Dobrý den , prosím o pomoc .
Stále se mi objevuje reklama v rohu obrazovky , nemohu se jí zbavit . Podle různých návodů jsem smazal co se dalo, ale nepomohlo to .
Ještě jednou prosím o pomoc se toho zbavit , předem děkuji za každou radu.
Logfile of random's system information tool 1.10 (written by random/random)
Run by Bohouš at 2019-10-03 20:25:08
Microsoft Windows 10 Home
System drive C: has 421 GB (88%) free of 477 GB
Total RAM: 4011 MB (35% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 20:25:16, on 03.10.2019
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.17763.0592)
Boot mode: Normal
Running processes:
C:\Users\Bohouš\AppData\Local\Microsoft\BingSvc\BingSvc.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
C:\Program Files (x86)\Acer\abDocs\abDocsDllLoaderMonitor.exe
C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
C:\Users\BOHOU~2\AppData\Local\Temp\scoped_dir6596_928949797\RSIT.exe
C:\Program Files (x86)\trend micro\Bohouš.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://acer15.msn.com/?pc=ACTE
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://acer15.msn.com/?pc=ACTE
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=C:\WINDOWS\system32\userinit.exe
O2 - BHO: The Amazon Assistant for Internet Explorer - {0ddcea2a-7b00-4349-8acb-af7ba6da251f} - mscoree.dll (file missing)
O4 - HKLM\..\Run: [abDocsDllLoader] C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe
O4 - HKLM\..\Run: [isa] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\Bohouš\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [BingSvc] C:\Users\Bohouš\AppData\Local\Microsoft\BingSvc\BingSvc.exe
O4 - HKUS\S-1-5-19\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [OneDriveSetup] C:\Windows\SysWOW64\OneDriveSetup.exe /thfirstsetup (User 'NETWORK SERVICE')
O4 - Global Startup: $McRebootA5E6DEAA56$.lnk = ?
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: Amazon Assistant Service - Unknown owner - C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe
O23 - Service: aswbIDSAgent - AVAST Software - C:\Program Files\AVAST Software\Avast\aswidsagent.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files (x86)\Bonjour\mDNSResponder.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopapp) (bookingdesktopapp) - bookingDesktopApp. - C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: bookingDesktopApp Update Service (bookingdesktopappm) (bookingdesktopappm) - bookingDesktopApp. - C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
O23 - Service: CCDMonitorService - Acer Incorporated - C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe
O23 - Service: @%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000 (diagnosticshub.standardcollector.service) - Unknown owner - C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: Energy Server Service WILLAMETTE (ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: GamesAppIntegrationService - WildTangent - C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe
O23 - Service: GamesAppService - WildTangent, Inc. - C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) - Google LLC - C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe
O23 - Service: Služba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) HD Graphics Control Panel Service (igfxCUIService2.0.0.0) - Unknown owner - C:\WINDOWS\system32\igfxCUIService.exe (file missing)
O23 - Service: Intel(R) Capability Licensing Service TCP IP Interface - Intel(R) Corporation - C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe
O23 - Service: Intel(R) Security Assist - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
O23 - Service: Intel(R) Security Assist Helper (isaHelperSvc) - Unknown owner - C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe
O23 - Service: Intel(R) Dynamic Application Loader Host Interface (jhi_service) - Intel Corporation - C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: Quick Access Service (QASvc) - Acer Incorporated - C:\Program Files\Acer\Acer Quick Access\QASvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\SgrmBroker.exe,-100 (SgrmBroker) - Unknown owner - C:\WINDOWS\system32\SgrmBroker.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTRAP) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spectrum.exe,-101 (spectrum) - Unknown owner - C:\WINDOWS\system32\spectrum.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: Intel(R) System Usage Report Service SystemUsageReportSvc_WILLAMETTE (SystemUsageReportSvc_WILLAMETTE) - Unknown owner - C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: User Experience Improvement Program (UEIPSvc) - acer - C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe
O23 - Service: User Energy Server Service WILLAMETTE (USER_ESRV_SVC_WILLAMETTE) - Unknown owner - C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 9952 bytes
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}]
Amazon Assistant - C:\WINDOWS\system32\mscoree.dll [2018-09-15 315904]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"abDocsDllLoader"=C:\Program Files (x86)\Acer\abDocs\abDocsDllLoader.exe [2017-09-28 91488]
"isa"=C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-26 330240]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"OneDrive"=C:\Users\Bohouš\AppData\Local\Microsoft\OneDrive\OneDrive.exe [2019-09-27 1592440]
"BingSvc"=C:\Users\Bohouš\AppData\Local\Microsoft\BingSvc\BingSvc.exe [2015-11-05 144008]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
$McRebootA5E6DEAA56$.lnk -
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\iai2c.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\Ahcache.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioEndpointBuilder]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AudioSrv]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\CoreMessagingRegistrar]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudAddService.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\HdAudBus.Sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\NetSetupSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SerCx2.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SpbCx.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\StateRepository]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\uefi.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\usbaudio.sys]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\UserManager]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{4D36E96C-E325-11CE-BFC1-08002BE10318}]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\{F2E7DD72-6468-4E36-B6F1-6488F42C1B52}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DSCAutomationHostEnabled"=2
"EnableFullTrustStartupTasks"=2
"EnableUwpStartupTasks"=2
"SupportFullTrustStartupTasks"=1
"SupportUwpStartupTasks"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"vidc.cvid"=iccvid.dll
