Problem s notebookem - log hijackthis

Místo pro vaše HiJackThis logy a logy z dalších programů…

Moderátoři: Mods_senior, Security team

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod jaro3 » 10 črc 2019 18:21

Zavři všechny programy a prohlížeče. Deaktivuj antivir a firewall.
Prosím, odpoj všechny USB (kromě myši s klávesnice) nebo externí disky z počítače před spuštěním tohoto programu.
Spusť znovu RogueKiller ( Pro Windows Vista nebo Windows 7, klepni pravým a vyber "Spustit jako správce", ve Windows XP poklepej ke spuštění).
- klikni na „Start Scan“. V novém okně nic neměň a klikni dole na „Start Scan“,
po jeho skončení - vše zatrhni (dej zatržítka vlevo od nálezů , do bílých políček)
- pak klikni na "Remove Selected"
- Počkej, dokud Status box nezobrazí " Removal finished, please review result "
- Klikni na "Open report " a pak na " Open TXT“ a zkopíruj ten log a vlož obsah té zprávy prosím sem. Log je možno nalézt v C:\ProgramData\RogueKiller\Logs - Zavři RogueKiller.


Vypni antivir i firewall.
Stáhni Zoek.exe
http://download.bleepingcomputer.com/smeenk/zoek.exe

Zavři všechny ostatní programy , okna i prohlížeče.
Spusť Zoek.exe ( u win vista , win7, 8 klikni na něj pravým a vyber : „Spustit jako správce“
-pozor , náběh programu může trvat déle.
Do okna programu vlož skript níže:

Kód: Vybrat vše

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

klikni na Run Script
Program provede sken , opravu, sken i oprava může trvat i více minut ,je třeba posečkat do konce. Do okna neklikej!
Program nabídne restart , potvrď .
Po restartu se může nějaký čas ukázat pouze černá plocha , to je normální. Je třeba počkat až se vytvoří log. Ten si můžeš uložit třeba do dokumentů , jinak se sám ukládá do:
C:\zoek-results.log Zkopíruj sem celý obsah toho logu.
Pokud budou problémy , spusť zoek v nouz. režimu.

Stáhni si Zemana AntiMalware Free z tohoto odkazu:
https://www.zemana.com/Download/AntiMal ... .Setup.exe
a ulož si ho na plochu.
Poklepej na tento soubor na ploše a postupuj podle pokynů k instalaci programu.
Přijmi licenci k používání programu EULA , pokud se nabídne.
Pokud je k dispozici aktualizace programu , klepni na tlačítko „Update now“ ( aktualizovat nyní).
Můžeš si zatrhnout i vytvoření bodu obnovy:
Klikni na ozubené kolečko , poté na „Skenování“ a zatrhni „vytvářet body obnovy“.
Vrať se zpět ( klikni na domeček).
Zavři všechny otevřené soubory, složky a prohlížeče
Neměň žádné nastavení. Klikni na „Skenovat“.
Po skenu lze vidět , zda jsou nějaké nákazy. Klikni na „Další“. Nákazy budou přemístěny do karantény.
Když je skenování dokončeno, objeví se tisková zpráva , zkopíruj sem celý obsah té zprávy.
Jinak můžeš zprávy vidět , když klikneš vpravo nahoře na „ zprávy“.

Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Reklama
Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 10 črc 2019 21:28

Tak roguekiller tady:

RogueKiller Anti-Malware V13.3.1.0 (x64) [Jul 1 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17134) 64 bits
Started in : Normal mode
User : Daniela [Administrator]
Started from : C:\Users\Daniela\Desktop\RogueKiller_portable64.exe
Signatures : 20190710_062459, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2019/07/10 19:58:06 (Duration : 01:22:45)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> O4 - Run
[PUP.SweetLabs|PUP.Gen1 (Potentially Malicious)] (X64) HKEY_USERS\S-1-5-21-3912289609-2614299189-3837706224-1001\Software\Microsoft\Windows\CurrentVersion\RunOnce|Application Restart #2 -- (Pokki) C:\Users\Daniela\AppData\Local\SweetLabs App Platform\Engine\ServiceHostApp.exe --disable-internal-flash --noerrdialogs --no-message-box --disable-extensions --disable-web-security --disable-web-resources --disable-client-side-phishing-detection --enable-file-cookies --disable-sync --disable-breakpad --disable-bundled-ppapi-flash --disable-sync-tabs --disable-speech-input --disable-custom-jumplist --process-per-tab --debug-devtools-frontend="C:\Users\Daniela\AppData\Local\SweetLabs App Platform\Engine\inspector" --no-first-run --lang=en-US --disable-component-update --disable-prompt-on-repost --no-startup-window --disable-translate --disable-logging --disable-desktop-notifications --disable-gpu-process-prelaunch --flag-switches-begin --flag-switches-end --restore-last-session -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
[PUP.SweetLabs|PUP.Gen1 (Potentially Malicious)] (shortcut) Start Menu.lnk -- C:\Users\Daniela\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Start Menu.lnk => C:\Users\Daniela\AppData\Local\SWEETL~1\Engine\SERVIC~1.EXE [/OPEN"menu"] -> Found
[PUP.SweetLabs|PUP.Gen1 (Potentially Malicious)] (shortcut) Lenovo Web Start.lnk -- C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo Web Start.lnk => C:\Users\Daniela\AppData\Local\SWEETL~1\Engine\SERVIC~1.EXE [ /OPEN"04bb6df446330549a2cb8d67fbd1a745025b7bd1"] -> Found
[PUP.SweetLabs|PUP.Gen1 (Potentially Malicious)] (shortcut) Pirate Storm.lnk -- C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pirate Storm.lnk => C:\Users\Daniela\AppData\Local\SWEETL~1\Engine\SERVIC~1.EXE [ /OPEN"17dd240efdb0c50e8a5015de26b6d100f1b1072c"] -> Found
[PUP.SweetLabs|PUP.Gen1 (Potentially Malicious)] (shortcut) Start Menu.lnk -- C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Start Menu.lnk => C:\Users\Daniela\AppData\Local\SWEETL~1\Engine\SERVIC~1.EXE [/OPEN"menu"] -> Found
[PUP.SweetLabs|PUP.Gen1 (Potentially Malicious)] (folder) SweetLabs App Platform -- C:\Users\Daniela\AppData\Local\SweetLabs App Platform -> Found

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤
>>>>>> Firefox Config
[PUM.SearchEngine (Potentially Malicious)] browser.search.defaultenginename (C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default\prefs.js) -- Bing -> Found
[PUM.SearchEngine (Potentially Malicious)] browser.search.selectedEngine (C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default\prefs.js) -- Bing -> Found

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod jaro3 » 10 črc 2019 22:24

RK , ještě jednou a vše smazat!!
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 11 črc 2019 09:46

Zoek.exe v5.0.0.2 Updated 03-May-2018(Online Version)
Tool run by Daniela on st 10. 07. 2019 at 21:31:55,63.
Microsoft Windows 10 Home 10.0.17134 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Daniela\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

10. 7. 2019 21:37:25 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\PROGRA~2\New Folder deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Comms deleted successfully
C:\PROGRA~3\SoftwareDistribution deleted successfully
C:\Users\Administrator\AppData\Local\PlaceholderTileLogoFolder deleted successfully
C:\Users\Daniela\AppData\Local\DBG deleted successfully
C:\Users\Daniela\AppData\Local\EmieBrowserModeList deleted successfully
C:\Users\Daniela\AppData\Local\EmieSiteList deleted successfully
C:\Users\Daniela\AppData\Local\EmieUserList deleted successfully
C:\Users\Daniela\AppData\Local\NetworkTiles deleted successfully
C:\Users\Daniela\AppData\Local\Skype deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\DBG deleted successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\NetworkTiles deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-3912289609-2614299189-3837706224-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{23CA0D61-91B0-4915-81E0-EDDA60FE775F} deleted successfully
HKEY_USERS\S-1-5-21-3912289609-2614299189-3837706224-1001\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FA8528AA-9DB6-4FDD-966E-56B807FCFA35} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.seznam.cz/");
user_pref("keyword.URL", "http://www.bing.com/search?FORM=SK216DF&PC=SK216&q=");

Added to C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\PROGRA~2\New Folder not found
C:\PROGRA~2\Origin Games not found
C:\windows\SysNative\Tasks\OFFICE2013ACT deleted
C:\WINDOWS\sysWoW64\config\systemprofile\.android deleted
C:\WINDOWS\SysNative\config\systemprofile\AppData\Roaming\ETDCoInstaller.log deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\Default\AppData\Local\Pokki deleted

==== Orphaned Tasks deleted from Registry ======================

OFFICE2013ACT deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions ======================

ProfilePath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default
- Bing Search - %ProfilePath%\extensions\bingsearch.full@microsoft.com.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default
- C:\Program Files x86\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll - [?]


==== Chromium Look ======================


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="https://www.seznam.cz/"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{A56A856B-FD44-4E05-A16A-C9069244E712}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\SearchScopes\{A56A856B-FD44-4E05-A16A-C9069244E712} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKLM\Wow6432Node\SearchScopes "DefaultScope"="{A56A856B-FD44-4E05-A16A-C9069244E712}"
HKLM\Wow6432Node\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKLM\Wow6432Node\SearchScopes\{A56A856B-FD44-4E05-A16A-C9069244E712} - http://www.bing.com/search?q={searchTerms}&form=IE11TR&src=IE11TR&pc=LCJB
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{012E1000-F331-11DB-8314-0800200C9A66} - http://www.google.com/search?q={searchTerms}
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
HKCU\SearchScopes\{1C510631-D26C-4C64-B525-ED1F2F644BE8} - http://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{2A651FCF-95E3-4BE3-9629-CF40FD00BE55} - http://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
HKCU\SearchScopes\{54A5B18D-3A5B-464C-A28B-F8089F256A16} - http://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{60AEE5E9-71BE-40BF-B65E-59D602F03AC5} - http://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{6AF89F9C-D27E-4A1E-AC13-634EC81AED78} - http://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
HKCU\SearchScopes\{7B1F44F3-B79E-41C7-BF41-3A80EC72FC9C} - http://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
HKCU\SearchScopes\{82FF5651-E3DB-481D-BC1F-A2D09CE2CFAA} - http://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
HKCU\SearchScopes\{91B0AE32-A4D3-43A5-9029-09E97C00BE16} - http://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530

==== Reset Google Chrome ======================

Nothing found to reset

==== Empty IE Cache ======================

C:\WINDOWS\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\WINDOWS\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\Content.IE5 emptied successfully
C:\Users\Daniela\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully
C:\WINDOWS\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\INetCache\IE emptied successfully

==== Empty FireFox Cache ======================

C:\Users\Daniela\AppData\Local\Mozilla\Firefox\Profiles\1altms36.default\cache2 emptied successfully

==== Empty Edge Cache ======================

Edge Cache Emptied Successfully

==== Empty Chrome Cache ======================

No Chrome User Data found

==== Empty All Flash Cache ======================

No Flash Cache Found

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=5849 folders=156 289442419 bytes)

==== Empty Temp Folders ======================

C:\Users\Administrator\AppData\Local\Temp emptied successfully
C:\Users\Daniela\AppData\Local\Temp will be emptied at reboot
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\WINDOWS\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\WINDOWS\Temp successfully emptied
C:\Users\Daniela\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== EOF on źt 11. 07. 2019 at 9:26:02,15 ======================

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 11 črc 2019 09:53

RK jsem vcera delal, ale smazalo to jen pulku. Takze zkusim spustit jako spravce.

