoft Corporation) C:\windows\system32\wsmplpxy.dll

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-07-12 20:55 - 2015-10-14 04:44 - 000003596 _____ C:\windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1288416228-618668501-294838459-1001
2018-07-12 20:37 - 2015-12-31 14:44 - 000000000 __RDO C:\Users\lenovo\OneDrive
2018-07-12 20:36 - 2015-02-26 18:47 - 000065536 _____ C:\windows\system32\spu_storage.bin
2018-07-12 20:36 - 2013-08-22 16:45 - 000000006 ____H C:\windows\Tasks\SA.DAT
2018-07-12 20:35 - 2015-02-26 20:10 - 000018944 _____ C:\windows\system32\VfService.trf
2018-07-12 19:43 - 2017-05-14 07:51 - 000000000 ____D C:\Users\Default\AppData\Local\Google
2018-07-12 19:43 - 2017-05-14 07:51 - 000000000 ____D C:\Users\Default User\AppData\Local\Google
2018-07-12 19:40 - 2013-08-22 17:36 - 000000000 ___HD C:\windows\system32\GroupPolicy
2018-07-12 16:27 - 2013-08-22 15:25 - 000262144 ___SH C:\windows\system32\config\BBI
2018-07-12 14:45 - 2015-10-14 04:36 - 000000000 ____D C:\Users\lenovo
2018-07-12 10:08 - 2013-08-22 15:36 - 000000000 ____D C:\windows\Inf
2018-07-12 10:07 - 2017-07-12 18:31 - 000000000 ____D C:\ProgramData\Malwarebytes
2018-07-12 09:50 - 2015-12-25 21:47 - 000384000 ___SH C:\Users\lenovo\Desktop\Thumbs.db
2018-07-12 09:38 - 2015-02-26 19:53 - 000000000 ____D C:\windows\System32\Tasks\Lenovo
2018-07-12 09:38 - 2015-02-26 19:05 - 000000000 ____D C:\Program Files\Lenovo
2018-07-12 09:37 - 2015-10-14 04:37 - 000000000 ____D C:\Users\lenovo\AppData\Local\Packages
2018-07-12 09:37 - 2013-08-22 17:36 - 000000000 ___HD C:\Program Files\WindowsApps
2018-07-12 09:37 - 2013-08-22 17:36 - 000000000 ____D C:\windows\AppReadiness
2018-07-12 09:32 - 2016-01-12 17:02 - 000000034 _____ C:\Users\lenovo\AppData\Roaming\AdobeWLCMCache.dat
2018-07-12 09:32 - 2016-01-12 17:00 - 000000000 ____D C:\ProgramData\regid.1986-12.com.adobe
2018-07-12 09:31 - 2016-01-12 17:21 - 000001720 _____ C:\Users\lenovo\Desktop\Adobe Illustrator CC 2015.lnk
2018-07-12 09:30 - 2015-12-31 14:34 - 000000000 ____D C:\moje programy
2018-07-12 08:04 - 2015-02-26 18:54 - 000734510 _____ C:\windows\system32\perfh005.dat
2018-07-12 08:04 - 2015-02-26 18:54 - 000148820 _____ C:\windows\system32\perfc005.dat
2018-07-12 08:04 - 2014-03-18 11:53 - 001739092 _____ C:\windows\system32\PerfStringBackup.INI
2018-07-12 08:02 - 2015-02-26 20:15 - 000000000 ____D C:\ProgramData\Energy Manager
2018-07-12 07:57 - 2013-08-22 16:44 - 000494112 _____ C:\windows\system32\FNTCACHE.DAT
2018-07-12 07:50 - 2013-08-22 17:36 - 000000000 ___RD C:\windows\ToastData
2018-07-11 22:58 - 2013-08-22 17:20 - 000000000 ____D C:\windows\CbsTemp
2018-07-11 20:35 - 2015-12-27 02:57 - 000000000 ____D C:\windows\system32\appraiser
2018-07-11 20:03 - 2017-06-01 20:17 - 000003924 _____ C:\windows\System32\Tasks\Antivirus Emergency Update
2018-07-11 19:54 - 2018-02-10 09:52 - 000189544 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgArPot.sys
2018-07-11 19:54 - 2017-07-12 19:02 - 000000000 ____D C:\AdwCleaner
2018-07-11 19:54 - 2017-06-01 20:17 - 000455464 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSP.sys
2018-07-11 19:54 - 2017-06-01 20:17 - 000373944 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgVmm.sys
2018-07-11 19:54 - 2017-06-01 20:17 - 000203544 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgStm.sys
2018-07-11 19:54 - 2017-06-01 20:17 - 000152016 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgMonFlt.sys
2018-07-11 19:54 - 2017-06-01 20:17 - 000104256 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRdr2.sys
2018-07-11 19:54 - 2017-06-01 20:17 - 000078352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgRvrt.sys
2018-07-11 19:54 - 2017-06-01 20:17 - 000039352 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgHwid.sys
2018-07-11 19:52 - 2017-06-01 20:17 - 001020112 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgSnx.sys
2018-07-11 19:51 - 2017-06-01 20:17 - 000339048 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbloga.sys
2018-07-11 19:51 - 2017-06-01 20:17 - 000222288 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsdrivera.sys
2018-07-11 19:51 - 2017-06-01 20:17 - 000194224 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbidsha.sys
2018-07-11 19:51 - 2017-06-01 20:17 - 000051952 _____ (AVG Technologies CZ, s.r.o.) C:\windows\system32\Drivers\avgbuniva.sys
2018-07-11 19:43 - 2015-12-27 00:04 - 000000000 ____D C:\windows\system32\MRT
2018-07-11 19:39 - 2015-12-27 00:04 - 134675576 ____C (Microsoft Corporation) C:\windows\system32\MRT.exe
2018-07-11 19:37 - 2018-04-08 08:44 - 000000000 ____D C:\Users\lenovo\Desktop\bezobalu
2018-07-11 19:31 - 2018-05-10 18:58 - 000685568 _____ (Microsoft Corporation) C:\windows\system32\Drivers\srv2.sys
2018-07-11 19:31 - 2015-12-27 16:27 - 000002255 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-07-11 19:31 - 2015-12-27 16:27 - 000002214 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2018-07-11 19:29 - 2018-04-13 18:42 - 000003870 _____ C:\windows\System32\Tasks\CCleaner Update
2018-07-01 22:09 - 2016-01-03 18:34 - 000000000 ____D C:\Users\lenovo\Desktop\fotky
2018-06-16 10:55 - 2013-08-22 17:36 - 000000000 ____D C:\windows\rescache
2018-06-16 10:46 - 2017-10-12 11:30 - 133315992 ____C (Microsoft Corporation) C:\windows\system32\MRT-KB890830.exe
2018-06-16 08:42 - 2015-12-30 00:52 - 002851840 ___SH C:\Users\lenovo\Downloads\Thumbs.db