"vidc.i420"=iyuv_32.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.l3acm"=C:\Windows\SysWOW64\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2019-10-03 20:25:09 ----D---- C:\Program Files (x86)\trend micro
2019-10-03 20:25:08 ----D---- C:\rsit
2019-10-03 19:55:06 ----D---- C:\Program Files (x86)\bookingDesktopApp
2019-10-03 19:53:34 ----D---- C:\Program Files (x86)\Booking
2019-10-03 19:51:44 ----D---- C:\ProgramData\AVAST Software
2019-10-03 19:36:04 ----A---- C:\WINDOWS\Reimage.ini
2019-10-03 19:32:21 ----D---- C:\Program Files (x86)\Google
2019-09-16 19:16:50 ----A---- C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-16 19:04:55 ----A---- C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-16 19:04:54 ----A---- C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-16 19:04:54 ----A---- C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-16 19:04:53 ----A---- C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-16 19:04:53 ----A---- C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-16 19:04:35 ----A---- C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-16 19:04:35 ----A---- C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-16 19:04:34 ----A---- C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-16 19:04:34 ----A---- C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-16 19:04:34 ----A---- C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-16 19:04:34 ----A---- C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-16 19:04:33 ----A---- C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-16 19:04:33 ----A---- C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-16 19:04:30 ----A---- C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-16 19:04:30 ----A---- C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-16 19:04:28 ----A---- C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-16 19:04:27 ----A---- C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-16 19:04:27 ----A---- C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-16 19:04:27 ----A---- C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-16 19:04:27 ----A---- C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-16 19:04:26 ----A---- C:\WINDOWS\SysWOW64\resutils.dll
2019-09-16 19:04:26 ----A---- C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-16 19:04:26 ----A---- C:\WINDOWS\SysWOW64\curl.exe
2019-09-16 19:04:26 ----A---- C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-16 19:04:26 ----A---- C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-16 19:04:23 ----A---- C:\WINDOWS\HelpPane.exe
2019-09-16 19:04:04 ----A---- C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-16 19:04:03 ----A---- C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-16 19:04:03 ----A---- C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-16 19:04:03 ----A---- C:\WINDOWS\SysWOW64\shell32.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\tdh.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\imm32.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-16 19:04:02 ----A---- C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-16 19:04:01 ----A---- C:\WINDOWS\SysWOW64\uReFS.dll
2019-09-16 19:04:01 ----A---- C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-16 19:04:01 ----A---- C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-16 19:04:01 ----A---- C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-16 19:04:01 ----A---- C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-16 19:04:01 ----A---- C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\propsys.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\drvsetup.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-16 19:04:00 ----A---- C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-16 19:03:59 ----A---- C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-16 19:03:59 ----A---- C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-16 19:03:59 ----A---- C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-16 19:03:59 ----A---- C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-16 19:03:58 ----A---- C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-16 19:03:58 ----A---- C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-16 19:03:58 ----A---- C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-16 19:03:58 ----A---- C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-16 19:03:57 ----A---- C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-16 19:03:57 ----A---- C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-16 19:03:57 ----A---- C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-09-16 19:03:55 ----A---- C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-09-16 19:03:54 ----A---- C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-16 19:03:54 ----A---- C:\WINDOWS\SysWOW64\explorer.exe
2019-09-16 19:03:54 ----A---- C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-16 19:03:54 ----A---- C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-16 19:03:53 ----A---- C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-16 19:03:44 ----A---- C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-16 19:03:26 ----A---- C:\WINDOWS\SysWOW64\pidgenx.dll
2019-09-16 19:03:09 ----A---- C:\WINDOWS\explorer.exe
2019-09-16 19:02:58 ----A---- C:\WINDOWS\SysWOW64\mf.dll
2019-09-16 19:02:57 ----A---- C:\WINDOWS\SysWOW64\aepic.dll
2019-09-16 19:02:56 ----A---- C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-16 19:02:56 ----A---- C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-16 19:02:56 ----A---- C:\WINDOWS\SysWOW64\combase.dll
2019-09-16 19:02:52 ----A---- C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-16 19:02:51 ----A---- C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-16 19:02:51 ----A---- C:\WINDOWS\SysWOW64\profext.dll
2019-09-16 19:02:51 ----A---- C:\WINDOWS\SysWOW64\msctf.dll
2019-09-16 19:02:51 ----A---- C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-16 19:02:51 ----A---- C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-16 19:02:48 ----A---- C:\WINDOWS\SysWOW64\nshwfp.dll
======List of files/folders modified in the last 1 month======
2019-10-03 20:25:09 ----RD---- C:\Program Files (x86)
2019-10-03 20:19:15 ----D---- C:\WINDOWS\Prefetch
2019-10-03 20:15:30 ----HD---- C:\ProgramData
2019-10-03 20:13:28 ----D---- C:\Users\Bohouš\AppData\Roaming\AVAST Software
2019-10-03 20:08:46 ----D---- C:\WINDOWS\Temp
2019-10-03 20:04:25 ----SHD---- C:\WINDOWS\Installer
2019-10-03 20:04:25 ----SHD---- C:\Config.Msi
2019-10-03 19:59:27 ----D---- C:\ProgramData\regid.1991-06.com.microsoft
2019-10-03 19:59:02 ----D---- C:\WINDOWS\WinSxS
2019-10-03 19:57:11 ----HD---- C:\WINDOWS\ELAMBKUP
2019-10-03 19:57:11 ----D---- C:\WINDOWS\System32
2019-10-03 19:52:43 ----RD---- C:\Program Files
2019-10-03 19:36:04 ----D---- C:\WINDOWS
2019-10-03 19:11:29 ----D---- C:\WINDOWS\AppReadiness