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 11 črc 2019 12:44

Tady je novy log RK:

RogueKiller Anti-Malware V13.3.1.0 (x64) [Jul 1 2019] (Free) by Adlice Software
mail : https://adlice.com/contact/
Website : https://adlice.com/download/roguekiller/
Operating System : Windows 10 (10.0.17134) 64 bits
Started in : Normal mode
User : Daniela [Administrator]
Started from : C:\Users\Daniela\Desktop\RogueKiller_portable64.exe
Signatures : 20190710_062459, Driver : Loaded
Mode : Standard Scan, Scan -- Date : 2019/07/11 10:04:18 (Duration : 01:07:32)

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Processes ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Process Modules ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Services ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Tasks ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Registry ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ WMI ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Hosts File ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Files ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤ Web browsers ¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤¤

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 11 črc 2019 12:56

A tady je zpráva Zemana.Nic nenašel.

Informace o kontroly
Název produktu    :  Zemana AntiMalware
Stav kontroly    :  Dokončena
Datum kontroly    :  11. 7. 2019 12:51:29
Typ kontroly    :  Inteligentní kontrola
Čas trvání    :  00:02:08
Zkontrolované objekty    :  1681
Zjištěné objekty    :  0
Vyloučené objekty    :  0
Automatické odesílání    :  Ano
Operační systém    :  Windows 10 x64
Procesor    :  2X Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Režim systému BIOS    :  UEFI
Informace o doméně    :  WORKGROUP,False,NetSetupWorkgroupName
CUID    :  12F23D2B85186F8AE32D0B

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod jaro3 » 11 črc 2019 18:37

Vlož nový log z HJT + informuj o problémech
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 11 črc 2019 22:25

Tak tady to je. Jen mi HJT napsal, ze "For some reason your system denied write access to hosts file". Konkretne "notepad C://windows/system32/drivers/etc/hosts"

Jinak je pc trochu rychlejsi, nez byl, ale i tak to neni ono. Mozna je to opravdu starim stroje, nevim. Diky.



Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 22:20:41, on 11. 7. 2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17134.0001)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE
C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
C:\Users\Daniela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Steam\Steam.exe
C:\Users\Daniela\Desktop\hijackthis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://lenovo13.msn.com/?pc=LCJB
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = https://www.seznam.cz/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O1 - Hosts: ::1 localhost
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files (x86)\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Daniela\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [Steam] "C:\Program Files (x86)\Steam\steam.exe" -silent
O4 - HKCU\..\Run: [Akamai NetSession Interface] "C:\Users\Daniela\AppData\Local\Akamai\netsession_win.exe"
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKLM\..\Policies\Explorer\Run: [BtvStack] "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\Program Files (x86)\Microsoft Office\Office12\EXCEL.EXE/3000
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~1\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: Conexant Audio Message Service (CxAudMsg) - Unknown owner - C:\windows\system32\CxAudMsg64.exe (file missing)
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: SpyHunter 5 Kernel (EsgShKernel) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShKernel.exe
O23 - Service: Elan Service (ETDService) - ELAN Microelectronics Corp. - C:\Program Files\Elantech\ETDService.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: Intel(R) Integrated Clock Controller Service - Intel(R) ICCS (ICCS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Integrated Clock Controller Service\ICCProxy.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService1.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Lenovo Solution Center System Service (LSC.Services.SystemService) - Lenovo - C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe
O23 - Service: Maxthon Core Update Service (MaxthonUpdateSvc) - Maxthon - C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Origin Client Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginClientService.exe
O23 - Service: Origin Web Helper Service - Electronic Arts - C:\Program Files (x86)\Origin\OriginWebHelperService.exe
O23 - Service: Lenovo PhoneCompanionPusher Service (PhoneCompanionPusher) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
O23 - Service: Lenovo PhoneCompanionVap Service (PhoneCompanionVap) - Lenovo - C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe
O23 - Service: Cyberlink RichVideo64 Service(CRVS) (RichVideo64) - Unknown owner - C:\Program Files\CyberLink\Shared files\RichVideo64.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Conexant SmartAudio service (SAService) - Conexant Systems, Inc. - C:\windows\system32\SAsrv.exe
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: SpyHunter 5 Kernel Monitor (ShMonitor) - EnigmaSoft Limited - C:\Program Files\EnigmaSoft\SpyHunter\ShMonitor.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
O23 - Service: TeamViewer 13 (TeamViewer) - TeamViewer GmbH - C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: @%systemroot%\system32\xbgmsvc.exe,-100 (xbgm) - Unknown owner - C:\WINDOWS\system32\xbgmsvc.exe (file missing)
O23 - Service: ZAtheros Bt and Wlan Coex Agent - Atheros - C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe

--
End of file - 9600 bytes

Uživatelský avatar
jaro3
člen Security týmu
Guru Level 15
Guru Level 15
Příspěvky: 43054
Registrován: červen 07
Bydliště: Jižní Čechy
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod jaro3 » 11 črc 2019 23:14

Odinstaluj:
SpyHunter

Prosím stáhni příslušnou verzi programu pro Tvůj systém 32-bit/64-bit FarbarRecovery Scan Tool (FrSt)
32bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/81/
64bit.:
http://www.bleepingcomputer.com/downloa ... ool/dl/82/
a ulož jej na plochu. ,pak spusť FrSt.
Potvrď způsob užití.
Neměň žádné z výchozích nastavení a klikni na položku „Scan“ („Skenovat“) .Když je skenování dokončeno, ukážou se dva logy = FRST.txt a Addition.txt a uloží se na ploše.Prosím zkopíruj sem celý jejich obsah.

Stáhni si CrystalDiskInfo
Spusť program a klikni na Úpravy-Kopírovat. Poté sem vlož pomocí Ctrl+V obsah logu.
Při práci s programy HJT, ComboFix,MbAM, SDFix aj. zavřete všechny ostatní aplikace a prohlížeče!
Neposílejte logy do soukromých zpráv.Po dobu mé nepřítomnosti mě zastupuje memphisto , Žbeky a Orcus.
Pokud budete spokojeni , můžete podpořit naše forum:Podpora fóra

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 12 črc 2019 17:06

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 10-07-2019
Ran by Daniela (administrator) on DANA_PC (LENOVO 80G0) (12-07-2019 16:50:45)
Running from C:\Users\Daniela\Desktop
Loaded Profiles: Daniela (Available Profiles: Daniela & Administrator)
Platform: Windows 10 Home Version 1803 17134.590 (X64) Language: Čeština (Česko)
Default browser: FF
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.Windows.Photos_2019.19051.16210.0_x64__8wekyb3d8bbwe\Microsoft.Photos.exe
() [File not signed] C:\Program Files\WindowsApps\Microsoft.ZuneVideo_10.19031.11411.0_x64__8wekyb3d8bbwe\Video.UI.exe
(Adobe Systems, Incorporated -> Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
(Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
(Conexant Systems, Inc. -> Conexant Systems Inc.) C:\Windows\System32\CxAudMsg64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Program Files\CONEXANT\cAudioFilterAgent\CAudioFilterAgent64.exe
(Conexant Systems, Inc. -> Conexant Systems, Inc.) C:\Windows\SysWOW64\SASrv.exe
(CyberLink -> ) C:\Program Files\CyberLink\Shared files\RichVideo64.exe
(CyberLink Corp. -> CyberLink Corp.) C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrl.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDCtrlHelper.exe
(ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.) C:\Program Files\Elantech\ETDService.exe
(Fortemedia Inc -> ) C:\Program Files\CONEXANT\ForteConfig\fmapp.exe
(Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxHK.exe
(Intel(R) pGFX -> Intel Corporation) C:\Windows\System32\igfxTray.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe
(Lenovo (Beijing) Limited -> Lenovo(beijing) Limited) C:\Program Files (x86)\Lenovo\Energy Manager\utility.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe
(Lenovo (Beijing) Limited -> Lenovo) C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe
(LENOVO -> Lenovo) C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe
(Maxthon (Asia) Limited. -> Maxthon) C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe
(Microsoft Corporation -> © 2015 Microsoft Corporation) C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Users\Daniela\AppData\Local\Microsoft\OneDrive\OneDrive.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Windows -> Microsoft Corporation) C:\Program Files\Windows Defender\MSASCuiL.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\smartscreen.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\MsMpEng.exe
(Microsoft Windows Publisher -> Microsoft Corporation) C:\ProgramData\Microsoft\Windows Defender\Platform\4.18.1906.3-0\NisSrv.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Realtek Semiconductor Corp -> Realtek semiconductor) C:\Windows\RTFTrack.exe
(TeamViewer GmbH -> TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [SecurityHealth] => C:\Program Files\Windows Defender\MSASCuiL.exe [638872 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Run: [RtsFT] => C:\WINDOWS\RTFTrack.exe [5060864 2015-06-16] (Realtek Semiconductor Corp -> Realtek semiconductor)
HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3242696 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
HKLM\...\Run: [cAudioFilterAgent] => C:\Program Files\Conexant\cAudioFilterAgent\cAudioFilterAgent64.exe [907480 2013-09-05] (Conexant Systems, Inc. -> Conexant Systems, Inc.)
HKLM\...\Run: [ForteConfig] => C:\Program Files\Conexant\ForteConfig\fmapp.exe [49056 2010-10-26] (Fortemedia Inc -> )
HKLM\...\Run: [SmartAudio] => C:\Program Files\CONEXANT\SAII\SACpl.exe [1647616 2012-06-13] (Conexant Systems, Inc.) [File not signed]
HKLM\...\Run: [PhoneCompanion] => C:\Program Files\Lenovo PhoneCompanion\Phone Companion.exe [836592 2014-05-20] (Lenovo (Beijing) Limited -> Lenovo)
HKLM\...\Run: [Energy Manager] => C:\Program Files (x86)\Lenovo\Energy Manager\Energy Manager.exe [16094704 2014-05-20] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM\...\Run: [Lenovo Utility] => C:\Program Files (x86)\Lenovo\Energy Manager\Utility.exe [10842096 2014-05-20] (Lenovo (Beijing) Limited -> Lenovo(beijing) Limited)
HKLM-x32\...\Run: [UpdateP2GShortCut] => C:\Program Files (x86)\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [214312 2011-12-07] (CyberLink -> CyberLink Corp.)
HKLM\...\Policies\Explorer\Run: [BtvStack] => "C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe"
HKU\S-1-5-19\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-20\...\RunOnce: [WAB Migrate] => C:\Program Files\Windows Mail\wab.exe [518144 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\Run: [BingSvc] => C:\Users\Daniela\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\Run: [EADM] => C:\Program Files (x86)\Origin\Origin.exe [3113768 2018-12-02] (Electronic Arts, Inc. -> Electronic Arts)
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\Run: [Akamai NetSession Interface] => "C:\Users\Daniela\AppData\Local\Akamai\netsession_win.exe"
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [22695280 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
HKLM\...\Drivers32: [msacm.clmp3enc] => C:\Program Files (x86)\Lenovo\Power2Go\CLMP3Enc.ACM [217088 2005-05-14] (CyberLink Corp.) [File not signed]
HKLM\Software\...\Authentication\Credential Providers: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-30] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]
HKLM\Software\...\Authentication\Credential Provider Filters: [{ACFC407B-266C-8504-8DAE-F3E276336E4B}] -> C:\WINDOWS\system32\AthCredentialProvider.dll [2013-10-30] (Qualcomm Atheros -> Qualcomm®Atheros®) [File not signed]