==================== Files in the root of some directories =======

2016-01-12 17:02 - 2018-07-12 09:32 - 000000034 _____ () C:\Users\lenovo\AppData\Roaming\AdobeWLCMCache.dat

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\windows\system32\winlogon.exe => File is digitally signed
C:\windows\system32\wininit.exe => File is digitally signed
C:\windows\explorer.exe => File is digitally signed
C:\windows\SysWOW64\explorer.exe => File is digitally signed
C:\windows\system32\svchost.exe => File is digitally signed
C:\windows\SysWOW64\svchost.exe => File is digitally signed
C:\windows\system32\services.exe => File is digitally signed
C:\windows\system32\User32.dll => File is digitally signed
C:\windows\SysWOW64\User32.dll => File is digitally signed
C:\windows\system32\userinit.exe => File is digitally signed
C:\windows\SysWOW64\userinit.exe => File is digitally signed
C:\windows\system32\rpcss.dll => File is digitally signed
C:\windows\system32\dnsapi.dll => File is digitally signed
C:\windows\SysWOW64\dnsapi.dll => File is digitally signed
C:\windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-07-11 20:34

==================== End of FRST.txt ============================

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 12 črc 2018 22:15

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by lenovo (12-07-2018 22:02:52)
Running from C:\Users\lenovo\Desktop
Windows 8.1 (Update) (X64) (2015-10-14 02:36:39)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1288416228-618668501-294838459-500 - Administrator - Disabled)
Guest (S-1-5-21-1288416228-618668501-294838459-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-1288416228-618668501-294838459-1003 - Limited - Enabled)
lenovo (S-1-5-21-1288416228-618668501-294838459-1001 - Administrator - Enabled) => C:\Users\lenovo