2019-10-03 18:48:27 ----D---- C:\WINDOWS\INF
2019-09-19 16:23:42 ----RD---- C:\WINDOWS\Microsoft.NET
2019-09-19 15:25:26 ----RD---- C:\WINDOWS\assembly
2019-09-16 19:16:50 ----D---- C:\WINDOWS\SysWOW64
2019-09-16 19:16:50 ----D---- C:\WINDOWS\Logs
2019-09-16 19:13:55 ----D---- C:\WINDOWS\SysWOW64\migration
2019-09-16 19:13:55 ----D---- C:\WINDOWS\SysWOW64\en-US
2019-09-16 19:13:55 ----D---- C:\WINDOWS\SysWOW64\Dism
2019-09-16 19:13:55 ----D---- C:\WINDOWS\SysWOW64\cs-CZ
2019-09-16 19:13:49 ----RD---- C:\WINDOWS\ImmersiveControlPanel
2019-09-16 19:13:49 ----D---- C:\WINDOWS\ShellExperiences
2019-09-16 19:13:49 ----D---- C:\WINDOWS\ShellComponents
2019-09-16 19:13:49 ----D---- C:\WINDOWS\PolicyDefinitions
2019-09-16 19:13:49 ----D---- C:\WINDOWS\bcastdvr
2019-09-16 19:12:32 ----D---- C:\WINDOWS\CbsTemp
2019-09-16 18:45:52 ----SHD---- C:\System Volume Information
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 aswbidsh;aswbidsh; C:\WINDOWS\system32\drivers\aswbidsh.sys []
R0 aswbuniv;aswbuniv; C:\WINDOWS\system32\drivers\aswbuniv.sys []
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys []
R0 iorate;@%SystemRoot%\system32\drivers\iorate.sys,-101; C:\WINDOWS\system32\drivers\iorate.sys []
R0 SgrmAgent;@%SystemRoot%\System32\Drivers\SgrmAgent.sys,-1001; C:\WINDOWS\system32\drivers\SgrmAgent.sys []
R1 afunix;afunix; C:\WINDOWS\system32\drivers\afunix.sys [2018-09-15 29696]
R1 aswArPot;aswArPot; C:\WINDOWS\system32\drivers\aswArPot.sys []
R1 aswbidsdriver;aswbidsdriver; C:\WINDOWS\system32\drivers\aswbidsdriver.sys []
R1 aswHdsKe;aswHdsKe; C:\WINDOWS\system32\drivers\aswHdsKe.sys []
R1 aswKbd;aswKbd; C:\WINDOWS\system32\drivers\aswKbd.sys []
R1 aswRdr;aswRdr; C:\WINDOWS\system32\drivers\aswRdr2.sys []
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys []
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys []
R1 bam;@%SystemRoot%\system32\drivers\bam.sys,-100; C:\WINDOWS\system32\drivers\bam.sys []
R1 FileCrypt;@%systemroot%\system32\drivers\filecrypt.sys,-100; C:\WINDOWS\system32\drivers\filecrypt.sys []
R1 GpuEnergyDrv;@%SystemRoot%\system32\drivers\gpuenergydrv.sys,-100; C:\WINDOWS\System32\drivers\gpuenergydrv.sys []
R2 aswMonFlt;aswMonFlt; C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 aswStm;aswStm; C:\WINDOWS\system32\drivers\aswStm.sys []
R2 CldFlt;Windows Cloud Files Filter Driver; C:\WINDOWS\system32\drivers\cldflt.sys []
R2 MMCSS;@%systemroot%\system32\drivers\mmcss.sys,-100; C:\WINDOWS\system32\drivers\mmcss.sys []
R2 RtkIOAC60;@oem12.inf,%NDISPROT_Desc%;Realtek IOAC Protocol Driver; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys []
R3 igfxLP;igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys []
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RTKVHD64.sys []
R3 IntcDAud;@oem2.inf,%IntcDAud.SvcDesc%;Intel(R) Display Audio; C:\WINDOWS\system32\DRIVERS\IntcDAud.sys []
R3 rt640x64;@oem6.inf,%rt640.Service.DispName%;Realtek RT640 NT Driver; C:\WINDOWS\System32\drivers\rt640x64.sys []
R3 RTSUER;@oem9.inf,%RtsUER%;Realtek USB Card Reader - UER; C:\WINDOWS\system32\Drivers\RtsUer.sys []
S0 aswArDisk;aswArDisk; C:\WINDOWS\system32\drivers\aswArDisk.sys []
S0 aswElam;aswElam; C:\WINDOWS\system32\drivers\aswElam.sys []
S0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys []
S0 bttflt;@virtdisk.inf,%service_desc%;Microsoft Hyper-V VHDPMEM BTT Filter; C:\WINDOWS\System32\drivers\bttflt.sys []
S0 cht4iscsi;cht4iscsi; C:\WINDOWS\System32\drivers\cht4sx64.sys []
S0 iaStorAVC;@iastorav.inf,%iaStorAVC.DeviceDesc%;Intel Chipset SATA RAID Controller; C:\WINDOWS\System32\drivers\iaStorAVC.sys []
S0 ItSas35i;ItSas35i; C:\WINDOWS\System32\drivers\ItSas35i.sys []
S0 LSI_SAS2i;LSI_SAS2i; C:\WINDOWS\System32\drivers\lsi_sas2i.sys []
S0 LSI_SAS3i;LSI_SAS3i; C:\WINDOWS\System32\drivers\lsi_sas3i.sys []
S0 megasas2i;megasas2i; C:\WINDOWS\System32\drivers\MegaSas2i.sys []
S0 megasas35i;megasas35i; C:\WINDOWS\System32\drivers\megasas35i.sys []
S0 percsas2i;percsas2i; C:\WINDOWS\System32\drivers\percsas2i.sys []
S0 percsas3i;percsas3i; C:\WINDOWS\System32\drivers\percsas3i.sys []
S0 Ramdisk;Windows RAM Disk Driver; C:\WINDOWS\system32\DRIVERS\ramdisk.sys []
S0 scmbus;@scmbus.inf,%scmbus.SvcDesc%;Microsoft Storage Class Memory Bus Driver; C:\WINDOWS\System32\drivers\scmbus.sys []
S0 SmartSAMD;SmartSAMD; C:\WINDOWS\System32\drivers\SmartSAMD.sys []
S3 AcpiDev;@acpidev.inf,%AcpiDev.SvcDesc%;ACPI Devices driver; C:\WINDOWS\System32\drivers\AcpiDev.sys []
S3 applockerfltr;@%systemroot%\system32\srpapi.dll,-102; C:\WINDOWS\system32\drivers\applockerfltr.sys []
S3 bindflt;@%systemroot%\system32\drivers\bindflt.sys,-100; C:\WINDOWS\system32\drivers\bindflt.sys []
S3 BthEnum;@bth.inf,%BthEnum.SVCDESC%;Bluetooth Enumerator Service; C:\WINDOWS\System32\drivers\BthEnum.sys []
S3 BthLEEnum;@BthLEEnum.inf,%BthLEEnum.SVCDESC%;Bluetooth Low Energy Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.Legacy.LEEnumerator.sys []
S3 BthMini;@bth.inf,%BTHMINI.SvcDesc%;Bluetooth Radio Driver; C:\WINDOWS\System32\drivers\BTHMINI.sys []
S3 BTHPORT;@bth.inf,%BTHPORT.SvcDesc%;Bluetooth Port Driver; C:\WINDOWS\System32\drivers\BTHport.sys []
S3 BTHUSB;@bth.inf,%BTHUSB.SvcDesc%;Bluetooth Radio USB Driver; C:\WINDOWS\System32\drivers\BTHUSB.sys []
S3 buttonconverter;@buttonconverter.inf,%btnconv.SvcDesc%;Service for Portable Device Control devices; C:\WINDOWS\System32\drivers\buttonconverter.sys []
S3 CAD;@ChargeArbitration.inf,%CAD_DevDesc%;Charge Arbitration Driver; C:\WINDOWS\System32\drivers\CAD.sys []
S3 CapImg;@capimg.inf,%CapImgHid_Service%;HID driver for CapImg touch screen; C:\WINDOWS\System32\drivers\capimg.sys []
S3 genericusbfn;@genericusbfn.inf,%genericusbfn.ServiceName%;Generic USB Function Class; C:\WINDOWS\System32\drivers\genericusbfn.sys []
S3 hidinterrupt;@hidinterrupt.inf,%HID_Interrupt.SvcDesc%;Common Driver for HID Buttons implemented with interrupts; C:\WINDOWS\System32\drivers\hidinterrupt.sys []
S3 hidspi;@hidspi_km.inf,%hidspi.SVCDESC%;Microsoft SPI HID Miniport Driver; C:\WINDOWS\System32\drivers\hidspi.sys []
S3 hvservice;@%SystemRoot%\system32\drivers\hvservice.sys,-16; C:\WINDOWS\system32\drivers\hvservice.sys []
S3 HwNClx0101;Microsoft Hardware Notifications Class Extension Driver; C:\WINDOWS\System32\Drivers\mshwnclx.sys []
S3 cht4vbd;@cht4vx64.inf,%cht4vbd.generic%;Chelsio Virtual Bus Driver; C:\WINDOWS\System32\drivers\cht4vx64.sys []
S3 iagpio;@iagpio.inf,%iagpio.SVCDESC%;Intel Serial IO GPIO Controller Driver; C:\WINDOWS\System32\drivers\iagpio.sys []
S3 iai2c;@iai2c.inf,%iai2c.SVCDESC%;Intel(R) Serial IO I2C Host Controller; C:\WINDOWS\System32\drivers\iai2c.sys []
S3 iaLPSS2i_GPIO2;@iaLPSS2i_GPIO2_SKL.inf,%iaLPSS2i_GPIO2.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2.sys []
S3 iaLPSS2i_GPIO2_BXT_P;@iaLPSS2i_GPIO2_BXT_P.inf,%iaLPSS2i_GPIO2_BXT_P.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_BXT_P.sys []