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {03121465-EA8A-476E-85E4-D28779F7991C} - \Microsoft\Windows\Setup\gwx\rundetector -> No File <==== ATTENTION
Task: {0440C910-4BF9-4B19-8CFB-D9A015EF4DD2} - \Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B -> No File <==== ATTENTION
Task: {048098E7-434D-43C7-A5F7-A620D78BA930} - \Microsoft\Windows\Setup\GWXTriggers\Logon-5d -> No File <==== ATTENTION
Task: {07A0C7B1-530D-444C-9A96-54005BDFAF5A} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantCalendarRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {093CDD2C-F6CD-4A87-B80C-F857DC679501} - System32\Tasks\Microsoft\Windows\Shell\FamilySafetyUpload => {EBF00FCB-0769-4B81-9BEC-6C05514111AA}
Task: {16829B17-05AA-4CEE-AAC9-401095AA326B} - System32\Tasks\PDVDServ Task => C:\Program Files (x86)\Lenovo\PowerDVD10\PDVD10Serv.EXE [95192 2013-03-09] (CyberLink Corp. -> CyberLink Corp.)
Task: {18727DA4-0342-4AE8-944A-AB0E1F6F1972} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime -> No File <==== ATTENTION
Task: {1D242436-A731-49CA-9C83-307AF6A41DD0} - \Microsoft\Windows\Setup\gwx\refreshgwxcontent -> No File <==== ATTENTION
Task: {2044B5EF-5FE1-4BCF-959F-25FE6BE9ADD3} - \Microsoft\Windows\Setup\GWXTriggers\Time-Weekend -> No File <==== ATTENTION
Task: {2E8ADA0A-E16A-40C4-A55F-A2F4D7F804CF} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Verification => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {352E6CA0-7314-4DF4-89C4-682368D80D57} - System32\Tasks\Microsoft\Windows\Workplace Join\Automatic-Workplace-Join => C:\WINDOWS\System32\AutoWorkplace.exe
Task: {3796E078-A467-44BF-A416-DB44001CBAAF} - System32\Tasks\Lenovo\LSC\LSCHardwareScanPostpone => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9940304 2016-04-20] (LENOVO -> Lenovo)
Task: {4E3EE142-A3DF-4AE0-B5D6-61A1C5C6824C} - \Microsoft\Windows\Setup\GWXTriggers\OnIdle-5d -> No File <==== ATTENTION
Task: {5A3FB241-0B11-4EA5-BC66-0D9F1B406040} - System32\Tasks\Microsoft\Windows\Customer Experience Improvement Program\BthSQM => {C8367320-6F85-11E0-A1F0-0800200C9A66} C:\WINDOWS\System32\BthTelemetry.dll [33280 2018-04-12] (Microsoft Windows -> Microsoft Corporation)
Task: {6126BDD6-E691-488B-9960-A24CA1EABFCC} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program 64 35 => C:\Program Files (x86)\Lenovo\Customer Feedback Program 35\Lenovo.TVT.CustomerFeedback.Agent35.exe [17744 2016-04-20] (LENOVO -> Lenovo)
Task: {6150EDDF-26B4-464E-B412-6434C4BA9A40} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1195544 2018-12-16] (Adobe Systems, Incorporated -> Adobe Systems Incorporated)
Task: {6DFCB649-0769-4F83-BB10-F60F235F6D3D} - System32\Tasks\Microsoft\Windows\SkyDrive\Idle Sync Maintenance Task => {BF6C1E47-86EC-4194-9CE5-13C15DCB2001}
Task: {714E501A-831C-4C86-8DE0-A454E6BC608C} - System32\Tasks\Lenovo\Lenovo Customer Feedback Program => C:\Program Files\Lenovo\Customer Feedback Program\Lenovo.TVT.CustomerFeedback.Agent.exe
Task: {78FBCE3F-9E2E-4E9C-86D1-DA1DBE4195C2} - \Microsoft\Windows\Setup\gwx\launchtrayprocess -> No File <==== ATTENTION
Task: {80A8F884-8DBE-48D7-B6E5-332FFFD36157} - System32\Tasks\Lenovo\LSC\LSCTaskService => C:\Program Files\Lenovo\Lenovo Solution Center\App\LSCTaskService.exe
Task: {812CC341-CC40-4A1B-B27A-6609AC98E076} - \Microsoft\Windows\Setup\gwx\refreshgwxconfig -> No File <==== ATTENTION
Task: {82DBD46F-75A2-4221-AB01-8091639F8528} - \Microsoft\Windows\Setup\GWXTriggers\OutOfSleep-5d -> No File <==== ATTENTION
Task: {86F3FCA5-7843-410B-9460-37288E621622} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [16667424 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {872D0E53-FD2E-41E3-B431-698AF82882CE} - System32\Tasks\Microsoft\Windows\SkyDrive\Routine Maintenance Task => {1B1F472E-3221-4826-97DB-2C2324D389AE}
Task: {913867B9-94D9-42F4-AD35-59D277CFC815} - \Microsoft\Windows\Setup\GWXTriggers\OutOfIdle-5d -> No File <==== ATTENTION
Task: {916C7EDF-5595-420E-993C-E1603FE965A0} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantAllUsersRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {951EA413-2482-4691-BDE1-EE6D1047E494} - System32\Tasks\Maxthon Update => C:\Program Files (x86)\Maxthon\Bin\mxup.exe [1705784 2013-10-14] (Maxthon (Asia) Limited. -> Maxthon International ltd.)
Task: {9C0DEE9C-E71A-4843-8872-D410586FD87C} - System32\Tasks\Microsoft\Windows\Setup\EOSNotify => C:\WINDOWS\system32\EOSNotify.exe
Task: {A9F6BC49-ADDE-4851-A249-D9F1E56A218E} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cache Maintenance => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {AB21D759-23F1-4EB6-B3F0-410BB65C38FA} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {ABD60F98-C51A-4136-9810-09CD8EFE0882} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {AEA823BF-6FC7-4698-9535-762BA17EC287} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistant => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {B2D6EB0D-FB45-4CA8-8B93-6EF25AC35637} - System32\Tasks\Microsoft\Windows\PLA\LSC Memory => C:\windows\system32\rundll32.exe C:\windows\system32\pla.dll,PlaHost "LSC Memory" "$(Arg0)"
Task: {C5911E09-FF11-4FC2-9796-DA78D84CB4B0} - System32\Tasks\Lenovo\Lenovo Solution Center Launcher => C:\Program Files\lenovo\lenovo solution center\App\LSC.Services.UpdateStatusService.exe [263504 2016-04-20] (LENOVO -> )
Task: {CE2DE968-E342-40D7-9566-427D45E4A886} - System32\Tasks\Microsoft\Windows\PerfTrack\BackgroundConfigSurveyor => {EA9155A3-8A39-40B4-8963-D3C761B18371}
Task: {DD7582D8-4918-48F1-AC26-F2789A3E5A7B} - \Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime -> No File <==== ATTENTION
Task: {E8994A4E-6E0D-48DA-A081-7E9E88CB3673} - System32\Tasks\Lenovo\LSC\LSCHardwareScan => C:\Program Files\Lenovo\Lenovo Solution Center\LSC.exe [9940304 2016-04-20] (LENOVO -> Lenovo)
Task: {EA49BD9C-A46C-47CA-9FE1-43143D2E44D8} - System32\Tasks\Microsoft\Windows\UpdateOrchestrator\UpdateAssistantWakeupRun => C:\WINDOWS\UpdateAssistant\UpdateAssistant.exe [0 0000-00-00] (Microsoft Corporation)
Task: {EBEEBCAF-1AB5-4734-BEE0-C99C2D4656DD} - System32\Tasks\Lenovo\LSC\Lenovo Solution Center Notifications => C:\Program Files\Lenovo\Lenovo Solution Center\LSCNotify.exe [1321296 2016-04-20] (LENOVO -> Lenovo)
Task: {ED134749-76AD-4797-AD9A-A0BE0E38B01D} - \Microsoft\Windows\Setup\GWXTriggers\MachineUnlock-5d -> No File <==== ATTENTION
Task: {EDA36DD1-5094-45F8-8E26-BE3F175C80F9} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Scheduled Scan => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F257EFAB-B45B-4C74-A457-8631C571C01C} - System32\Tasks\Microsoft\Windows\Windows Defender\Windows Defender Cleanup => C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MpCmdRun.exe [470176 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
Task: {F2712F90-FD08-4AFA-9289-E564C0525320} - System32\Tasks\AMHelper => C:\Program Files (x86)\Zemana\AntiMalware\AntiMalware.exe [656960 2019-07-08] (Zemana D.O.O. Sarajevo -> Zemana Ltd.)
Task: {F7B9E1AC-D8A0-407C-9F5A-6591CD37FE88} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [619416 2019-06-18] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {F7DED190-D84C-4C30-BEF5-12F39778B1D2} - \Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent -> No File <==== ATTENTION
Task: {FDC022C1-CA20-447A-81B8-904F4A2D825A} - \Microsoft\Windows\Setup\GWXTriggers\Time-5d -> No File <==== ATTENTION

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)


==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{ac1d3af8-503b-483a-852b-8d59e2a14e6f}: [DhcpNameServer] 10.0.0.1
Tcpip\..\Interfaces\{ef36e0aa-c9d0-4a2c-a9c0-ee5ec41e58ed}: [DhcpNameServer] 150.202.1.3

Internet Explorer:
==================
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxps://www.seznam.cz/
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://lenovo13.msn.com/?pc=LCJB
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = hxxp://www.bing.com/search?PC=WCUG&FORM=WCUGDF&q={searchTerms}
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {1C510631-D26C-4C64-B525-ED1F2F644BE8} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {2A651FCF-95E3-4BE3-9629-CF40FD00BE55} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {54A5B18D-3A5B-464C-A28B-F8089F256A16} URL = hxxp://www.mapy.cz/?query={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {60AEE5E9-71BE-40BF-B65E-59D602F03AC5} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {6AF89F9C-D27E-4A1E-AC13-634EC81AED78} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {7B1F44F3-B79E-41C7-BF41-3A80EC72FC9C} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {82FF5651-E3DB-481D-BC1F-A2D09CE2CFAA} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530
SearchScopes: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001 -> {91B0AE32-A4D3-43A5-9029-09E97C00BE16} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&sourceid=QuickSearch_29530

FireFox:
========
FF DefaultProfile: 1altms36.default
FF ProfilePath: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default [2019-07-12]
FF Homepage: Mozilla\Firefox\Profiles\1altms36.default -> about:home
FF NewTab: Mozilla\Firefox\Profiles\1altms36.default -> about:newtab
FF Extension: (Bing Search) - C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default\Extensions\bingsearch.full@microsoft.com.xpi [2017-05-04] [Legacy]
FF SearchPlugin: C:\Users\Daniela\AppData\Roaming\Mozilla\Firefox\Profiles\1altms36.default\searchplugins\bing-.xml [2017-05-04]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2019-05-03] (Adobe Inc. -> Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ETDService; C:\Program Files\Elantech\ETDService.exe [144072 2015-10-07] (ELAN Microelectronics Corporation -> ELAN Microelectronics Corp.)
R2 igfxCUIService1.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [337888 2016-05-03] (Intel(R) pGFX -> Intel Corporation)
R2 Intel(R) Capability Licensing Service Interface; C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe [733696 2013-07-02] (Intel(R) Corporation) [File not signed]
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [822232 2013-07-02] (Intel® Trusted Connect Service -> Intel(R) Corporation)
S3 LSC.Services.SystemService; C:\Program Files\Lenovo\Lenovo Solution Center\App\LSC.Services.SystemService.exe [273232 2016-04-20] (LENOVO -> Lenovo)
R2 MaxthonUpdateSvc; C:\Program Files (x86)\Maxthon\Modules\Service\Update\MaxthonUpdateSvc.exe [1880864 2018-04-10] (Maxthon (Asia) Limited. -> Maxthon)
S2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [6541008 2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
S3 Origin Client Service; C:\Program Files (x86)\Origin\OriginClientService.exe [2269504 2018-12-02] (Electronic Arts, Inc. -> Electronic Arts)
S2 Origin Web Helper Service; C:\Program Files (x86)\Origin\OriginWebHelperService.exe [3130184 2018-12-02] (Electronic Arts, Inc. -> Electronic Arts)
R2 PhoneCompanionPusher; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionPusher.exe [288240 2014-05-20] (Lenovo (Beijing) Limited -> Lenovo)
S3 PhoneCompanionVap; C:\Program Files\Lenovo PhoneCompanion\PhoneCompanionVap.exe [305136 2014-05-20] (Lenovo (Beijing) Limited -> Lenovo)
R2 RichVideo64; C:\Program Files\CyberLink\Shared files\RichVideo64.exe [390632 2012-04-24] (CyberLink -> )
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [11293936 2018-04-03] (TeamViewer GmbH -> TeamViewer GmbH)
R3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\NisSrv.exe [2455544 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1906.3-0\MsMpEng.exe [110104 2019-07-08] (Microsoft Windows Publisher -> Microsoft Corporation)
R2 ZAtheros Bt and Wlan Coex Agent; C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe [323584 2013-10-30] (Atheros) [File not signed]