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Malwarebytes (Disabled - Up to date) {23007AD3-69FE-687C-2629-D584AFFAF72B}
AV: AVG Antivirus (Enabled - Up to date) {C50510DE-367A-330C-FD5C-556ACFB11243}
AS: AVG Antivirus (Enabled - Up to date) {7E64F13A-1040-3C82-C7EC-6E18B43658FE}
AS: Malwarebytes (Disabled - Up to date) {98619B37-4FC4-67F2-1C99-EEF6D47DBD96}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 30.0.0.107 - Adobe Systems Incorporated)
Adobe Illustrator CC 2015 (HKLM-x32\...\{5680D629-B263-49CC-821E-3CEBD4507B51}) (Version: 19.0 - Adobe Systems Incorporated)
AMD Catalyst Install Manager (HKLM\...\{0CDF5D13-96BF-A659-7D2E-2492C6E7AB9C}) (Version: 8.0.916.0 - Advanced Micro Devices, Inc.)
ANT Drivers Installer x64 (HKLM\...\{7664AF65-7B0D-4171-9F0F-50455278B428}) (Version: 2.3.4 - Garmin Ltd or its subsidiaries) Hidden
AVG AntiVirus FREE (HKLM-x32\...\AVG Antivirus) (Version: 18.5.3059 - AVG Technologies)
Balíček ovladače systému Windows - Dynastream Innovations, Inc. ANT LibUSB Drivers (04/11/2012 1.2.40.201) (HKLM\...\F9D2A789F9CFF8CEC36B544F53877C80F1F73C46) (Version: 04/11/2012 1.2.40.201 - Dynastream Innovations, Inc.)
Balíček ovladače systému Windows - Silicon Labs Software (DSI_SiUSBXp_3_1) USB (02/06/2007 3.1) (HKLM\...\D1506E0025B5A3F9EB8270FE81C1EEDD9388B8A2) (Version: 02/06/2007 3.1 - Silicon Labs Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.44 - Piriform)
CCSDK (HKLM-x32\...\{AE75190B-11B4-4F90-8254-DAB275CF2557}_is1) (Version: 1.0.3.4 - Lenovo)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.52 - Conexant)
CyberLink Power2Go 8 (HKLM-x32\...\InstallShield_{2A87D48D-3FDF-41fd-97CD-A1E370EFFFE2}) (Version: 8.0.0.4505 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dependency Package Update (HKLM\...\{0788641D-D31A-478D-BB34-C41564AE9F93}) (Version: 1.6.38.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{5252431C-288E-409D-ADCF-24407E0E6F70}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM\...\{FFED38DF-94DC-4FF9-96C1-A6990EDA6B03}) (Version: 1.6.29.00 - Lenovo Inc.) Hidden
Dependency Package Update (HKLM-x32\...\{1D2682EA-75DD-44B6-BF2D-CD3C49EAD012}) (Version: 1.6.38.01 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{3117B53D-A409-4D99-A0DE-11A1A40696FA}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4430150F-61B3-4142-BE04-EAC68C8DDA18}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4ABFEC28-1554-493D-A84D-BEA21D8E6D6F}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{4AF6C9BC-D8DB-4286-94D9-474CE54ADAA2}) (Version: 1.6.38.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{546FF45D-2467-4950-AAFB-0A06ACBB6B2C}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dependency Package Update (HKLM-x32\...\{65316098-0220-4D5C-B37A-6136083A0897}) (Version: 1.6.32.00 - Lenovo Group Limited) Hidden
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
Elevated Installer (HKLM-x32\...\{1052502B-4C91-43F9-B160-AE39ED57C9F0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Garmin Express (HKLM-x32\...\{BCC7CA85-E57F-452D-BB44-15A1CE018BD0}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Garmin Express (HKLM-x32\...\{bd8bd200-9a60-4969-b267-6b565f36e3da}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries)
Garmin Express Tray (HKLM-x32\...\{DA9C865D-6762-4931-8588-0B13B7A0796B}) (Version: 5.3.1.0 - Garmin Ltd or its subsidiaries) Hidden
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 67.0.3396.99 - Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Java 8 Update 111 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F32180111F0}) (Version: 8.0.1110.14 - Oracle Corporation)
Lenovo Bluetooth with Enhanced Data Rate Software (HKLM\...\{C6D9ED03-6FCF-4410-9CB7-45CA285F9E11}) (Version: 12.0.0.9500 - Broadcom Corporation)
Lenovo Dependency Package (HKLM\...\Lenovo Dependency Package_is1) (Version: 1.6.38.00 - Lenovo Group Limited)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10292 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2619 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.2 - Lenovo)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Updates (HKLM-x32\...\{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo) Hidden
Lenovo Updates (HKLM-x32\...\InstallShield_{A2E1E9F0-0B68-4166-8C7F-85B563B84DF4}) (Version: 1.0.0.65 - Lenovo)
Lenovo VeriFace Pro (HKLM\...\Lenovo VeriFace) (Version: 5.0.14.1061 - Lenovo)
Lenovo_Wireless_Driver (HKLM-x32\...\{5D642A72-8194-4A22-80DA-11FE610CCA8E}) (Version: 6.30.223.227 - Lenovo)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Metric Collection SDK 35 (HKLM-x32\...\{C2B5B5B0-2545-4E94-B4BA-548D4BF0B196}) (Version: 1.2.0006.00 - Lenovo Group Limited) Hidden
Microsoft Office Word Viewer 2003 (HKLM-x32\...\{90850405-6000-11D3-8CFE-0150048383C9}) (Version: 11.0.8173.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
NCSOFT Game Launcher (HKLM-x32\...\NCLauncher_NCWest) (Version: - NCSOFT)
NVIDIA PhysX (HKLM-x32\...\{3F5C371F-8EA2-4F25-9D3D-D0B4526E3AEA}) (Version: 9.10.0513 - NVIDIA Corporation)
OEM Application Profile (HKLM-x32\...\{1D464EFF-EC8B-F225-2F74-F74143200DDF}) (Version: 1.00.0000 - Advanced Micro Devices, Inc.)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.3.9600.39058 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.24.1218.2013 - Realtek)
Sada Compatibility Pack pro systém Office 2007 (HKLM-x32\...\{90120000-0020-0405-0000-0000000FF1CE}) (Version: 12.0.6514.5001 - Microsoft Corporation)
Skype™ 7.31 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.31.104 - Skype Technologies S.A.)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.6.1 - Sophos Limited)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 18.1.26.9 - Synaptics Incorporated)
TeamViewer 12 (HKLM-x32\...\TeamViewer) (Version: 12.0.78716 - TeamViewer)
UESDK (HKLM-x32\...\{EB3F6640-58AE-4886-B8BA-466B6939A933}_is1) (Version: 1.0.2.7 - Lenovo)
Visual Studio 2012 x64 Redistributables (HKLM\...\{8C775E70-A791-4DA8-BCC3-6AB7136F4484}) (Version: 14.0.0.1 - AVG Technologies)
Visual Studio 2012 x86 Redistributables (HKLM-x32\...\{98EFF19A-30AB-4E4B-B943-F06B1C63EBF8}) (Version: 14.0.0.1 - AVG Technologies CZ, s.r.o.)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
WinRAR 5.31 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.31.0 - win.rar GmbH)
Zemana AntiMalware (HKLM-x32\...\{8F0CD7D1-42F3-4195-95CD-833578D45057}_is1) (Version: 2.74.0.150 - Zemana Ltd.)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-07-12] ()
ContextMenuHandlers1: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\moje programy\avg pc tuneup\Antivirus\ashShA64.dll [2018-07-11] (AVG Technologies CZ, s.r.o.)
ContextMenuHandlers1: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers2: [CLVDShellExt] -> {3E2A0A32-6E14-4BAD-AA87-BBB6A75EBFF2} => C:\Program Files (x86)\Common Files\CyberLink\ShellExtComponent\CLVDShellExt.dll [2014-09-28] (Cyberlink)
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers5: [ACE] -> {5E2121EE-0300-11D4-8D3B-444553540000} => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\atiacm64.dll [2014-06-11] (Advanced Micro Devices, Inc.)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll [2018-07-12] ()
ContextMenuHandlers6: [AVG] -> {472083B1-C522-11CF-8763-00608CC02F24} => C:\moje programy\avg pc tuneup\Antivirus\ashShA64.dll [2018-07-11] (AVG Technologies CZ, s.r.o.)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {113920C6-69B4-4EB9-9D19-174739A727AA} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [2013-03-09] (CyberLink Corp.)
Task: {18AE124E-8F04-46A5-AE56-65A1122CC8A1} - System32\Tasks\AVG\Overseer => C:\Program Files\Common Files\avg\overseer\overseer.exe [2018-07-11] (AVG Technologies CZ, s.r.o.)
Task: {49F04EFB-CBD9-4798-B794-882628D71E2A} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 => C:\Program Files (x86)\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe [2014-08-19] (Lenovo)
Task: {5173D48B-15F5-45A7-A00E-AE43B164FC08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {61F74790-4F46-4FF8-90AA-DA95B458AD59} - System32\Tasks\AdobeAAMUpdater-1.0-MicrosoftAccount-misinkaa.1@outlook.com => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2015-04-28] (Adobe Systems Incorporated)
Task: {7CD1F50F-E223-440A-9F7B-43E16C167B8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {833E8D03-B18A-43E9-9505-B19EDCA13958} - System32\Tasks\Lenovo\Dependency Package Auto Update => C:\Program Files\Lenovo\iMController\AutoUpdate.exe [2015-12-14] ()
Task: {9927950C-B507-4482-9175-750C8136C799} - System32\Tasks\GarminUpdaterTask => C:\Program Files (x86)\Garmin\Express SelfUpdater\ExpressSelfUpdater.exe [2017-03-28] ()
Task: {AB4464E6-4465-4ECC-8481-6A908A40336E} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2018-06-24] (Piriform Ltd)
Task: {C90B7D51-E7B5-4A37-8EB1-84CD9765433F} - System32\Tasks\AVGPCTuneUp_Task_BkGndMaintenance => C:\Program Files (x86)\AVG\AVG PC TuneUp\tuscanx.exe
Task: {CD89B27D-7443-4B7A-B15A-90B722959599} - System32\Tasks\Antivirus Emergency Update => C:\moje programy\avg pc tuneup\Antivirus\AvEmUpdate.exe [2018-07-11] (AVG Technologies CZ, s.r.o.)
Task: {D7184C91-CD98-43DD-B3A2-9BFAD7DB6BB2} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [2018-06-24] (Piriform Ltd)
Task: {E7C1F422-5D40-470A-A93D-D8E0F1B3D152} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [2014-09-10] (Lenovo)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2018-07-12 14:42 - 2018-07-12 14:42 - 000155504 _____ () C:\Program Files (x86)\Zemana AntiMalware\ZAMShellExt64.dll
2014-03-15 05:33 - 2014-03-15 05:33 - 000049368 _____ () C:\Program Files\Lenovo\Bluetooth Software\btwleapi.dll
2015-02-26 20:02 - 2012-04-24 12:43 - 000390632 ____N () C:\Program Files\CyberLink\Shared files\RichVideo64.exe
2015-02-26 20:10 - 2015-02-26 20:10 - 000067856 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfConnectorService.exe
2015-02-26 20:10 - 2015-02-26 20:10 - 000672016 _____ () C:\Program Files (x86)\Lenovo\Lenovo VeriFace Pro\VfDataStorageInterface.dll
2015-02-26 18:54 - 2010-10-26 06:40 - 000049056 _____ () C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
2014-03-26 22:50 - 2015-02-26 20:14 - 000058864 _____ () C:\Program Files (x86)\Lenovo\Energy Manager\kbdhook.dll
2015-02-26 19:52 - 2014-07-10 03:19 - 000592880 _____ () C:\Program Files (x86)\Lenovo\CCSDK\CCSDK.exe
2015-02-26 19:52 - 2014-07-10 03:19 - 000397296 _____ () C:\Program Files (x86)\Lenovo\CCSDK\WinGather.exe
2017-02-14 09:42 - 2017-02-14 09:42 - 000326144 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\GpsImgWrapper.dll
2017-03-28 15:32 - 2017-03-28 15:32 - 000073216 _____ () C:\Program Files (x86)\Garmin\Device Interaction Service\FixBootSector.dll
2015-02-26 20:03 - 2014-07-04 06:35 - 000627672 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMediaLibrary.dll
2014-07-04 22:35 - 2014-07-04 22:35 - 000016856 _____ () C:\Program Files (x86)\Lenovo\Power2Go\CLMLSvcPS.dll
2018-03-13 07:27 - 2018-03-13 07:27 - 067127976 _____ () C:\moje programy\avg pc tuneup\Antivirus\libcef.dll
2018-07-11 19:53 - 2018-07-11 19:53 - 000481520 _____ () C:\moje programy\avg pc tuneup\Antivirus\streamback.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcpltsvc => ""=""
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2018-07-12 21:56 - 000000813 _____ C:\windows\system32\Drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1288416228-618668501-294838459-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\lenovo\Downloads\Thumb.jpg
DNS Servers: 83.240.0.214 - 83.240.0.135
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