S3 iaLPSS2i_GPIO2_CNL;@iaLPSS2i_GPIO2_CNL.inf,%iaLPSS2i_GPIO2_CNL.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_CNL.sys []
S3 iaLPSS2i_GPIO2_GLK;@iaLPSS2i_GPIO2_GLK.inf,%iaLPSS2i_GPIO2_GLK.SVCDESC%;Intel(R) Serial IO GPIO Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_GPIO2_GLK.sys []
S3 iaLPSS2i_I2C;@iaLPSS2i_I2C_SKL.inf,%iaLPSS2i_I2C.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C.sys []
S3 iaLPSS2i_I2C_BXT_P;@iaLPSS2i_I2C_BXT_P.inf,%iaLPSS2i_I2C_BXT_P.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_BXT_P.sys []
S3 iaLPSS2i_I2C_CNL;@iaLPSS2i_I2C_CNL.inf,%iaLPSS2i_I2C_CNL.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_CNL.sys []
S3 iaLPSS2i_I2C_GLK;@iaLPSS2i_I2C_GLK.inf,%iaLPSS2i_I2C_GLK.SVCDESC%;Intel(R) Serial IO I2C Driver v2; C:\WINDOWS\System32\drivers\iaLPSS2i_I2C_GLK.sys []
S3 ibbus;@mlx4_bus.inf,%Ibbus.ServiceDesc%;Mellanox InfiniBand Bus/AL (Filter Driver); C:\WINDOWS\System32\drivers\ibbus.sys []
S3 IndirectKmd;@%SystemRoot%\system32\drivers\IndirectKmd.sys,-100; C:\WINDOWS\System32\drivers\IndirectKmd.sys []
S3 IPT;IPT; C:\WINDOWS\System32\drivers\ipt.sys []
S3 irda;IrDA; C:\WINDOWS\system32\drivers\irda.sys []
S3 mausbhost;@mausbhost.inf,%MAUSBHost.ServiceName%;MA-USB Host Controller Driver; C:\WINDOWS\System32\drivers\mausbhost.sys []
S3 mausbip;@mausbhost.inf,%MAUSBIP.ServiceName%;MA-USB IP Filter Driver; C:\WINDOWS\System32\drivers\mausbip.sys []
S3 MbbCx;MBB Network Adapter Class Extension; C:\WINDOWS\system32\drivers\MbbCx.sys []
S3 Microsoft_Bluetooth_AvrcpTransport;@microsoft_bluetooth_avrcptransport.inf,%Microsoft_Bluetooth_AvrcpTransport.ServiceDescription%;Microsoft Bluetooth Avrcp Transport Driver; C:\WINDOWS\System32\drivers\Microsoft.Bluetooth.AvrcpTransport.sys []
S3 mlx4_bus;@mlx4_bus.inf,%MLX4BUS.ServiceDesc%;Mellanox ConnectX Bus Enumerator; C:\WINDOWS\System32\drivers\mlx4_bus.sys []
S3 ndfltr;@mlx4_bus.inf,%ndfltr.ServiceDesc%;NetworkDirect Service; C:\WINDOWS\System32\drivers\ndfltr.sys []
S3 NetAdapterCx;Network Adapter Wdf Class Extension Library; C:\WINDOWS\system32\drivers\NetAdapterCx.sys []
S3 nvdimm;@nvdimm.inf,%nvdimm.SvcDesc%;Microsoft NVDIMM device driver; C:\WINDOWS\System32\drivers\nvdimm.sys []
S3 PktMon;Packet Monitor Driver; C:\WINDOWS\system32\drivers\PktMon.sys []
S3 pmem;@pmem.inf,%pmem.SvcDesc%;Microsoft persistent memory disk driver; C:\WINDOWS\System32\drivers\pmem.sys []
S3 PNPMEM;@memory.inf,%PNPMEM.SvcDesc%;Microsoft Memory Module Driver; C:\WINDOWS\System32\drivers\pnpmem.sys []
S3 ReFSv1;ReFSv1; C:\WINDOWS\SysWOW64\drivers\ReFSv1.sys []
S3 RFCOMM;@tdibth.inf,%RFCOMM.DisplayName%;Bluetooth Device (RFCOMM Protocol TDI); C:\WINDOWS\System32\drivers\rfcomm.sys []
S3 rhproxy;@rhproxy.inf,%rhproxy.SVCDESC%;Resource Hub proxy driver; C:\WINDOWS\System32\drivers\rhproxy.sys []
S3 SDFRd;@SDFRd.inf,%SDFRd.ServiceDesc%;SDF Reflector; C:\WINDOWS\System32\drivers\SDFRd.sys []
S3 semav6msr64;semav6msr64; \??\C:\WINDOWS\system32\drivers\semav6msr64.sys []
S4 hvcrash;hvcrash; C:\WINDOWS\System32\drivers\hvcrash.sys []
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 Amazon Assistant Service;Amazon Assistant Service; C:\Program Files (x86)\Amazon\Amazon Assistant\amazonAssistantService.exe [2018-02-22 105136]
R2 avast! Antivirus;Avast Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2019-10-03 996880]
R2 AvastWscReporter;AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [2019-10-03 57504]
R2 Bonjour Service;Bonjour Service; C:\Program Files (x86)\Bonjour\mDNSResponder.exe [2010-05-18 345376]
R2 CCDMonitorService;CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2017-09-26 2278688]
R2 CDPSvc;@%SystemRoot%\system32\cdpsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R2 CDPUserSvc_39b82;Uživatelská služba platformy připojených zařízení_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R2 CoreMessagingRegistrar;@%SystemRoot%\system32\coremessaging.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R2 DiagTrack;@%SystemRoot%\system32\diagtrack.dll,-3001; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
R2 DoSvc;@%systemroot%\system32\dosvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
R2 DusmSvc;@%SystemRoot%\System32\dusmsvc.dll,-1; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
R2 GamesAppIntegrationService;GamesAppIntegrationService; C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe [2015-04-14 373312]
R2 igfxCUIService2.0.0.0;Intel(R) HD Graphics Control Panel Service; C:\WINDOWS\system32\igfxCUIService.exe []
R2 jhi_service;Intel(R) Dynamic Application Loader Host Interface; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [2015-04-21 174368]
R2 OneSyncSvc_39b82;Hostitel synchronizace_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R2 osrss;@%systemroot%\system32\osrss.dll,-500; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [2014-10-08 253776]
R2 SgrmBroker;@%SystemRoot%\System32\SgrmBroker.exe,-100; C:\WINDOWS\system32\SgrmBroker.exe []
R3 BthAvctpSvc;@%SystemRoot%\system32\BthAvctpSvc.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R3 cbdhsvc_39b82;Uživatelská služba schránky_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R3 FontCache3.0.0.0;@%SystemRoot%\system32\PresentationHost.exe,-3309; C:\WINDOWS\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe [2019-01-12 43632]
R3 Intel(R) Security Assist;Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [2015-02-26 330240]
R3 LicenseManager;@%SystemRoot%\system32\licensemanagersvc.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
R3 NgcCtnrSvc;@%SystemRoot%\System32\NgcCtnrSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
R3 QASvc;Quick Access Service; C:\Program Files\Acer\Acer Quick Access\QASvc.exe [2015-07-09 450400]
R3 RmSvc;@%SystemRoot%\system32\RMapi.dll,-1001; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
R3 SecurityHealthService;@%systemroot%\system32\SecurityHealthAgent.dll,-1002; C:\WINDOWS\system32\SecurityHealthService.exe []
R3 SEMgrSvc;@%SystemRoot%\System32\SEMgrSvc.dll,-1001; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S2 bookingdesktopapp;bookingDesktopApp Update Service (bookingdesktopapp); C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-10-03 102400]
S2 CDPUserSvc;@%SystemRoot%\system32\cdpusersvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S2 gupdate;Služba Aktualizace Google (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-10-03 154920]
S2 isaHelperSvc;Intel(R) Security Assist Helper; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [2015-02-26 7680]
S2 MapsBroker;@%SystemRoot%\System32\moshost.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S2 OneSyncSvc;@%SystemRoot%\system32\APHostRes.dll,-10002; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 AJRouter;@%SystemRoot%\system32\AJRouter.dll,-2; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 aswbIDSAgent;aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [2019-10-03 6085360]