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R1 amsdk; C:\WINDOWS\system32\drivers\amsdk.sys [232792 2019-07-11] (Zemana D.O.O. Sarajevo -> Copyright 2018.)
R3 athr; C:\WINDOWS\System32\drivers\athw8x.sys [4233728 2018-04-12] (Microsoft Windows -> Qualcomm Atheros Communications, Inc.)
S3 athur; C:\WINDOWS\System32\drivers\athuwbx.sys [2702336 2013-11-20] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros Communications, Inc.)
R3 BtFilter; C:\WINDOWS\system32\DRIVERS\btfilter.sys [610336 2016-07-13] (Microsoft Windows Hardware Compatibility Publisher -> Qualcomm Atheros)
R0 MBI; C:\WINDOWS\System32\drivers\MBI.sys [29464 2013-10-10] (Intel(R) Software -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-07-22] (Realtek Semiconductor Corp -> Realtek )
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [410880 2015-07-03] (Realtek Semiconductor Corp -> Realsil Semiconductor Corporation)
R3 rtsuvc; C:\WINDOWS\system32\DRIVERS\rtsuvc.sys [3068160 2015-06-16] (Realtek Semiconductor Corp -> Realtek Semiconductor Corp.)
S2 SecDrv; C:\WINDOWS\SysWOW64\drivers\SECDRV.SYS [28400 2019-07-09] () [File not signed]
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [87568 2013-07-02] (Intel Corporation - Client Components Group -> Intel Corporation)
S0 WdBoot; C:\WINDOWS\System32\drivers\wd\WdBoot.sys [47704 2019-07-08] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
R0 WdFilter; C:\WINDOWS\System32\drivers\wd\WdFilter.sys [367032 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
R3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-07-08] (Microsoft Windows -> Microsoft Corporation)
S3 wsvd; C:\WINDOWS\system32\DRIVERS\wsvd.sys [102376 2012-06-14] (CyberLink -> "CyberLink)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-12 16:50 - 2019-07-12 16:54 - 000024456 _____ C:\Users\Daniela\Desktop\FRST.txt
2019-07-12 16:50 - 2019-07-12 16:50 - 000000000 ____D C:\FRST
2019-07-12 16:47 - 2019-07-12 16:47 - 002095104 _____ (Farbar) C:\Users\Daniela\Desktop\FRST64.exe
2019-07-12 16:44 - 2019-07-12 16:48 - 000000000 ____D C:\Users\Daniela\AppData\LocalLow\Mozilla
2019-07-12 13:50 - 2019-07-12 13:50 - 000000000 ____D C:\Users\Daniela\AppData\Local\DBG
2019-07-11 12:48 - 2019-07-12 16:54 - 000091845 _____ C:\WINDOWS\ZAM.krnl.trace
2019-07-11 12:48 - 2019-07-11 12:48 - 000003546 _____ C:\WINDOWS\System32\Tasks\AMHelper
2019-07-11 12:48 - 2019-07-11 12:48 - 000001344 _____ C:\Users\Public\Desktop\Zemana AntiMalware.lnk
2019-07-11 12:48 - 2019-07-11 12:48 - 000000000 ____D C:\Users\Daniela\AppData\Local\Zemana
2019-07-11 12:47 - 2019-07-11 12:48 - 000000000 ____D C:\Users\Daniela\AppData\Local\AMSDK
2019-07-11 12:47 - 2019-07-11 12:47 - 000232792 _____ (Copyright 2018.) C:\WINDOWS\system32\Drivers\amsdk.sys
2019-07-11 12:47 - 2019-07-11 12:47 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Zemana AntiMalware
2019-07-11 12:47 - 2019-07-11 12:47 - 000000000 ____D C:\Program Files (x86)\Zemana
2019-07-11 12:45 - 2019-07-11 12:45 - 012668184 _____ (Zemana Ltd. ) C:\Users\Daniela\Desktop\AntiMalware_Setup.exe
2019-07-10 22:47 - 2014-02-13 23:59 - 000024064 _____ C:\WINDOWS\zoek-delete.exe
2019-07-10 21:30 - 2019-07-10 22:32 - 000000000 ____D C:\zoek_backup
2019-07-10 21:29 - 2019-07-10 21:29 - 002038755 _____ C:\Users\Daniela\Desktop\zoek.exe
2019-07-10 12:35 - 2010-06-02 04:55 - 000527192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_7.dll
2019-07-10 12:35 - 2010-06-02 04:55 - 000518488 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_7.dll
2019-07-10 12:35 - 2010-06-02 04:55 - 000239960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_7.dll
2019-07-10 12:35 - 2010-06-02 04:55 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_7.dll
2019-07-10 12:35 - 2010-06-02 04:55 - 000077656 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_5.dll
2019-07-10 12:35 - 2010-06-02 04:55 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_5.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 002526056 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 002401112 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 002106216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 001998168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 001907552 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 001868128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 000511328 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 000470880 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 000276832 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_43.dll
2019-07-10 12:35 - 2010-05-26 11:41 - 000248672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_43.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000530776 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_6.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000528216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_6.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_6.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000176984 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_6.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000078680 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_4.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000074072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_4.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_7.dll
2019-07-10 12:35 - 2010-02-04 10:01 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_7.dll
2019-07-10 12:35 - 2009-09-04 17:44 - 000517960 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_5.dll
2019-07-10 12:35 - 2009-09-04 17:44 - 000515416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_5.dll
2019-07-10 12:35 - 2009-09-04 17:44 - 000238936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_5.dll
2019-07-10 12:35 - 2009-09-04 17:44 - 000176968 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_5.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 005554512 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dcsx_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 005501792 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dcsx_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 002582888 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 001974616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 000523088 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 000285024 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx11_42.dll
2019-07-10 12:35 - 2009-09-04 17:29 - 000235344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx11_42.dll
2019-07-10 12:34 - 2009-09-04 17:44 - 000073544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_3.dll
2019-07-10 12:34 - 2009-09-04 17:44 - 000069464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_3.dll
2019-07-10 12:34 - 2009-09-04 17:29 - 002475352 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_42.dll
2019-07-10 12:34 - 2009-09-04 17:29 - 001892184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_42.dll
2019-07-10 12:34 - 2009-03-16 14:18 - 000521560 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_4.dll
2019-07-10 12:34 - 2009-03-16 14:18 - 000517448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_4.dll
2019-07-10 12:34 - 2009-03-16 14:18 - 000235352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_4.dll
2019-07-10 12:34 - 2009-03-16 14:18 - 000174936 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_4.dll
2019-07-10 12:34 - 2009-03-16 14:18 - 000024920 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_6.dll
2019-07-10 12:34 - 2009-03-16 14:18 - 000022360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_6.dll
2019-07-10 12:34 - 2009-03-09 15:27 - 005425496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_41.dll
2019-07-10 12:34 - 2009-03-09 15:27 - 004178264 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_41.dll
2019-07-10 12:34 - 2009-03-09 15:27 - 002430312 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_41.dll
2019-07-10 12:34 - 2009-03-09 15:27 - 001846632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_41.dll
2019-07-10 12:34 - 2009-03-09 15:27 - 000520544 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_41.dll
2019-07-10 12:34 - 2009-03-09 15:27 - 000453456 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_41.dll
2019-07-10 12:34 - 2008-10-15 06:22 - 002605920 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_40.dll
2019-07-10 12:34 - 2008-10-15 06:22 - 000519000 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_40.dll
2019-07-10 08:37 - 2019-07-10 12:28 - 000000000 ____D C:\ProgramData\RogueKiller
2019-07-10 08:36 - 2019-07-10 08:37 - 034036792 _____ C:\Users\Daniela\Desktop\RogueKiller_portable64.exe
2019-07-09 22:43 - 2019-07-09 22:43 - 000000000 ____D C:\ProgramData\Sophos
2019-07-09 22:42 - 2019-07-09 22:42 - 000002775 _____ C:\Users\Public\Desktop\Sophos Virus Removal Tool.lnk
2019-07-09 22:42 - 2019-07-09 22:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sophos
2019-07-09 22:41 - 2019-07-09 22:41 - 000000000 ____D C:\Program Files (x86)\Sophos
2019-07-09 22:36 - 2019-07-09 22:39 - 206758184 _____ (Sophos Limited) C:\Users\Daniela\Desktop\Sophos Virus Removal Tool.exe
2019-07-09 22:19 - 2019-07-09 22:19 - 001790024 _____ (Malwarebytes) C:\Users\Daniela\Desktop\JRT.exe
2019-07-09 21:58 - 2019-07-09 21:58 - 000001284 _____ C:\Users\Daniela\Desktop\CrystalDiskInfo.lnk
2019-07-09 21:58 - 2019-07-09 21:58 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CrystalDiskInfo
2019-07-09 21:57 - 2019-07-09 21:58 - 000000000 ____D C:\Program Files (x86)\CrystalDiskInfo
2019-07-09 21:56 - 2019-07-09 21:56 - 003946848 _____ (Crystal Dew World ) C:\Users\Daniela\Desktop\CrystalDiskInfo8_2_0.exe
2019-07-09 21:29 - 2019-07-09 22:05 - 000000000 ____D C:\AdwCleaner
2019-07-09 21:25 - 2019-07-09 21:26 - 007025360 _____ (Malwarebytes) C:\Users\Daniela\Desktop\AdwCleaner.exe
2019-07-09 20:56 - 2019-07-09 20:56 - 000448512 _____ (OldTimer Tools) C:\Users\Daniela\Desktop\TFC.exe
2019-07-09 20:49 - 2019-07-09 20:50 - 000050688 _____ (Atribune.org) C:\Users\Daniela\Desktop\ATF-Cleaner.exe
2019-07-09 16:33 - 2019-07-09 16:33 - 000388608 _____ (Trend Micro Inc.) C:\Users\Daniela\Desktop\hijackthis.exe
2019-07-09 16:26 - 2008-10-15 06:22 - 002036576 _____ C:\WINDOWS\SysWOW64\D3DCompiler_40.dll
2019-07-09 16:26 - 2008-10-15 06:22 - 000452440 _____ C:\WINDOWS\SysWOW64\d3dx10_40.dll
2019-07-09 16:25 - 2008-10-15 06:22 - 005631312 _____ C:\WINDOWS\system32\D3DX9_40.dll
2019-07-09 16:25 - 2008-10-15 06:22 - 004379984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_40.dll
2019-07-09 16:24 - 2008-10-27 10:04 - 000518480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_3.dll
2019-07-09 16:24 - 2008-10-27 10:04 - 000514384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_3.dll
2019-07-09 16:24 - 2008-10-27 10:04 - 000074576 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_2.dll
2019-07-09 16:24 - 2008-10-27 10:04 - 000070992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_2.dll
2019-07-09 16:23 - 2008-10-27 10:04 - 000235856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_3.dll
2019-07-09 16:23 - 2008-10-27 10:04 - 000175440 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_3.dll
2019-07-09 16:23 - 2008-10-27 10:04 - 000025936 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_5.dll
2019-07-09 16:23 - 2008-10-27 10:04 - 000023376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_5.dll
2019-07-09 16:22 - 2008-07-31 10:41 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_2.dll
2019-07-09 16:22 - 2008-07-31 10:41 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_2.dll
2019-07-09 16:22 - 2008-07-31 10:41 - 000072200 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_1.dll
2019-07-09 16:22 - 2008-07-31 10:41 - 000068616 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_1.dll
2019-07-09 16:22 - 2008-07-31 10:40 - 000513544 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_2.dll
2019-07-09 16:22 - 2008-07-31 10:40 - 000509448 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_2.dll
2019-07-09 16:22 - 2008-07-10 11:01 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_39.dll
2019-07-09 16:22 - 2008-07-10 11:00 - 004992520 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_39.dll
2019-07-09 16:22 - 2008-07-10 11:00 - 003851784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_39.dll
2019-07-09 16:22 - 2008-07-10 11:00 - 001942552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_39.dll
2019-07-09 16:22 - 2008-07-10 11:00 - 001493528 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_39.dll
2019-07-09 16:22 - 2008-07-10 11:00 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_39.dll
2019-07-09 16:22 - 2008-05-30 14:19 - 000511496 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_1.dll
2019-07-09 16:22 - 2008-05-30 14:19 - 000507400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_1.dll
2019-07-09 16:22 - 2008-05-30 14:18 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_1.dll
2019-07-09 16:22 - 2008-05-30 14:18 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_1.dll
2019-07-09 16:22 - 2008-05-30 14:17 - 000068104 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAPOFX1_0.dll
2019-07-09 16:22 - 2008-05-30 14:17 - 000065032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAPOFX1_0.dll
2019-07-09 16:22 - 2008-05-30 14:17 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_4.dll
2019-07-09 16:22 - 2008-05-30 14:16 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_4.dll
2019-07-09 16:22 - 2008-05-30 14:11 - 004991496 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_38.dll
2019-07-09 16:22 - 2008-05-30 14:11 - 003850760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_38.dll
2019-07-09 16:22 - 2008-05-30 14:11 - 001941528 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_38.dll