HKLM\...\StartupApproved\Run: => "PhoneCompanion"
HKLM\...\StartupApproved\Run32: => "AdobeAAMUpdater-1.0"
HKLM\...\StartupApproved\Run32: => "Malwarebytes Anti-Malware (cleanup)"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\StartupApproved\Run: => "GarminExpressTrayApp"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\StartupApproved\Run: => "QIP Internet Guardian"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{884DA67D-9DFB-4DEE-BF46-576FD74A8CE4}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE
FirewallRules: [{A33AEF4C-3B61-49EF-AAB9-DDF38C63D4DF}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe
FirewallRules: [{E880B5C9-5343-43FD-81A2-1974F7A394E8}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE
FirewallRules: [{434EA8BF-C23B-4E5B-ACB2-70A598D46F69}] => (Allow) LPort=65387
FirewallRules: [{65C0DCFC-733F-4E27-B130-860B56909133}] => (Allow) LPort=65387
FirewallRules: [{FA2C353B-363F-4905-AB9E-80518D57B174}] => (Allow) LPort=65388
FirewallRules: [{E6C4A25A-8C80-423B-9362-6AA6290943C4}] => (Allow) LPort=65388
FirewallRules: [{289B3D19-805B-4698-A6E3-68B8E4999779}] => (Allow) LPort=65389
FirewallRules: [{7188F673-E445-4D66-9FEB-E8FA11ED2511}] => (Allow) LPort=65389
FirewallRules: [{1C56DD9F-E0E6-4E46-8B70-43F5CB07B8EB}] => (Allow) LPort=65393
FirewallRules: [{6DEAE1C9-124C-4FA7-B7D8-9723207DEA34}] => (Allow) LPort=65393
FirewallRules: [{32EEE767-B40E-4EF8-942C-C8BD2B01E526}] => (Allow) LPort=65394
FirewallRules: [{AA5506B0-E36A-439C-92F4-F9A32AAEACC3}] => (Allow) LPort=65394
FirewallRules: [{573635BA-79B0-4D62-AF1D-EBBDD7B96F35}] => (Allow) LPort=65395
FirewallRules: [{1A9F35D1-FBAF-4100-B1DD-105A8C7EAF77}] => (Allow) LPort=65395
FirewallRules: [{2D5A6977-7546-44EA-B190-1176969C7F84}] => (Allow) LPort=65395
FirewallRules: [{6F88D6F3-43A3-48E0-8098-3A27429787AA}] => (Allow) LPort=65395
FirewallRules: [{7249C57D-F3B5-4A13-86CC-FCE9A2B27BDB}] => (Allow) LPort=65396
FirewallRules: [{A305FFBA-6A2C-40CB-8D21-361DAC71F0AC}] => (Allow) LPort=65396
FirewallRules: [TCP Query User{541AD93D-3B4F-4CDB-A9E5-C4762D2CAAB0}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{5CF6F008-99D9-460C-842E-273BF34B8DF7}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{E5720DAA-F5D2-4064-9FF0-E9E9252B9C24}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [UDP Query User{6EEAA784-0225-4690-BFB5-590E828D0547}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{0AEFE6DA-CD20-4E97-B34C-F6C2597B6C23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{8B7EB42F-D0DA-416E-AB6E-D75953F7EEDA}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{4F7337C4-AAD6-41A3-BF61-1C5012CD1702}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BAEF8583-0E4C-4CEA-A315-1886D517CD8C}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{6AB48401-305C-4586-8382-D7E4169179C3}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{A4A5860C-DA07-4F09-B47B-7DB5C4778F3E}] => (Allow) C:\Program Files\CCleaner\CCUpdate.exe
FirewallRules: [{3E9A5B85-0D56-4C6D-88EF-6E58F096CD0A}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{34B76FF7-F555-443E-8615-A1621A5389C3}] => (Allow) C:\moje programy\avg pc tuneup\Antivirus\AvEmUpdate.exe
FirewallRules: [{EE89EE96-8286-40FE-90E3-7C4FB9605DE5}] => (Allow) C:\moje programy\avg pc tuneup\Antivirus\AvEmUpdate.exe