S3 BcastDVRUserService;@%SystemRoot%\system32\BcastDVRUserService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 BcastDVRUserService_39b82;Uživatelská služba pro GameDVR a vysílání her_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 BluetoothUserService;@%SystemRoot%\system32\Microsoft.Bluetooth.UserService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 BluetoothUserService_39b82;Služba pro podporu uživatelů Bluetooth_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 bookingdesktopappm;bookingDesktopApp Update Service (bookingdesktopappm); C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [2019-10-03 102400]
S3 BTAGService;@%SystemRoot%\system32\BTAGService.dll,-101; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 camsvc;@%SystemRoot%\system32\CapabilityAccessManager.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 CaptureService;@%SystemRoot%\system32\CaptureService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 CaptureService_39b82;CaptureService_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 cbdhsvc;@%SystemRoot%\system32\cbdhsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 ClipSVC;@%SystemRoot%\system32\ClipSVC.dll,-103; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 ConsentUxUserSvc;@%SystemRoot%\system32\ConsentUxClient.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 ConsentUxUserSvc_39b82;ConsentUX_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 cphs;Intel(R) Content Protection HECI Service; C:\WINDOWS\SysWow64\IntelCpHeciSvc.exe [2017-07-27 301520]
S3 DevicePickerUserSvc;@%SystemRoot%\system32\Windows.Devices.Picker.dll,-1006; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 DevicePickerUserSvc_39b82;DevicePicker_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 DevicesFlowUserSvc;@%SystemRoot%\system32\DevicesFlowBroker.dll,-103; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 DevicesFlowUserSvc_39b82;Tok zařízení_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 DevQueryBroker;@%SystemRoot%\system32\DevQueryBroker.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 diagnosticshub.standardcollector.service;@%SystemRoot%\system32\DiagSvcs\DiagnosticsHub.StandardCollector.ServiceRes.dll,-1000; C:\WINDOWS\system32\DiagSvcs\DiagnosticsHub.StandardCollector.Service.exe []
S3 diagsvc;@%systemroot%\system32\DiagSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 DisplayEnhancementService;@%SystemRoot%\System32\Microsoft.Graphics.Display.DisplayEnhancementService.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 DmEnrollmentSvc;@%systemroot%\system32\Windows.Internal.Management.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 dmwappushservice;@%SystemRoot%\system32\dmwappushsvc.dll,-200; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 DsSvc;@%SystemRoot%\system32\dssvc.dll,-10003; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 embeddedmode;@%SystemRoot%\system32\embeddedmodesvc.dll,-201; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 EntAppSvc;@EnterpriseAppMgmtSvc.dll,-1; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 ESRV_SVC_WILLAMETTE;Energy Server Service WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [2016-06-08 416408]
S3 FrameServer;@%systemroot%\system32\FrameServer.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 GamesAppService;GamesAppService; C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe [2014-12-17 265808]
S3 GoogleChromeElevationService;Google Chrome Elevation Service; C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\elevation_service.exe [2019-09-18 1106416]
S3 GraphicsPerfSvc;@%SystemRoot%\system32\GraphicsPerfSvc.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 gupdatem;Služba Aktualizace Google (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2019-10-03 154920]
S3 HvHost;@%SystemRoot%\system32\hvhostsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 icssvc;@%SystemRoot%\System32\tetheringservice.dll,-4097; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 InstallService;@%SystemRoot%\system32\InstallService.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 Intel(R) Capability Licensing Service TCP IP Interface;Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [2015-05-22 881152]
S3 IpxlatCfgSvc;@%Systemroot%\system32\ipxlatcfg.dll,-500; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 irmon;@%SystemRoot%\System32\irmon.dll,-2000; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 LxpSvc;@%SystemRoot%\system32\LanguageOverlayServer.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 MessagingService;@%SystemRoot%\system32\MessagingService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 MessagingService_39b82;Služba zasílání zpráv_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 NaturalAuthentication;@%systemroot%\system32\NaturalAuth.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 NetSetupSvc;@%SystemRoot%\system32\NetSetupSvc.dll,-3; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 NgcSvc;@%SystemRoot%\System32\ngcsvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 perceptionsimulation;@%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101; C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe []
S3 PhoneSvc;@%SystemRoot%\system32\PhoneserviceRes.dll,-10000; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 PimIndexMaintenanceSvc;@%SystemRoot%\system32\UserDataAccessRes.dll,-15001; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 PimIndexMaintenanceSvc_39b82;Data kontaktů_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 PrintWorkflowUserSvc;@%SystemRoot%\system32\PrintWorkflowService.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 PrintWorkflowUserSvc_39b82;PrintWorkflow_39b82; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 PushToInstall;@%SystemRoot%\system32\pushtoinstall.dll,-200; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 RetailDemo;@%SystemRoot%\System32\RDXService.dll,-256; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
S3 SensorDataService;@%SystemRoot%\system32\SensorDataService.exe,-101; C:\WINDOWS\System32\SensorDataService.exe []
S3 SensorService;@%SystemRoot%\System32\sensorservice.dll,-1000; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 SharedRealitySvc;@%SystemRoot%\system32\SharedRealitySvc.dll,-100; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S3 SmsRouter;@%SystemRoot%\System32\SmsRouterSvc.dll,-10001; C:\WINDOWS\system32\svchost.exe [2018-09-15 45448]
S4 shpamsvc;@%SystemRoot%\System32\Windows.SharedPC.AccountManager.dll,-100; C:\WINDOWS\System32\svchost.exe [2018-09-15 45448]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
reklama
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: reklama
Zdravím!