2019-07-09 16:22 - 2008-05-30 14:11 - 001491992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_38.dll
2019-07-09 16:22 - 2008-05-30 14:11 - 000540688 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_38.dll
2019-07-09 16:22 - 2008-05-30 14:11 - 000467984 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_38.dll
2019-07-09 16:22 - 2008-03-05 16:04 - 000489480 _____ (Microsoft Corporation) C:\WINDOWS\system32\XAudio2_0.dll
2019-07-09 16:22 - 2008-03-05 16:03 - 000479752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\XAudio2_0.dll
2019-07-09 16:22 - 2008-03-05 16:03 - 000238088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine3_0.dll
2019-07-09 16:22 - 2008-03-05 16:03 - 000177672 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine3_0.dll
2019-07-09 16:22 - 2008-03-05 16:00 - 000028168 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_3.dll
2019-07-09 16:22 - 2008-03-05 16:00 - 000025608 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_3.dll
2019-07-09 16:22 - 2008-03-05 15:56 - 004910088 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DX9_37.dll
2019-07-09 16:22 - 2008-03-05 15:56 - 003786760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DX9_37.dll
2019-07-09 16:22 - 2008-03-05 15:56 - 001860120 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_37.dll
2019-07-09 16:22 - 2008-03-05 15:56 - 001420824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_37.dll
2019-07-09 16:22 - 2008-02-05 23:07 - 000529424 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_37.dll
2019-07-09 16:22 - 2008-02-05 23:07 - 000462864 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_37.dll
2019-07-09 16:22 - 2007-10-22 03:40 - 000411656 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_10.dll
2019-07-09 16:22 - 2007-10-22 03:39 - 000267272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_10.dll
2019-07-09 16:21 - 2007-10-22 03:37 - 000021000 _____ (Microsoft Corporation) C:\WINDOWS\system32\X3DAudio1_2.dll
2019-07-09 16:21 - 2007-10-22 03:37 - 000017928 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\X3DAudio1_2.dll
2019-07-09 16:21 - 2007-10-12 15:14 - 005081608 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_36.dll
2019-07-09 16:21 - 2007-10-12 15:14 - 003734536 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_36.dll
2019-07-09 16:21 - 2007-10-12 15:14 - 002006552 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_36.dll
2019-07-09 16:21 - 2007-10-12 15:14 - 001374232 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_36.dll
2019-07-09 16:21 - 2007-10-02 09:56 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_36.dll
2019-07-09 16:21 - 2007-10-02 09:56 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_36.dll
2019-07-09 16:21 - 2007-07-20 00:57 - 000411496 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_9.dll
2019-07-09 16:21 - 2007-07-20 00:57 - 000267112 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_9.dll
2019-07-09 16:21 - 2007-07-19 18:14 - 005073256 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_35.dll
2019-07-09 16:21 - 2007-07-19 18:14 - 003727720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_35.dll
2019-07-09 16:21 - 2007-07-19 18:14 - 001985904 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_35.dll
2019-07-09 16:21 - 2007-07-19 18:14 - 001358192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_35.dll
2019-07-09 16:21 - 2007-07-19 18:14 - 000508264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_35.dll
2019-07-09 16:21 - 2007-07-19 18:14 - 000444776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_35.dll
2019-07-09 16:21 - 2007-06-20 20:49 - 000409960 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_8.dll
2019-07-09 16:21 - 2007-06-20 20:46 - 000266088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_8.dll
2019-07-09 16:21 - 2007-05-16 16:45 - 004496232 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_34.dll
2019-07-09 16:21 - 2007-05-16 16:45 - 003497832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_34.dll
2019-07-09 16:21 - 2007-05-16 16:45 - 001401200 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_34.dll
2019-07-09 16:21 - 2007-05-16 16:45 - 001124720 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_34.dll
2019-07-09 16:21 - 2007-05-16 16:45 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_34.dll
2019-07-09 16:21 - 2007-05-16 16:45 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_34.dll
2019-07-09 16:21 - 2007-04-04 18:55 - 000403304 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_7.dll
2019-07-09 16:21 - 2007-04-04 18:55 - 000261480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_7.dll
2019-07-09 16:21 - 2007-04-04 18:54 - 000107368 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_3.dll
2019-07-09 16:21 - 2007-04-04 18:53 - 000081768 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_3.dll
2019-07-09 16:21 - 2007-03-15 16:57 - 000506728 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10_33.dll
2019-07-09 15:49 - 2007-03-15 16:57 - 000443752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10_33.dll
2019-07-09 15:49 - 2007-03-12 16:42 - 004494184 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_33.dll
2019-07-09 15:49 - 2007-03-12 16:42 - 003495784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_33.dll
2019-07-09 15:49 - 2007-03-12 16:42 - 001400176 _____ (Microsoft Corporation) C:\WINDOWS\system32\D3DCompiler_33.dll
2019-07-09 15:49 - 2007-03-12 16:42 - 001123696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\D3DCompiler_33.dll
2019-07-09 15:48 - 2007-03-05 12:42 - 000017688 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_1.dll
2019-07-09 15:48 - 2007-03-05 12:42 - 000015128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_1.dll
2019-07-09 15:48 - 2007-01-24 15:27 - 000393576 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_6.dll
2019-07-09 15:48 - 2007-01-24 15:27 - 000255848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_6.dll
2019-07-09 15:48 - 2006-12-08 12:02 - 000251672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_5.dll
2019-07-09 15:48 - 2006-12-08 12:00 - 000390424 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_5.dll
2019-07-09 15:48 - 2006-11-29 13:06 - 004398360 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_32.dll
2019-07-09 15:48 - 2006-11-29 13:06 - 003426072 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_32.dll
2019-07-09 15:48 - 2006-11-29 13:06 - 000469264 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx10.dll
2019-07-09 15:48 - 2006-11-29 13:06 - 000440080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx10.dll
2019-07-09 15:48 - 2006-09-28 16:05 - 003977496 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_31.dll
2019-07-09 15:48 - 2006-09-28 16:05 - 002414360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_31.dll
2019-07-09 15:48 - 2006-09-28 16:05 - 000237848 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_4.dll
2019-07-09 15:48 - 2006-09-28 16:04 - 000364824 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_4.dll
2019-07-09 15:48 - 2006-07-28 09:31 - 000083736 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_2.dll
2019-07-09 15:48 - 2006-07-28 09:30 - 000363288 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_3.dll
2019-07-09 15:48 - 2006-07-28 09:30 - 000236824 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_3.dll
2019-07-09 15:48 - 2006-07-28 09:30 - 000062744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_2.dll
2019-07-09 15:48 - 2006-05-31 07:24 - 000230168 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_2.dll
2019-07-09 15:48 - 2006-05-31 07:22 - 000354072 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_2.dll
2019-07-09 15:48 - 2006-03-31 12:41 - 003927248 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_30.dll
2019-07-09 15:48 - 2006-03-31 12:40 - 002388176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_30.dll
2019-07-09 15:48 - 2006-03-31 12:40 - 000352464 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_1.dll
2019-07-09 15:48 - 2006-03-31 12:39 - 000229584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_1.dll
2019-07-09 15:48 - 2006-03-31 12:39 - 000083664 _____ (Microsoft Corporation) C:\WINDOWS\system32\xinput1_1.dll
2019-07-09 15:48 - 2006-03-31 12:39 - 000062672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xinput1_1.dll
2019-07-09 15:47 - 2006-02-03 08:43 - 003830992 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_29.dll
2019-07-09 15:47 - 2006-02-03 08:43 - 002332368 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_29.dll
2019-07-09 15:47 - 2006-02-03 08:42 - 000355536 _____ (Microsoft Corporation) C:\WINDOWS\system32\xactengine2_0.dll
2019-07-09 15:47 - 2006-02-03 08:42 - 000230096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xactengine2_0.dll
2019-07-09 15:47 - 2006-02-03 08:41 - 000016592 _____ (Microsoft Corporation) C:\WINDOWS\system32\x3daudio1_0.dll
2019-07-09 15:47 - 2006-02-03 08:41 - 000014032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\x3daudio1_0.dll
2019-07-09 15:47 - 2005-12-05 18:09 - 003815120 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_28.dll
2019-07-09 15:47 - 2005-12-05 18:09 - 002323664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_28.dll
2019-07-09 15:47 - 2005-07-22 19:59 - 003807440 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_27.dll
2019-07-09 15:47 - 2005-07-22 19:59 - 002319568 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_27.dll
2019-07-09 15:47 - 2005-05-26 15:34 - 003767504 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_26.dll
2019-07-09 15:47 - 2005-05-26 15:34 - 002297552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_26.dll
2019-07-09 15:47 - 2005-03-18 17:19 - 003823312 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_25.dll
2019-07-09 15:47 - 2005-03-18 17:19 - 002337488 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_25.dll
2019-07-09 15:47 - 2005-02-05 19:45 - 003544272 _____ (Microsoft Corporation) C:\WINDOWS\system32\d3dx9_24.dll
2019-07-09 15:47 - 2005-02-05 19:45 - 002222800 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\d3dx9_24.dll
2019-07-09 11:55 - 2019-07-09 11:55 - 000000000 ____D C:\Users\Daniela\AppData\LocalLow\Red Dot Games
2019-07-09 10:25 - 2019-07-09 10:25 - 000000144 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-07-09 10:23 - 2019-07-09 10:24 - 000000000 ___RD C:\Users\Administrator\OneDrive
2019-07-09 10:23 - 2019-07-09 10:23 - 000003290 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task v2
2019-07-09 10:17 - 2019-07-09 10:17 - 000001417 _____ C:\Users\Administrator\Desktop\Microsoft Edge.lnk
2019-07-09 10:17 - 2019-07-09 10:17 - 000000000 ___HD C:\Users\Administrator\MicrosoftEdgeBackups
2019-07-09 10:17 - 2019-07-09 10:17 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Lenovo
2019-07-09 10:17 - 2019-07-09 10:17 - 000000000 ____D C:\Users\Administrator\AppData\Local\MicrosoftEdge
2019-07-09 10:15 - 2019-07-09 10:15 - 000000000 ___RD C:\Users\Administrator\3D Objects
2019-07-09 10:15 - 2019-07-09 10:15 - 000000000 ____D C:\Users\Administrator\AppData\Local\Publishers
2019-07-09 10:14 - 2019-07-09 10:16 - 000000000 ____D C:\Users\Administrator\AppData\Local\Packages
2019-07-09 10:14 - 2019-07-09 10:14 - 000000020 ___SH C:\Users\Administrator\ntuser.ini
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Šablony
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Soubory cookie
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Poslední
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Okolní tiskárny
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Okolní síť
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Nabídka Start
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Dokumenty
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Documents\Obrázky
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Documents\Hudba
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Documents\Filmy
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\Data aplikací
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programy
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 _SHDL C:\Users\Administrator\AppData\Local\Data aplikací
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 __SHD C:\Users\Administrator\IntelGraphicsProfiles
2019-07-09 10:14 - 2019-07-09 10:14 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Adobe
2019-07-09 10:13 - 2019-07-09 10:24 - 000002434 _____ C:\Users\Administrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-09 10:13 - 2013-02-04 08:18 - 000000189 _____ C:\Users\Administrator\Desktop\Lenovo Telephony Start Now.url
2019-07-09 10:12 - 2019-07-09 10:23 - 000000000 ____D C:\Users\Administrator
2019-07-09 10:12 - 2016-09-28 20:11 - 000000000 ____D C:\Users\Administrator\AppData\Roaming\Macromedia
2019-07-08 22:27 - 2019-07-08 22:28 - 000000000 ____D C:\Program Files\CCleaner
2019-07-08 22:27 - 2019-07-08 22:27 - 000003936 _____ C:\WINDOWS\System32\Tasks\CCleaner Update
2019-07-08 22:27 - 2019-07-08 22:27 - 000002876 _____ C:\WINDOWS\System32\Tasks\CCleanerSkipUAC
2019-07-08 22:27 - 2019-07-08 22:27 - 000000874 _____ C:\Users\Public\Desktop\CCleaner.lnk
2019-07-08 22:27 - 2019-07-08 22:27 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2019-07-08 22:22 - 2019-07-08 22:22 - 020650160 _____ (Piriform Software Ltd) C:\Users\Daniela\Desktop\ccsetup559.exe
2019-07-08 21:51 - 2019-07-08 21:51 - 000001923 _____ C:\Users\Public\Desktop\Malwarebytes.lnk
2019-07-08 21:51 - 2019-07-08 21:51 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes
2019-07-08 21:51 - 2019-07-08 21:51 - 000000000 ____D C:\Program Files\Malwarebytes
2019-07-08 21:51 - 2018-04-26 05:36 - 000152184 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbae64.sys
2019-07-08 21:50 - 2019-07-08 21:50 - 000000000 ____D C:\ProgramData\MB2Migration
2019-07-08 19:32 - 2019-07-12 16:48 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox

==================== One month (modified) ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2019-07-12 16:53 - 2018-04-12 01:38 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-07-12 16:49 - 2018-07-13 17:44 - 000000000 ____D C:\Program Files (x86)\Steam
2019-07-12 16:44 - 2016-07-29 05:59 - 000000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
2019-07-12 16:39 - 2018-07-15 15:02 - 000000000 ____D C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
2019-07-12 16:24 - 2018-04-12 01:30 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-07-12 16:22 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-07-12 16:21 - 2018-04-12 01:38 - 000000000 ___HD C:\Program Files\WindowsApps
2019-07-12 15:27 - 2018-06-15 01:15 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-07-12 13:52 - 2014-10-15 16:36 - 000000000 ____D C:\Users\Daniela\AppData\Local\CrashDumps
2019-07-12 13:49 - 2014-09-02 03:04 - 000000000 __SHD C:\Users\Daniela\IntelGraphicsProfiles
2019-07-12 13:48 - 2018-07-19 10:19 - 000000000 ____D C:\Program Files (x86)\TeamViewer
2019-07-12 13:48 - 2018-06-15 01:57 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-07-12 13:47 - 2018-04-11 23:04 - 000786432 _____ C:\WINDOWS\system32\config\BBI
2019-07-11 23:33 - 2018-06-15 01:57 - 000004200 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{D9436454-D7E1-452F-8723-9497D5BBA354}
2019-07-11 00:46 - 2019-06-10 19:23 - 000002420 _____ C:\Users\Daniela\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-07-11 00:46 - 2018-06-15 01:57 - 000003368 _____ C:\WINDOWS\System32\Tasks\OneDrive Standalone Update Task-S-1-5-21-3912289609-2614299189-3837706224-1001
2019-07-11 00:46 - 2016-07-29 06:03 - 000000000 ___RD C:\Users\Daniela\OneDrive
2019-07-10 22:09 - 2015-01-06 19:58 - 000741432 ____N (Microsoft Corporation) C:\WINDOWS\system32\MpSigStub.exe
2019-07-09 22:05 - 2017-09-29 15:46 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-07-09 21:14 - 2018-06-15 01:24 - 000000000 ____D C:\Users\Daniela
2019-07-09 21:10 - 2014-09-01 14:34 - 000000000 ____D C:\WINDOWS\system32\MRT
2019-07-09 21:04 - 2014-09-01 14:34 - 136618864 ____C (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2019-07-09 20:38 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\LiveKernelReports
2019-07-09 16:34 - 2014-09-02 03:04 - 000000000 ____D C:\Users\Daniela\AppData\Local\VirtualStore
2019-07-09 10:40 - 2018-07-13 12:42 - 000000063 _____ C:\WINDOWS\SIERRA.INI
2019-07-09 10:40 - 2018-07-13 12:42 - 000000000 ____D C:\Sierra
2019-07-09 10:40 - 2018-07-13 12:42 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sierra
2019-07-09 10:40 - 2014-05-20 11:50 - 000000000 ___HD C:\Program Files (x86)\InstallShield Installation Information
2019-07-09 10:37 - 2018-07-13 12:31 - 000028400 _____ C:\WINDOWS\SysWOW64\Drivers\SECDRV.SYS
2019-07-09 10:18 - 2014-05-20 12:39 - 000001149 _____ C:\Users\Public\Desktop\Cyberlink Power2Go.lnk
2019-07-09 10:15 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-07-08 23:31 - 2018-04-12 01:36 - 000000000 ____D C:\WINDOWS\INF
2019-07-08 23:28 - 2016-06-21 15:53 - 000000000 ____D C:\Program Files (x86)\Google
2019-07-08 23:01 - 2017-10-09 19:06 - 000000000 ____D C:\Program Files\UNP
2019-07-08 22:45 - 2019-06-01 19:04 - 000000000 ____D C:\WINDOWS\Minidump
2019-07-08 22:45 - 2018-05-29 20:14 - 000000000 ___DC C:\WINDOWS\Panther
2019-07-08 21:51 - 2016-06-18 12:16 - 000000000 ____D C:\ProgramData\Malwarebytes
2019-07-08 21:22 - 2018-01-26 09:18 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-07-08 21:21 - 2017-10-09 19:06 - 000000000 ____D C:\Program Files\rempl
2019-07-08 19:57 - 2018-07-18 13:26 - 000002457 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2019-07-02 09:28 - 2014-05-20 12:48 - 000000000 ____D C:\ProgramData\Energy Manager