==================== Restore Points =========================

15-06-2018 19:56:08 Windows Update
11-07-2018 19:37:43 Windows Update
11-07-2018 20:23:24 JRT Pre-Junkware Removal
12-07-2018 10:24:11 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============

Name: Kořenový rozbočovač USB
Description: Kořenový rozbočovač USB
Class Guid: {36fc9e60-c465-11cf-8056-444553540000}
Manufacturer: (Standardní hostitelský řadič USB)
Service: usbhub
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2018 02:15:01 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (07/12/2018 02:15:01 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (07/12/2018 09:20:39 AM) (Source: ESENT) (EventID: 489) (User: )
Description: CCleaner64 (4160) Pokus o otevření souboru C:\Users\lenovo\AppData\Local\Microsoft\Windows\WebCache\WebCacheV01.dat jen pro čtení se nezdařil. Došlo k systémové chybě 32 (0x00000020): Proces nemá přístup k souboru, neboť jej právě využívá jiný proces. . Operace otevření souboru se nezdaří a dojde k chybě -1032 (0xfffffbf8).

Error: (07/12/2018 03:34:03 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: esu.exe, verze: 1.0.0.0, časové razítko: 0x58dac8d5
Název chybujícího modulu: KERNELBASE.dll, verze: 6.3.9600.18938, časové razítko: 0x5a7dd8a7
Kód výjimky: 0xe0434352
Posun chyby: 0x00015ef8
ID chybujícího procesu: 0x481c
Čas spuštění chybující aplikace: 0x01d4198065f2b027
Cesta k chybující aplikaci: C:\Program Files (x86)\Garmin\Express SelfUpdater\esu.exe
Cesta k chybujícímu modulu: C:\windows\SYSTEM32\KERNELBASE.dll
ID zprávy: a84cced4-8573-11e8-8540-68f728762374
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/12/2018 03:34:02 AM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: esu.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.FileNotFoundException
na Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61.MoveNext()
na System.Runtime.CompilerServices.AsyncTaskMethodBuilder.Start[[Garmin.Omt.Service.Shared.Overrides+<UpdateDatacenterOverridesAsync>d__61, ExpressSelfUpdater, Version=1.0.0.0, Culture=neutral, PublicKeyToken=null]](<UpdateDatacenterOverridesAsync>d__61 ByRef)
na Garmin.Omt.Service.Shared.Overrides.UpdateDatacenterOverridesAsync(Boolean)
na Garmin.Omt.Service.Shared.Overrides..cctor()