Spusťte tuto utilitu:
Spusťte tuto utilitu:
Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/
ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: reklama
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-03-2019
# Duration: 00:01:02
# OS: Windows 10 Home
# Scanned: 35164
# Detected: 150
***** [ Services ] *****
PUP.Optional.Assistant Amazon Assistant Service
***** [ Folders ] *****
Adware.pokki C:\Users\Bohouš\AppData\Local\Host App Service
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
Adware.pokki C:\Users\Public\Pokki
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Amazon\Amazon Assistant
PUP.Optional.Booking C:\Program Files\Booking.com
PUP.Optional.Reimage C:\Program Files\Reimage
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki C:\Users\Bohouš\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.Assistant C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
PUP.Optional.Assistant C:\Users\Bohouš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
PUP.Optional.Booking C:\Users\Bohouš\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
PUP.Optional.Reimage C:\Users\Bohouš\Downloads\ReimageRepair.exe
PUP.Optional.Reimage C:\Windows\Reimage.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Amazon1Button HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.AmazonAssistant HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
PUP.Optional.AmazonAssistant HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Reimage HKCU\Software\Reimage
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BBD01AC-9294-4DAA-9107-28D24CA5B5D5}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerQuickAccess File C:\Users\Bohouš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Quick Access.lnk
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DA900AF-37C0-4379-978E-DB0C892DC1E1}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC876671-591F-42ED-82F3-685F5F70F4FB}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\12 LABOURS OF HERCULES III GIRL POWER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\HOME MAKEOVER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH SNOWSCAPES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RUNEFALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-dinostorm
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-vegasworld
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-villagersandheroes
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
AdwCleaner_Debug.log - [32048 octets] - [03/10/2019 21:06:41]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
2019-10-03 19:06:41 : <INFO> [Application] AdwCleaner 7 . 4 . 1 launched
2019-10-03 19:06:46 : <INFO> [AdwUpgrade] Checking application updates
2019-10-03 19:06:46 : <INFO> [Telemetry] Sending hello
2019-10-03 19:06:47 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-03 19:06:47 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-03 19:06:47 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-10-03 19:06:47 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-10-03 19:06:47 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-10-03 19:06:47 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-10-03 19:06:47 : <INFO> [SslCert] ALPN: None
2019-10-03 19:06:48 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-03 19:06:48 : <INFO> [SslCert] KXE: "ECDH"
2019-10-03 19:06:48 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-03 19:06:48 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-10-03 19:06:55 : <INFO> [Button clicked] EULA agreed
2019-10-03 19:06:56 : <INFO> [Button clicked] Scan
2019-10-03 19:06:56 : <INFO> [Scan] Started
2019-10-03 19:06:56 : <INFO> [Database] Downloading database
2019-10-03 19:06:57 : <INFO> [Database] Checking integrity
2019-10-03 19:06:57 : <INFO> [Database] Found 2586 families
2019-10-03 19:06:57 : <INFO> [Database] Database v "2019-10-03.2"
2019-10-03 19:06:59 : <INFO> [Loading paths] Local paths loaded
2019-10-03 19:06:59 : <INFO> [Loading paths] Chrome paths loaded
2019-10-03 19:06:59 : <INFO> [Loading paths] User Keys loaded
2019-10-03 19:06:59 : <INFO> [Module initialized] "File"
2019-10-03 19:06:59 : <INFO> [Module initialized] "Folder"
2019-10-03 19:06:59 : <INFO> [Module initialized] "RegistryKey"
2019-10-03 19:06:59 : <INFO> [Module initialized] "RegistryValue"
2019-10-03 19:06:59 : <INFO> [Module initialized] "TaskName"
2019-10-03 19:06:59 : <INFO> [Module initialized] "Service"
2019-10-03 19:06:59 : <INFO> [Module initialized] "Winlogon"
2019-10-03 19:07:04 : <INFO> [Module initialized] "URL"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegAppInit"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegClasses"
2019-10-03 19:07:04 : <INFO> [Module initialized] "DNS"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegGuid"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegOther"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegProductID"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegSoftware"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegStartup"
2019-10-03 19:07:04 : <INFO> [Module initialized] "WMI"
2019-10-03 19:07:04 : <INFO> [Module initialized] "ChromiumExt"
2019-10-03 19:07:04 : <INFO> [Module initialized] "FirefoxExt"
2019-10-03 19:07:04 : <INFO> [Module initialize] Scan Browser
2019-10-03 19:07:04 : <INFO> [Module initialize] Scan Browser FF
2019-10-03 19:07:04 : <INFO> [Module initialize] FF start pages loaded
2019-10-03 19:07:04 : <INFO> [Module initialize] FF search providers loaded
2019-10-03 19:07:04 : <INFO> [Module initialize] FF plugin list loaded
2019-10-03 19:07:04 : <INFO> [Scan] Exclusions loaded
2019-10-03 19:07:10 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:07:10 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\analytics.app.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:07:10 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\titan.service.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\SOFTWARE\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Features\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\3DCCCD6BD02558446B24CF1C63EC213C" [ "Registry" ]
2019-10-03 19:07:30 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}" [ "Registry" ]
2019-10-03 19:07:31 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Users\\Bohou?\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\LocalService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Program Files\\Booking.com" [ "Folder" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "C:\\Windows\\Reimage.ini" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "C:\\Users\\Bohou?\\Downloads\\ReimageRepair.exe" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "C:\\Program Files\\Reimage" [ "Folder" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine" [ "Registry" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine.1" [ "Registry" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKLM\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKCU\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "Amazon Assistant Service" [ "Service" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\System\\CurrentControlSet\\Services\\EventLog\\Application\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\System32\\Tasks_Migrated\\App Explorer" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Bohou?\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Bohou?