==================== FLock ================

2018-04-10 07:18 C:\WINDOWS\UpdateAssistant

==================== SigCheck ===============================

(There is no automatic fix for files that do not pass verification.)

==================== End of FRST.txt ============================

Skytech
Level 1
Level 1
Příspěvky: 95
Registrován: červen 14
Pohlaví: Muž
Stav:
Offline

Re: Problem s notebookem - log hijackthis

Příspěvekod Skytech » 12 črc 2019 17:06

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 10-07-2019
Ran by Daniela (12-07-2019 16:57:16)
Running from C:\Users\Daniela\Desktop
Windows 10 Home Version 1803 17134.590 (X64) (2018-06-14 23:59:57)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-3912289609-2614299189-3837706224-500 - Administrator - Disabled) => C:\Users\Administrator
Daniela (S-1-5-21-3912289609-2614299189-3837706224-1001 - Administrator - Enabled) => C:\Users\Daniela
DefaultAccount (S-1-5-21-3912289609-2614299189-3837706224-503 - Limited - Disabled)
Guest (S-1-5-21-3912289609-2614299189-3837706224-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3912289609-2614299189-3837706224-1003 - Limited - Enabled)
WDAGUtilityAccount (S-1-5-21-3912289609-2614299189-3837706224-504 - Limited - Disabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 19.012.20035 - Adobe Systems Incorporated)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 22.0.0.153 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 5.59 - Piriform)
Conexant HD Audio (HKLM\...\CNXT_AUDIO_HDA) (Version: 8.65.55.62 - Conexant)
CrystalDiskInfo 8.2.0 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.2.0 - Crystal Dew World)
CyberLink PhotoDirector 3 (HKLM-x32\...\InstallShield_{39337565-330E-4ab6-A9AE-AC81E0720B10}) (Version: 3.0.1.4107 - CyberLink Corp.)
CyberLink PowerDirector 10 (HKLM\...\{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.) Hidden
CyberLink PowerDirector 10 (HKLM-x32\...\InstallShield_{B0B4F6D2-F2AE-451A-9496-6F2F6A897B32}) (Version: 10.0.0.2810 - CyberLink Corp.)
Dolby Digital Plus Advanced Audio (HKLM\...\{B0BFC63F-EA07-419E-960B-3FB2ED5DD0B2}) (Version: 7.5.1.1 - Dolby Laboratories Inc)
ELAN Touchpad 11.15.0.18_X64 (HKLM\...\Elantech) (Version: 11.15.0.18 - ELAN Microelectronic Corp.)
Energy Manager (HKLM-x32\...\{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo) Hidden
Energy Manager (HKLM-x32\...\InstallShield_{AC768037-7079-4658-AC24-2897650E0ABE}) (Version: 1.5.0.17 - Lenovo)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3496 - Intel Corporation)
Intel(R) Sideband Fabric Device Driver (HKLM-x32\...\C5A8BC6E-723A-4C0F-96E1-C426D1A4BCA9) (Version: 1.0.0.1002 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 1.0.0.1050 - Intel Corporation)
Lenovo EasyCamera (HKLM-x32\...\{E0A7ED39-8CD6-4351-93C3-69CCA00D12B4}) (Version: 6.2.9200.10260 - Realtek Semiconductor Corp.)
Lenovo EasyCamera (HKLM-x32\...\{E399A5B3-ED53-4DEA-AF04-8011E1EB1EAC}) (Version: 6.3.9600.11105 - Realtek Semiconductor Corp.)
Lenovo OneKey Recovery (HKLM\...\{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.) Hidden
Lenovo OneKey Recovery (HKLM-x32\...\InstallShield_{46F4D124-20E5-4D12-BE52-EC177A7A4B42}) (Version: 8.1.0.2326 - CyberLink Corp.)
Lenovo PhoneCompanion (HKLM-x32\...\{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo) Hidden
Lenovo PhoneCompanion (HKLM-x32\...\InstallShield_{0F82EA83-B0C5-4AB9-9695-DFE92C5FD57B}) (Version: 1.2.0.0 - Lenovo)
Lenovo PowerDVD10 (HKLM-x32\...\{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.) Hidden
Lenovo PowerDVD10 (HKLM-x32\...\InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}) (Version: 10.0.5630.52 - CyberLink Corp.)
Lenovo Solution Center (HKLM\...\{AB46AC6D-3E9A-4484-8061-64FF10301B41}) (Version: 3.3.002.00 - Lenovo)
Malwarebytes verze 3.5.1.2522 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 3.5.1.2522 - Malwarebytes)
Maxthon Cloud Browser (HKLM-x32\...\Maxthon3) (Version: 4.1.3.5000 - Maxthon International Limited)
Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
Microsoft Office Standard 2007 (HKLM-x32\...\STANDARDR) (Version: 12.0.4518.1014 - Microsoft Corporation)
Microsoft OneDrive (HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\OneDriveSetup.exe) (Version: 19.103.0527.0003 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.24212 (HKLM-x32\...\{323dad84-0974-4d90-a1c1-e006c7fdbb7d}) (Version: 14.0.24212.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Mozilla Firefox 56.0 (x86 cs) (HKLM-x32\...\Mozilla Firefox 56.0 (x86 cs)) (Version: 56.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 56.0.0.6478 - Mozilla)
Origin (HKLM-x32\...\Origin) (Version: 10.5.30.15625 - Electronic Arts, Inc.)
Pomocník s aktualizací Windows 10 (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22395 - Microsoft Corporation)
Power2Go (HKLM-x32\...\{40BF1E83-20EB-11D8-97C5-0009C5020658}) (Version: 5.6.0.10525 - CyberLink Corp.)
Qualcomm Atheros Bluetooth Suite (64) (HKLM\...\{A84A4FB1-D703-48DB-89E0-68B6499D2801}) (Version: 8.0.1.308 - Qualcomm Atheros Communications)
Qualcomm Atheros Client Installation Program (HKLM-x32\...\{28006915-2739-4EBE-B5E8-49B25D32EB33}) (Version: 10.0 - Qualcomm Atheros)
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9600.39053 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.20.815.2013 - Realtek)
Sophos Virus Removal Tool (HKLM-x32\...\{B829E117-D072-41EA-9606-9826A38D34C1}) (Version: 2.7.0 - Sophos Limited)
TeamViewer 13 (HKLM-x32\...\TeamViewer) (Version: 13.1.3629 - TeamViewer)
TP-LINK TL-WN721N_TL-WN722N Driver (HKLM-x32\...\{38A1E3ED-D913-41D2-9953-A93D5ACE3ADF}) (Version: 1.3.1 - TP-LINK)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{F14FB68A-9188-4036-AD0D-D054BC9C9291}) (Version: 2.59.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM\...\{F3874F6F-EA00-487D-BEAD-5FAA010E78F2}) (Version: 1.15.0.0 - Microsoft Corporation) Hidden
User Manuals (HKLM-x32\...\{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo) Hidden
User Manuals (HKLM-x32\...\InstallShield_{F07C2CF8-4C53-4EC3-8162-A6221E36EB88}) (Version: 3.0.0.3 - Lenovo)
Windows Driver Package - Lenovo (ACPIVPC) System (09/24/2013 19.29.2.34) (HKLM\...\EE9B1F2037C580F36D92FA431CC02BFF04C31F15) (Version: 09/24/2013 19.29.2.34 - Lenovo)
Windows Driver Package - Lenovo (WUDFRd) LenovoVhid (07/25/2013 10.30.0.288) (HKLM\...\6BCA401E9CBEED970D75F55FA5320F60D11984E9) (Version: 07/25/2013 10.30.0.288 - Lenovo)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Zemana AntiMalware verze 3.1.358 (HKLM-x32\...\{4E1F3677-C72E-4F7D-B66E-85467B1A289E}_is1) (Version: 3.1.358 - Zemana)

Packages:
=========
AccuWeather - Weather for Life -> C:\Program Files\WindowsApps\AccuWeather.AccuWeatherforWindows8_10.0.348.1000_x64__8zz2pj9h1h1d8 [2018-04-18] (AccuWeather) [MS Ad]
Camera Man -> C:\Program Files\WindowsApps\E0469640.CameraMan_1.0.1929.30229_x86__5grkq8ppsgwt4 [2014-09-01] (LENOVO INC)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.143.600.0_x86__kgqvnymyfvs32 [2019-07-10] (king.com)
Evernote -> C:\Program Files\WindowsApps\Evernote.Evernote_6.19.8555.0_x86__q4d96b2w5wcc2 [2019-07-08] (Evernote)
Hightail for Lenovo -> C:\Program Files\WindowsApps\YouSendIt.HighTailForLenovo_1.3.0.1278_neutral__069rkrpjefrbc [2014-09-01] (Hightail)
Lenovo Support -> C:\Program Files\WindowsApps\E046963F.LenovoSupport_2.0.5.0_x86__k1h2ywk1493x8 [2015-01-22] (Lenovo, INC.)
Lenovo Vantage -> C:\Program Files\WindowsApps\E046963F.LenovoCompanion_4.27.32.0_x86__k1h2ywk1493x8 [2019-03-27] (LENOVO INC.)
Live TV -> C:\Program Files\WindowsApps\FilmOnLiveTVFree.FilmOnLiveTVFree_1.3.6.115_x64__zx03kxexxb716 [2014-09-01] (FilmOn TV Inc.)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
Microsoft Průvodce pro telefon -> C:\Program Files\WindowsApps\Microsoft.WindowsPhone_10.1802.311.0_x64__8wekyb3d8bbwe [2018-04-09] (Microsoft Corporation)
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.6132.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Studios) [MS Ad]
Microsoft Telefon -> C:\Program Files\WindowsApps\Microsoft.CommsPhone_3.43.20002.1000_x64__8wekyb3d8bbwe [2018-09-20] (Microsoft Corporation)
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.31.11723.0_x64__8wekyb3d8bbwe [2019-07-08] (Microsoft Corporation) [MS Ad]
MSN Cestování -> C:\Program Files\WindowsApps\Microsoft.BingTravel_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Gurmánský svět -> C:\Program Files\WindowsApps\Microsoft.BingFoodAndDrink_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.29.10701.0_x64__8wekyb3d8bbwe [2019-03-22] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.28.10351.0_x64__8wekyb3d8bbwe [2019-02-13] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.28.3242.0_x64__8wekyb3d8bbwe [2018-12-17] (Microsoft Corporation) [MS Ad]
MSN Zdraví a fitness -> C:\Program Files\WindowsApps\Microsoft.BingHealthAndFitness_3.0.4.336_x64__8wekyb3d8bbwe [2015-07-14] (Microsoft Corporation) [MS Ad]
Phone Companion -> C:\Program Files\WindowsApps\E0469640.DeviceCollaboration_2.0.0.9_x64__5grkq8ppsgwt4 [2014-09-01] (LENOVO INC)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.11629.20316.0_x64__8wekyb3d8bbwe [2019-07-10] (Microsoft Corporation) [MS Ad]
PowerDVD for Lenovo Idea -> C:\Program Files\WindowsApps\CyberLinkCorp.id.PowerDVDforLenovoIdea_1.1.2618.24808_x86__hgg5mn3xps74a [2014-09-01] (CYBERLINK COM CORPORATION)
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-20] (Twitter Inc.)
Zinio -> C:\Program Files\WindowsApps\ZinioLLC.Zinio_2.1.0.317_x64__0q6dqzpp40p2e [2014-09-01] (Zinio LLC)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-3912289609-2614299189-3837706224-1001_Classes\CLSID\{820D63D5-8CFF-46DE-86AF-4997DEDD6DB5}\localserver32 -> C:\WINDOWS\system32\igfxEM.exe (Intel(R) pGFX -> Intel Corporation)
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers1: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-07-08] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers3: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => -> No File
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2016-05-03] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [2.0 Zemana AntiMalware] -> {6ABB1C11-E261-4CEA-BBB5-3836225689DD} => C:\Program Files (x86)\Zemana\AntiMalware\AM_ShellExt64.dll [2019-07-08] (Zemana D.O.O. Sarajevo -> Advanced Malware Protection. Copyright 2019.)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2018-05-09] (Malwarebytes Corporation -> Malwarebytes)

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2014-05-20 12:44 - 2014-05-20 12:44 - 000815104 _____ () [File not signed] C:\Program Files\Lenovo PhoneCompanion\adb.exe
2013-10-30 06:59 - 2013-10-30 06:59 - 000323584 _____ (Atheros) [File not signed] C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
2014-05-20 12:44 - 2014-05-20 12:44 - 000096256 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinApi.dll
2014-05-20 12:44 - 2014-05-20 12:44 - 000060928 _____ (Google, inc) [File not signed] C:\Program Files\Lenovo PhoneCompanion\AdbWinUsbApi.dll
2013-07-02 05:08 - 2013-07-02 05:08 - 000733696 _____ (Intel(R) Corporation) [File not signed] C:\Program Files\Intel\TXE Components\TCS\HeciServer.exe
2014-05-20 12:39 - 2014-05-20 12:39 - 000348160 ____N (Microsoft Corporation) [File not signed] C:\Program Files (x86)\Lenovo\PowerDVD10\MSVCR71.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\amsdk.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2019-07-10 21:40 - 000000841 _____ C:\WINDOWS\system32\drivers\etc\hosts

127.0.0.1 localhost

==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\Control Panel\Desktop\\Wallpaper -> C:\windows\Web\Wallpaper\Lenovo\LenovoWallPaper.jpg
DNS Servers: 10.0.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is disabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

If an entry is included in the fixlist, it will be removed.

HKLM\...\StartupApproved\Run32: => "mcpltui_exe"
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\StartupApproved\Run: => "EADM"
HKU\S-1-5-21-3912289609-2614299189-3837706224-1001\...\StartupApproved\Run: => "Application Restart #2"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{0DCD941E-AED7-4B3E-8E6F-89481CD78699}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{4445529E-A1BE-40AA-B0A2-0C287333A267}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{5ED1292B-8EAE-42CF-A360-F13D7BF8BC77}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{A6134D7D-4380-48CC-BB9F-C281D674DBAE}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{3BA30975-C62C-4E87-B271-805EBB597838}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\Maxthon.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{B1DEAC73-033B-4B80-80E7-735CF29A262A}] => (Allow) C:\Program Files (x86)\Maxthon\Bin\MxUp.exe (Maxthon (Asia) Limited. -> Maxthon International ltd.)
FirewallRules: [{6CDCF501-F0EC-4BB5-9BD6-FFC015C5CA41}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{34195C5F-6EFF-4305-ADDC-7B5BE4278932}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{2B07AE1D-A7B7-43AD-B8B3-0D0BD5061B67}] => (Allow) C:\Program Files\CyberLink\PowerDirector10\PDR10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{9843725B-7BA2-41F5-ADC9-164EEB6DA869}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD Cinema\PowerDVDCinema10.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{DCC505D2-2BF9-4640-886D-620F87D1E332}] => (Allow) C:\Program Files (x86)\Lenovo\PowerDVD10\PowerDVD10.EXE (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{F6399429-DFA4-4176-A829-382BB2BCB7B2}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [{F17BC138-25CA-4860-A036-911A18B07A58}] => (Allow) C:\Program Files\Common Files\mcafee\platform\McSvcHost\McSvHost.exe No File
FirewallRules: [TCP Query User{8A7E0DBD-0886-43C6-B534-52E27C470C19}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [UDP Query User{D78E579C-7DF8-4107-96BE-90AA9F76FE57}C:\program files (x86)\skype\phone\skype.exe] => (Allow) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{776593CD-E45A-46F2-A77A-55A181EC71DC}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe No File
FirewallRules: [TCP Query User{F8C37C1E-C124-48DE-A0E7-51083ED3795C}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [UDP Query User{17AFA010-49C4-4331-B9F1-6DCF8330BC5E}C:\program files (x86)\kodi\kodi.exe] => (Allow) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{72078B93-31EF-4A97-8CCA-D68C496F9E74}] => (Block) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [{5DFAA8C2-C18C-4148-9444-4700E7DA686B}] => (Block) C:\program files (x86)\kodi\kodi.exe No File
FirewallRules: [TCP Query User{6C61E7CD-A359-4B51-A123-5C348F064239}C:\sierra\empire earth - the art of conquest\ee-aoc.exe] => (Allow) C:\sierra\empire earth - the art of conquest\ee-aoc.exe No File
FirewallRules: [UDP Query User{734314F0-6E3B-413B-AD3F-19F77229C0C1}C:\sierra\empire earth - the art of conquest\ee-aoc.exe] => (Allow) C:\sierra\empire earth - the art of conquest\ee-aoc.exe No File
FirewallRules: [{247CC686-144B-4ADF-BCDD-468D070A0E5F}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{9DFC0C8B-0DA3-4EFE-AD5D-D82CFBE918BE}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe No File
FirewallRules: [{4530ED9A-365A-4843-8A0F-F1D45FBFBB2E}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{DF7524B8-4161-4739-8A1A-0B77E9AD8EC9}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7\steamwebhelper.exe No File
FirewallRules: [{CF0B9323-2FA3-4250-AA16-8DD454448533}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{41D2F38C-C7D0-4F8A-8588-85100B653A27}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{8C3427F5-4AD5-4C6E-9B8A-B2583C7C663B}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{420A72FA-F6D0-4E74-ABC9-67D1C655AEA7}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe (TeamViewer GmbH -> TeamViewer GmbH)
FirewallRules: [{4C57DF05-EC9B-47C3-A18E-FC774D71195A}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File
FirewallRules: [{3BCAE81B-DB81-44F7-9CBE-313E64EC54ED}] => (Allow) C:\Program Files (x86)\Steam\bin\cef\cef.win7x64\steamwebhelper.exe No File