Informace o výjimce: System.TypeInitializationException
na Garmin.Omt.Service.Shared.Overrides.get_OmtBaseUrl()
na Garmin.Omt.Express.SelfUpdater.Program.RealMain()
na Garmin.Omt.Express.SelfUpdater.Program.Main(System.String[])

Error: (07/11/2018 10:47:17 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (07/11/2018 10:47:17 PM) (Source: Microsoft Security Client) (EventID: 5000) (User: )
Description: Event-ID 5000

Error: (07/11/2018 08:54:16 PM) (Source: MsiInstaller) (EventID: 11500) (User: LENOVO-PC)
Description: Product: Sophos Virus Removal Tool -- Error 1500.Another installation is in progress. You must complete that installation before continuing this one.


System errors:
=============
Error: (07/12/2018 08:36:34 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppEx Networks Accelerator LWF neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.

Error: (07/12/2018 08:35:50 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/12/2018 07:40:38 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/12/2018 07:40:36 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/12/2018 07:40:34 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/12/2018 07:40:33 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/12/2018 07:40:31 PM) (Source: Service Control Manager) (EventID: 7030) (User: )
Description: Služba PEVSystemStart je označena jako interaktivní služba. Avšak systém je nakonfigurován tak, že neumožňuje použití interaktivní služby. Tato služba nebude fungovat správně.

Error: (07/12/2018 06:27:18 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba AppEx Networks Accelerator LWF neuspěla při spuštění v důsledku následující chyby:
Systém nemůže nalézt uvedený soubor.


Windows Defender:
===================================
Date: 2017-06-01 20:18:20.190
Description:
Prohledávání Windows Defender zjistilo chybu při pokusu o načtení podpisů a pokusí se o obnovení sady podpisů, jejichž správnost je potvrzena.
Podpisy, které se měly načíst: Aktuální
Kód chyby: 0x80073aba
Popis chyby: Prostředek je zastaralý, a proto není kompatibilní.
Verze podpisu: 1.185.414.0;1.185.414.0
Verze modulu: 1.1.11005.0

CodeIntegrity:
===================================

Date: 2018-06-17 13:04:05.938
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:04:04.953
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:04:03.969
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:04:02.992
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:04:02.008
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:04:01.039
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:04:00.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

Date: 2018-06-17 13:03:59.055
Description:
Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume5\Windows\System32\wow64.dll because the set of per-page image hashes could not be found on the system.

==================== Memory info ===========================

Processor: AMD QC-4000
Percentage of memory in use: 20%
Total physical RAM: 7632.26 MB
Available physical RAM: 6035.54 MB
Total Virtual: 8144.26 MB
Available Virtual: 6690.15 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:890.91 GB) (Free:715.37 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.1 GB) NTFS

\\?\Volume{b756c28b-88b1-4f5e-bb54-0685989bc558}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.67 GB) NTFS
\\?\Volume{42c821dd-8e6a-450e-9679-98460c111e2f}\ (PBR_DRV) (Fixed) (Total:13.27 GB) (Free:3.14 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: 803184CB)

Partition: GPT.

==================== End of Addition.txt ============================


Nejsem si jistý, jestli HJT fixlo co mělo. Tak jsem hodil log ještě jednou.

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod jaro3 » 12 črc 2018 23:00

HJT OK.

Prosím, postupuj následujícím způsobem:
Otevřít poznámkový blok (Start => Všechny programy => Příslušenství => Poznámkový blok).
Prosím, zkopíruj do něj celý obsah níže.

Kód: Vybrat vše

Start
CloseProcesses:
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\MountPoints2: {7abf1e26-3765-11e8-8509-68f728762374} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\MountPoints2: {c0b76895-e54a-11e6-8312-68f728762374} - "F:\autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1288416228-618668501-294838459-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz136; \??\C:\Users\lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] <==== ATTENTION
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {5173D48B-15F5-45A7-A00E-AE43B164FC08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {7CD1F50F-E223-440A-9F7B-43E16C167B8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

EmptyTemp:
End

(Můžeš použít funkci „vybrat vše“, klepni pravým tlačítkem myši na levé horní políčko v otevřeném poznámkovém bloku a zvol „ Vložit“).

Ulož jej na na plochu jako fixlist.txt


Spusťt FRST a stiskni tlačítko „Fix“ (Opravit) jen jednou a čekej.
Nástroj vypracuje log na ploše (Fixlog.txt), prosím zkopíruj sem celý jeho obsah.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 15 črc 2018 11:23

Fix result of Farbar Recovery Scan Tool (x64) Version: 20.06.2018
Ran by lenovo (15-07-2018 11:06:10) Run:1
Running from C:\Users\lenovo\Desktop
Loaded Profiles: lenovo (Available Profiles: lenovo)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\MountPoints2: {7abf1e26-3765-11e8-8509-68f728762374} - "F:\HiSuiteDownLoader.exe"
HKU\S-1-5-21-1288416228-618668501-294838459-1001\...\MountPoints2: {c0b76895-e54a-11e6-8312-68f728762374} - "F:\autorun.exe"
SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-21-1288416228-618668501-294838459-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
CHR HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [mbckjcfnjmoiinpgddefodcighgikkgn] - hxxps://clients2.google.com/service/update2/crx
S3 cpuz136; \??\C:\Users\lenovo\AppData\Local\Temp\cpuz136\cpuz136_x64.sys [X] <==== ATTENTION
ShellIconOverlayIdentifiers: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [00avg] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
Task: {5173D48B-15F5-45A7-A00E-AE43B164FC08} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
Task: {7CD1F50F-E223-440A-9F7B-43E16C167B8E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-12-27] (Google Inc.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc => ""=""