\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Public\\Pokki" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Public\\App Explorer" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\System32\\Tasks\\APP EXPLORER" [ "Task" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}\u0000" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKCU\\Software\\Host App Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Host App Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKCU\\Software\\App Host Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "C:\\Program Files (x86)\\Amazon\\Amazon Assistant" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\TypeLib\\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\CLSID\\{7B28BD81-CC45-4ADB-A043-12E35A15C402}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{7B28BD81-CC45-4ADB-A043-12E35A15C402}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\AppID\\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\TypeLib\\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\Interface\\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\Interface\\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\SOFTWARE\\Classes\\AppID\\AmazonAppIE.dll" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\AmazonAppIE.dll" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKU\\.DEFAULT\\Software\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKCU\\Software\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKU\\S-1-5-18\\Software\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\Acer Quick Access.lnk" [ "File" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "C:\\Program Files\\ACER\\ACER QUICK ACCESS" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "C:\\Windows\\System32\\Tasks\\QUICK ACCESS" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Quick Access" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Quick Access" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{5DA900AF-37C0-4379-978E-DB0C892DC1E1}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Users\\Public\\Desktop\\Acer Care Center.lnk" [ "File" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Program Files (x86)\\ACER\\CARE CENTER" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Windows\\System32\\Tasks\\ACCAGENT" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCAgent" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCAgent" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain\\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Windows\\System32\\Tasks\\ACCBACKGROUNDAPPLICATION" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCBackgroundApplication" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCBackgroundApplication" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{5BBD01AC-9294-4DAA-9107-28D24CA5B5D5}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1AF41E84-3408-499A-8C93-8891F0612719}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPowerDVD" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPowerDVD" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.ACERClear.fiShellExtension" , "HKLM\\Software\\Classes\\CLSID\\{ED32C084-BABB-11E1-B491-D4D66088709B}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.ACERClear.fiShellExtension" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{ED32C084-BABB-11E1-B491-D4D66088709B}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Users\\Public\\Desktop\\abDocs.lnk" [ "File" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Program Files (x86)\\ACER\\ABDOCS" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Program Files (x86)\\ACER\\ABDOCS OFFICE ADDIN" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Windows\\System32\\Tasks\\ABDOCSDLLLOADER" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{DC876671-591F-42ED-82F3-685F5F70F4FB}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Run|abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\WildTangent Games App - acer.lnk" [ "File" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\JEWEL MATCH 3" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\MAGIC ACADEMY" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\POLAR BOWLER 1ST FRAME" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\RUNEFALL" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\12 LABOURS OF HERCULES III GIRL POWER" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\HOME MAKEOVER" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\JEWEL MATCH SNOWSCAPES" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES\\APP" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Ext\\Preapproved\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKU\\.DEFAULT\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKU\\S-1-5-18\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:46 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangent wildgames Master Uninstall" [ "Registry" ]
2019-10-03 19:07:46 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" [ "Registry" ]
2019-10-03 19:07:46 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGameProvider-acer-genres" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGameProvider-acer-main" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-acer-vegasworld" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-acer-villagersandheroes" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-acer-dinostorm" [ "Registry" ]
2019-10-03 19:07:54 : <INFO> [Scan] Item detected: "PUP.Optional.InstallCore" , "HKCU\\Software\\csastats" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUEIPFramework" , "C:\\Program Files\\ACER\\USER EXPERIENCE IMPROVEMENT PROGRAM\\PLUGIN\\APPMONITOR" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUEIPFramework" , "C:\\Program Files\\ACER\\USER EXPERIENCE IMPROVEMENT PROGRAM\\FRAMEWORK" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUEIPFramework" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{12A718F2-2357-4D41-9E1F-18583A4745F7}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerDocsOfficeAddIn" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DCBF3379-246B-47E1-8173-639B63940838}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUpdater" , "C:\\ProgramData\\ACER\\ACER UPDATER" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerExplorerAgent" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.ACERAOPFramework" , "C:\\Program Files (x86)\\ACER\\AOP FRAMEWORK" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.ACERAOPFramework" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4A37A114-702F-4055-A4B6-16571D4A5353}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.ACERAOPFramework" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|BacKGround Agent" [ "Registry" ]
2019-10-03 19:07:56 : <INFO> [Scan] Item detected: "PUP.Optional.Amazon1Button" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\F5415905096AA504A9FB967C7A138943" [ "Registry" ]
2019-10-03 19:07:56 : <INFO> [Scan] Item detected: "PUP.Optional.Amazon1Button" , "HKCU\\Software\\Classes\\Software\\APPDATALOW\\SOFTWARE\\AMAZON\\Amazon1ButtonApp" [ "Registry" ]
2019-10-03 19:07:58 : <INFO> [Telemetry] Sending to Influx
2019-10-03 19:07:59 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-10-03 19:07:59 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-10-03 19:07:59 : <INFO> [SslCert] Locality Name ()
2019-10-03 19:07:59 : <INFO> [SslCert] Organization ()
2019-10-03 19:07:59 : <INFO> [SslCert] Certificate EffectiveDate: "ne srp 18 10:50:38 2019 GMT"
2019-10-03 19:07:59 : <INFO> [SslCert] Certificate ExpirationDate: "so lis 16 10:50:38 2019 GMT"
2019-10-03 19:07:59 : <INFO> [SslCert] ALPN: Yes
2019-10-03 19:07:59 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-03 19:07:59 : <INFO> [SslCert] KXE: "ECDH"
2019-10-03 19:07:59 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-03 19:07:59 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-10-03 19:07:59 : <INFO> [Telemetry] Sending to DSE
2019-10-03 19:08:00 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-03 19:08:00 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-03 19:08:00 : <INFO> [SslCert] Locality Name ("San Jose")
2019-10-03 19:08:00 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-10-03 19:08:00 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-10-03 19:08:00 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-10-03 19:08:00 : <INFO> [SslCert] ALPN: Yes
2019-10-03 19:08:00 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-03 19:08:00 : <INFO> [SslCert] KXE: "ECDH"
2019-10-03 19:08:00 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-03 19:08:00 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-10-03 19:08:00 : <INFO> [Scan] Finished
2019-10-03 19:08:09 : <INFO> [Button clicked] Next
2019-10-03 19:08:25 : <INFO> [Checkbox clicked] Bundleware found "Don't show again": "Unchecked"
2019-10-03 19:08:26 : <INFO> [Button clicked] Bundleware found ok button
2019-10-03 19:08:59 : <INFO> [Button clicked] Clean & repair
2019-10-03 19:09:07 : <INFO> [Button clicked] Dialog button clicked [ 5 ]
2019-10-03 19:09:17 : <INFO> [Button clicked] Previous
2019-10-03 19:09:26 : <INFO> [Button clicked] Next
2019-10-03 19:09:29 : <INFO> [Button clicked] Bundleware found ok button
2019-10-03 19:09:36 : <INFO> [Button clicked] Clean & repair
2019-10-03 19:09:38 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2019-10-03 19:09:38 : <INFO> [Cleaning] Started
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "wsc_proxy.exe" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "AvastSvc.exe" 0
2019-10-03 19:09:39 : <INFO> [Quarantine] Session folder: "C:\\AdwCleaner\\Quarantine\\v1\\20191003.210939"