==================== Restore Points =========================

09-07-2019 22:24:05 JRT Pre-Junkware Removal

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (07/12/2019 03:45:21 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.17134.1, časové razítko: 0x22d334aa
Název chybujícího modulu: combase.dll, verze: 10.0.17134.523, časové razítko: 0x28000460
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b5d10
ID chybujícího procesu: 0x22dc
Čas spuštění chybující aplikace: 0x01d538b0c09f6e45
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: bee461ae-b79e-4d09-a5e0-59713e86fec3
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/12/2019 01:50:11 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamtray.exe, verze: 3.0.0.1490, časové razítko: 0x5aeb302a
Název chybujícího modulu: Qt5Core.dll, verze: 5.6.3.0, časové razítko: 0x5a61293e
Kód výjimky: 0xc0000005
Posun chyby: 0x0018e4f3
ID chybujícího procesu: 0x1378
Čas spuštění chybující aplikace: 0x01d538a7c6b74a25
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
Cesta k chybujícímu modulu: C:\Program Files\Malwarebytes\Anti-Malware\Qt5Core.dll
ID zprávy: 344d662d-0c54-43b2-8cc8-f372cdd4f9e2
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/11/2019 10:12:05 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.17134.1, časové razítko: 0x22d334aa
Název chybujícího modulu: combase.dll, verze: 10.0.17134.523, časové razítko: 0x28000460
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b5d10
ID chybujícího procesu: 0xd4
Čas spuštění chybující aplikace: 0x01d537b7e0db22a7
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: f50f9eb0-667f-4bca-8f16-52a7de0ef89a
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/11/2019 09:58:13 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: mbamservice.exe, verze: 3.1.0.667, časové razítko: 0x5ad8e0a1
Název chybujícího modulu: ntdll.dll, verze: 10.0.17134.556, časové razítko: 0x74bed8b0
Kód výjimky: 0xc0000005
Posun chyby: 0x0000000000024989
ID chybujícího procesu: 0xadc
Čas spuštění chybující aplikace: 0x01d537b18fd6e755
Cesta k chybující aplikaci: C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
Cesta k chybujícímu modulu: C:\WINDOWS\SYSTEM32\ntdll.dll
ID zprávy: 9e15aee9-dffd-429f-aca1-8c56749e19a6
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/10/2019 09:37:43 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: DaS_21.exe, verze: 2.1.0.4, časové razítko: 0x540c90b2
Název chybujícího modulu: KERNELBASE.dll, verze: 10.0.17134.556, časové razítko: 0xb9f4a0f1
Kód výjimky: 0xe0434352
Posun chyby: 0x000000000003a388
ID chybujícího procesu: 0x2124
Čas spuštění chybující aplikace: 0x01d53756ee0eb0b8
Cesta k chybující aplikaci: C:\Users\Daniela\AppData\Local\Temp\DaS_21.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\KERNELBASE.dll
ID zprávy: 7a9483d1-c17d-4746-900a-a0e357c861d7
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/10/2019 09:37:41 PM) (Source: .NET Runtime) (EventID: 1026) (User: )
Description: Aplikace: DaS_21.exe
Verze Framework: v4.0.30319
Popis: Proces byl ukončen z důvodu neošetřené výjimky.
Informace o výjimce: System.IO.IOException
na System.IO.__Error.WinIOError(Int32, System.String)
na System.Console.SetWindowSize(Int32, Int32)
na DriverAndServicesOut.Program.Main(System.String[])

Error: (07/10/2019 11:27:16 AM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wuauclt.exe, verze: 10.0.17134.1, časové razítko: 0x22d334aa
Název chybujícího modulu: combase.dll, verze: 10.0.17134.523, časové razítko: 0x28000460
Kód výjimky: 0xc0000005
Posun chyby: 0x00000000000b5d10
ID chybujícího procesu: 0xff8
Čas spuštění chybující aplikace: 0x01d536f15b47aa16
Cesta k chybující aplikaci: C:\WINDOWS\system32\wuauclt.exe
Cesta k chybujícímu modulu: C:\WINDOWS\System32\combase.dll
ID zprávy: 543e8075-fc54-40bc-9389-6b0ca7aeb2d0
Úplný název chybujícího balíčku:
ID aplikace související s chybujícím balíčkem:

Error: (07/09/2019 10:24:41 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.

Details:
AddLegacyDriverFiles: Unable to back up image of binary Protokol Microsoft LLDP (Link-Layer Discovery Protocol).

System Error:
Přístup byl odepřen.
.


System errors:
=============
Error: (07/12/2019 03:45:29 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x800f0900): 2019-07 Kumulativní aktualizace pro Windows 10 Version 1803 pro systémy typu x64 (KB4507435).

Error: (07/12/2019 01:55:49 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Správce stažených map přestala během spouštění reagovat.

Error: (07/12/2019 01:55:06 PM) (Source: DCOM) (EventID: 10016) (User: Dana_PC)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{D63B10C5-BB46-4990-A94F-E40B9D520160}
a APPID
{9CA88EE3-ACB7-47C8-AFC4-AB702511C276}
uživateli Dana_PC\Daniela (SID: S-1-5-21-3912289609-2614299189-3837706224-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/12/2019 01:53:43 PM) (Source: Service Control Manager) (EventID: 7022) (User: )
Description: Služba Optimalizace doručení přestala během spouštění reagovat.

Error: (07/12/2019 01:52:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscDataProtection
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/12/2019 01:52:28 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Spuštění pro serverovou aplikaci COM s identifikátorem CLSID
Windows.SecurityCenter.WscBrokerManager
a APPID
Není k dispozici
uživateli NT AUTHORITY\SYSTEM (SID: S-1-5-18) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.

Error: (07/12/2019 01:48:47 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Origin Web Helper Service neuspěla při spuštění v důsledku následující chyby:
Služba neodpověděla na řídicí nebo zahajovací požadavek dostatečně včas.

Error: (07/12/2019 01:48:47 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
Description: Při čekání na připojení služby Origin Web Helper Service bylo dosaženo časového limitu (30000 ms).


Windows Defender:
===================================
Date: 2019-07-10 10:41:30.084
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {81B79112-DFA8-42D4-A2BB-4960E97D793C}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-07-02 21:02:16.711
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {E7DC4DF7-1DA4-4891-A34F-1EAB79450986}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: Dana_PC\Daniela

Date: 2019-06-14 09:45:18.812
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {46165733-E5BA-4BA8-9C26-70DF8A0A1215}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-14 09:35:12.599
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {44FF6DAD-3BA3-4936-9D24-7D705B1239C7}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM

Date: 2019-06-12 11:12:02.313
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4FB82BB3-3919-4EC0-8D22-28BA17F9AD8B}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: Dana_PC\Daniela

Date: 2019-07-08 19:51:35.254
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.290.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070643
Popis chyby :Při instalaci došlo k závažné chybě.

Date: 2019-07-03 11:10:16.407
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.723.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16000.6
Kód chyby: 0x80070102
Popis chyby :Vypršel časový limit operace čekání.

Date: 2019-06-16 09:58:11.082
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.723.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16000.6
Kód chyby: 0x80240016
Popis chyby :Při zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.

Date: 2019-06-11 09:07:22.145
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.449.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16000.6
Kód chyby: 0x80070425
Popis chyby :Služba nyní nemůže přijímat řídicí zprávy.

Date: 2019-06-11 09:07:22.143
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.449.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16000.6
Kód chyby: 0x80070425
Popis chyby :Služba nyní nemůže přijímat řídicí zprávy.

CodeIntegrity:
===================================

Date: 2019-07-09 17:03:27.951
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 17:03:27.951
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 10:17:33.377
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 10:17:33.377
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 10:17:28.390
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 10:17:28.168
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 10:17:17.226
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

Date: 2019-07-09 10:17:13.824
Description:
Code Integrity determined that a process (\Device\HarddiskVolume5\Windows\SystemApps\Microsoft.MicrosoftEdge_8wekyb3d8bbwe\MicrosoftEdgeCP.exe) attempted to load \Device\HarddiskVolume5\Program Files\Malwarebytes\Anti-Malware\mbae64.dll that did not meet the Store signing level requirements.

==================== Memory info ===========================

BIOS: LENOVO A7CN25WW 04/28/2014
Motherboard: LENOVO Lancer 5A6
Processor: Intel(R) Celeron(R) CPU N2830 @ 2.16GHz
Percentage of memory in use: 77%
Total physical RAM: 1931.21 MB
Available physical RAM: 439.3 MB
Total Virtual: 3593.35 MB
Available Virtual: 1720.32 MB

==================== Drives ================================

Drive c: (Windows8_OS) (Fixed) (Total:257.4 GB) (Free:199.12 GB) NTFS ==>[system with boot components (obtained from drive)]
Drive d: (LENOVO) (Fixed) (Total:25 GB) (Free:22.97 GB) NTFS

\\?\Volume{62a78d59-1c67-4db0-9f74-b9debe6b1d24}\ (WINRE_DRV) (Fixed) (Total:0.98 GB) (Free:0.72 GB) NTFS
\\?\Volume{1a55c41f-dc82-445f-b323-fdbbbeeaecdf}\ (PBR_DRV) (Fixed) (Total:13.35 GB) (Free:3.07 GB) NTFS
\\?\Volume{79930703-ff38-4c1c-9f50-dfa15a0497d1}\ (SYSTEM_DRV) (Fixed) (Total:0.25 GB) (Free:0.22 GB) FAT32

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 298.1 GB) (Disk ID: 9806CE7B)

Partition: GPT.

==================== End of Addition.txt ============================


Zpět na “HiJackThis”

Kdo je online

Uživatelé prohlížející si toto fórum: Žádní registrovaní uživatelé a 10 hostů