EmptyTemp:
End
*****************

Processes closed successfully.
"HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{7abf1e26-3765-11e8-8509-68f728762374}" => removed successfully
HKLM\Software\Classes\CLSID\{7abf1e26-3765-11e8-8509-68f728762374} => not found
"HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c0b76895-e54a-11e6-8312-68f728762374}" => removed successfully
HKLM\Software\Classes\CLSID\{c0b76895-e54a-11e6-8312-68f728762374} => not found
"HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}" => removed successfully
HKLM\Software\Classes\CLSID\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} => not found
"HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66}" => removed successfully
HKLM\Software\Classes\CLSID\{012E1000-F331-11DB-8314-0800200C9A66} => not found
"HKU\S-1-5-21-1288416228-618668501-294838459-1001\SOFTWARE\Google\Chrome\Extensions\mbckjcfnjmoiinpgddefodcighgikkgn" => removed successfully
"HKLM\System\CurrentControlSet\Services\cpuz136" => removed successfully
cpuz136 => service removed successfully
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\00avg" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\Software\Classes\AllFileSystemObjects\ShellEx\ContextMenuHandlers\00avg" => removed successfully
HKLM\Software\Classes\CLSID\{472083B0-C522-11CF-8763-00608CC02F24} => not found
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5173D48B-15F5-45A7-A00E-AE43B164FC08}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5173D48B-15F5-45A7-A00E-AE43B164FC08}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7CD1F50F-E223-440A-9F7B-43E16C167B8E}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7CD1F50F-E223-440A-9F7B-43E16C167B8E}" => removed successfully
C:\windows\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\System\CurrentControlSet\Control\SafeBoot\Network\mcpltsvc" => removed successfully

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 7476209 B
Java, Flash, Steam htmlcache => 0 B
Windows/system/drivers => 811 B
Edge => 0 B
Chrome => 54992670 B
Firefox => 0 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 128 B
LocalService => 4112 B
NetworkService => 0 B
lenovo => 12913163 B

RecycleBin => 0 B
EmptyTemp: => 79.9 MB temporary data Removed.

================================


The system needed a reboot.

==== End of Fixlog 11:07:27 ====

Uživatelský avatar
Slegr
Level 3
Level 3
Příspěvky: 402
Registrován: září 07
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod Slegr » 15 črc 2018 11:48

----------------------------------------------------------------------------
CrystalDiskInfo 7.6.1 (C) 2008-2018 hiyohiyo
Crystal Dew World : https://crystalmark.info/
----------------------------------------------------------------------------

OS : Windows 8.1 [6.3 Build 9600] (x64)
Date : 2018/07/15 11:47:43

-- Controller Map ----------------------------------------------------------
+ AMD SATA Controller [ATA]
- WDC WD10JPCX-24UE4T0
- HL-DT-ST DVDRAM GUC0N
- Řadič prostorů úložišť [SCSI]

-- Disk List ---------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0 : 1000,2 GB [0/0/0, pd1] - wd

----------------------------------------------------------------------------
(1) WDC WD10JPCX-24UE4T0
----------------------------------------------------------------------------
Model : WDC WD10JPCX-24UE4T0
Firmware : 01.01A01
Serial Number : WD-WXN1E942YSA9
Disk Size : 1000,2 GB (8,4/137,4/1000,2/1000,2)
Buffer Size : 16384 KB
Queue Depth : 32
# of Sectors : 1953525168
Rotation Rate : 5400 RPM
Interface : Serial ATA
Major Version : ACS-2
Minor Version : ----
Transfer Mode : SATA/600 | SATA/600
Power On Hours : 4522 hod.
Power On Count : 2914 krát
Temperature : 33 C (91 F)
Health Status : Dobrý
Features : S.M.A.R.T., APM, 48bit LBA, NCQ
APM Level : 0060h [ON]
AAM Level : ----
Drive Letter : C: D:

-- S.M.A.R.T. --------------------------------------------------------------
ID Cur Wor Thr RawValues(6) Attribute Name
01 200 200 _51 000000000000 Počet chyb čtení
03 189 179 _21 0000000005E4 Čas na roztočení ploten
04 _92 _92 __0 000000001FDF Počet spuštění/zastavení
05 200 200 140 000000000000 Počet přemapovaných sektorů
07 200 200 _51 000000000000 Počet chybných hledání
09 _94 _94 __0 0000000011AA Hodin v činnosti
0A 100 100 __0 000000000000 Počet opakovaných pokusů o roztočení ploten
0B 100 100 __0 000000000000 Počet pokusů o překalibrování
0C _98 _98 __0 000000000B62 Počet cyklů zapnutí zařízení
C0 200 200 __0 000000000031 Počet vypnutí disku
C1 190 190 __0 000000007F8F Počet cyklů načítání/vymazání
C2 114 _97 __0 000000000021 Teplota
C4 200 200 __0 000000000000 Počet udalostí s číslem realokování sektorů
C5 200 200 __0 000000000000 Počet podezřelých sektorů
C6 100 253 __0 000000000000 Počet neopravitelných sektorů
C7 200 200 __0 000000000000 Počet chyb v kontrolním součtu UltraDMA
C8 200 200 __0 000000000000 Počet chyb při zápisu sektorů
F0 _94 _94 __0 00000000114D Čas nastavování hlaviček - v hodinách

-- IDENTIFY_DEVICE ---------------------------------------------------------
0 1 2 3 4 5 6 7 8 9
000: 427A 3FFF C837 0010 0000 0000 003F 0000 0000 0000
010: 2020 2020 2057 442D 5758 4E31 4539 3432 5953 4139
020: 0000 8000 0000 3031 2E30 3141 3031 5744 4320 5744
030: 3130 4A50 4358 2D32 3455 4534 5430 2020 2020 2020
040: 2020 2020 2020 2020 2020 2020 2020 8010 4000 2F00
050: 4000 0000 0000 0007 3FFF 0010 003F FC10 00FB 0110
060: FFFF 0FFF 0000 0007 0003 0078 0078 0078 0078 0000
070: 0000 0000 0000 0000 0000 001F FF0E 0006 004C 00CC
080: 03FE 0000 346B 7D29 6123 3469 BC09 6123 407F 0067
090: 0067 0060 FFFE 0000 0000 0000 0000 0000 0000 0000
100: 6DB0 7470 0000 0000 0000 0000 6003 0000 5001 4EE6
110: 0566 441B 0000 0000 0000 0000 0000 0000 0000 401C
120: 401C 0000 0000 0000 0000 0000 0000 0000 0029 0400
130: 0001 0000 0000 0000 0000 0000 0000 0000 0000 0000
140: 0000 0000 0004 0000 0000 0000 0000 0000 0000 0000
150: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
160: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
170: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
180: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
190: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
200: 0000 0000 0000 0000 0000 0000 7035 0000 0000 4000
210: 0000 0000 0000 0000 0000 0000 0000 1518 0000 0000
220: 0000 0000 103E 0000 0000 0000 0000 0000 0000 0000
230: 0000 0000 0000 0000 0001 1000 0000 0000 0000 0000
240: 0000 0000 0000 0000 0000 0000 0000 0000 0000 0000
250: 0000 0000 0000 0000 0000 FAA5

-- SMART_READ_DATA ---------------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 2F 00 C8 C8 00 00 00 00 00 00 00 03 27
010: 00 BD B3 E4 05 00 00 00 00 00 04 32 00 5C 5C DF
020: 1F 00 00 00 00 00 05 33 00 C8 C8 00 00 00 00 00
030: 00 00 07 2F 00 C8 C8 00 00 00 00 00 00 00 09 32
040: 00 5E 5E AA 11 00 00 00 00 00 0A 32 00 64 64 00
050: 00 00 00 00 00 00 0B 32 00 64 64 00 00 00 00 00
060: 00 00 0C 32 00 62 62 62 0B 00 00 00 00 00 C0 32
070: 00 C8 C8 31 00 00 00 00 00 00 C1 32 00 BE BE 8F
080: 7F 00 00 00 00 00 C2 22 00 72 61 21 00 00 00 00
090: 00 00 C4 32 00 C8 C8 00 00 00 00 00 00 00 C5 32
0A0: 00 C8 C8 00 00 00 00 00 00 00 C6 30 00 64 FD 00
0B0: 00 00 00 00 00 00 C7 32 00 C8 C8 00 00 00 00 00
0C0: 00 00 C8 08 00 C8 C8 00 00 00 00 00 00 00 F0 32
0D0: 00 5E 5E 4D 11 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 3C 4B 01 7B
170: 03 00 01 00 02 D7 05 00 00 00 00 00 00 00 00 00
180: 00 00 01 04 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 8E

-- SMART_READ_THRESHOLD ----------------------------------------------------
+0 +1 +2 +3 +4 +5 +6 +7 +8 +9 +A +B +C +D +E +F
000: 10 00 01 33 C8 C8 C8 C8 00 00 00 00 00 00 03 15
010: 00 00 00 00 00 00 00 00 00 00 04 00 00 00 00 00
020: 00 00 00 00 00 00 05 8C 00 00 00 00 00 00 00 00
030: 00 00 07 33 C8 C8 C8 C8 00 00 00 00 00 00 09 00
040: 00 00 00 00 00 00 00 00 00 00 0A 00 00 00 00 00
050: 00 00 00 00 00 00 0B 00 00 00 00 00 00 00 00 00
060: 00 00 0C 00 00 00 00 00 00 00 00 00 00 00 C0 00
070: 00 00 00 00 00 00 00 00 00 00 C1 00 00 00 00 00
080: 00 00 00 00 00 00 C2 00 00 00 00 00 00 00 00 00
090: 00 00 C4 00 00 00 00 00 00 00 00 00 00 00 C5 00
0A0: 00 00 00 00 00 00 00 00 00 00 C6 00 00 00 00 00
0B0: 00 00 00 00 00 00 C7 00 00 00 00 00 00 00 00 00
0C0: 00 00 C8 00 C8 C8 C8 C8 00 00 00 00 00 00 F0 00
0D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
0F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
100: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
110: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
120: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
130: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
140: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
150: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
160: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
170: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
180: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
190: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1A0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1B0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1C0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1D0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1E0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00
1F0: 00 00 00 00 00 00 00 00 00 00 00 00 00 00 00 3A

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Prosím kontrolu logu

Příspěvekod jaro3 » 15 črc 2018 19:33

0000000005E4 Čas na roztočení ploten
Čas potřebný k roztočení ploten. S časem se zhoršuje, avšak poměrně pomalu. Náhlá změna značí poškození motorku otáčejícího plotny.

ještě jednou CDI.

Co problémy?
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 8 hostů