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\analytics.app.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\analytics.app.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\titan.service.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\titan.service.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\SOFTWARE\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\SOFTWARE\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Features\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Features\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\3DCCCD6BD02558446B24CF1C63EC213C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\3DCCCD6BD02558446B24CF1C63EC213C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Users\\Bohou?\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Users\\Bohou?\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\LocalService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\LocalService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Program Files\\Booking.com" [ "Folder" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Program Files\\Booking.com" [ "Folder" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "C:\\Windows\\Reimage.ini" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "C:\\Windows\\Reimage.ini" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "C:\\Users\\Bohou?\\Downloads\\ReimageRepair.exe" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "C:\\Users\\Bohou?\\Downloads\\ReimageRepair.exe" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "C:\\Program Files\\Reimage" [ "Folder" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "C:\\Program Files\\Reimage" [ "Folder" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine.1" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine.1" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKLM\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKLM\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKCU\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKCU\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "Amazon Assistant Service" [ "Service" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "Amazon Assistant Service" [ "Service" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\System\\CurrentControlSet\\Services\\EventLog\\Application\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\System\\CurrentControlSet\\Services\\EventLog\\Application\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\System32\\Tasks_Migrated\\App Explorer" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\System32\\Tasks_Migrated\\App Explorer" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Bohou?\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Bohou?\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Bohou?\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Bohou?\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Public\\Pokki" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Public\\Pokki" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Public\\App Explorer" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Public\\App Explorer" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:51 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:51 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\System32\\Tasks\\APP EXPLORER" [ "Task" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\System32\\Tasks\\APP EXPLORER" [ "Task" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}\u0000" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}\u0000" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKCU\\Software\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKCU\\Software\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKCU\\Software\\App Host Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKCU\\Software\\App Host Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "PUP.Optional.AmazonAssistant" , "C:\\Program Files (x86)\\Amazon\\Amazon Assistant" [ "Folder" ]
2019-10-03 19:16:46 : <INFO> [Button clicked] Quarantine menu item
2019-10-03 19:16:49 : <INFO> [Button clicked] Log files menu item
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 10-03-2019
# Duration: 00:01:02
# OS: Windows 10 Home
# Scanned: 35164
# Detected: 150
***** [ Services ] *****
PUP.Optional.Assistant Amazon Assistant Service
***** [ Folders ] *****
Adware.pokki C:\Users\Bohouš\AppData\Local\Host App Service
Adware.pokki C:\Users\Default\AppData\Local\Host App Service
Adware.pokki C:\Users\Public\App Explorer
Adware.pokki C:\Users\Public\Pokki
Adware.pokki C:\Windows\ServiceProfiles\LocalService\AppData\Local\Host App Service
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\AppData\Local\Host App Service
PUP.Optional.AmazonAssistant C:\Program Files (x86)\Amazon\Amazon Assistant
PUP.Optional.Booking C:\Program Files\Booking.com
PUP.Optional.Reimage C:\Program Files\Reimage
***** [ Files ] *****
Adware.pokki C:\ProgramData\Microsoft\Windows\Start Menu\Programs\App Explorer.lnk
Adware.pokki C:\Users\Bohouš\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\ServiceProfiles\LocalService\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\ServiceProfiles\NetworkService\Desktop\App Explorer.lnk
Adware.pokki C:\Windows\System32\Tasks_Migrated\App Explorer
PUP.Optional.Assistant C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AmazonAssistant.lnk
PUP.Optional.Assistant C:\Users\Bohouš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\AmazonAssistant.lnk
PUP.Optional.Booking C:\Users\Bohouš\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\LocalService\Favorites\Booking.com.url
PUP.Optional.Booking C:\Windows\ServiceProfiles\NetworkService\Favorites\Booking.com.url
PUP.Optional.Reimage C:\Users\Bohouš\Downloads\ReimageRepair.exe
PUP.Optional.Reimage C:\Windows\Reimage.ini
***** [ DLL ] *****
No malicious DLLs found.
***** [ WMI ] *****
No malicious WMI found.
***** [ Shortcuts ] *****
No malicious shortcuts found.
***** [ Tasks ] *****
Adware.pokki C:\Windows\System32\Tasks\APP EXPLORER
***** [ Registry ] *****
Adware.pokki HKCU\Software\App Host Service
Adware.pokki HKCU\Software\Host App Service
Adware.pokki HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Host App Service
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}
Adware.pokki HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\App Explorer
PUP.Optional.Amazon1Button HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
PUP.Optional.Amazon1Button HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
PUP.Optional.AmazonAssistant HKCU\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\SOFTWARE\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\SYSTEM\Setup\FirstBoot\Services\Amazon Assistant Service
PUP.Optional.AmazonAssistant HKLM\Software\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant HKLM\Software\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\AmazonAppIE.dll
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\AppID\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\CLSID\{7B28BD81-CC45-4ADB-A043-12E35A15C402}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\Interface\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}
PUP.Optional.AmazonAssistant HKLM\Software\Wow6432Node\\Classes\TypeLib\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}
PUP.Optional.AmazonAssistant HKU\.DEFAULT\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.AmazonAssistant HKU\S-1-5-18\Software\AppDataLow\Software\Amazon\AmazonAssistant
PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Classes\CLSID\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}
PUP.Optional.Assistant HKLM\System\CurrentControlSet\Services\EventLog\Application\Amazon Assistant Service
PUP.Optional.InstallCore HKCU\Software\csastats
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\analytics.app.amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\DOMStorage\titan.service.amazonbrowserapp.com
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\SOFTWARE\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{10ECCE17-29B5-4880-A8F5-EAD298611484}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Features\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Installer\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\3DCCCD6BD02558446B24CF1C63EC213C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A38C15B2D5649AE4C9CDE19DE50DA96C
PUP.Optional.Legacy HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\REI_AxControl.DLL
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\AppID\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\CLSID\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\Interface\{BD51A48E-EB5F-4454-8774-EF962DF64546}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}
PUP.Optional.Legacy HKLM\Software\Wow6432Node\\Classes\TypeLib\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}
PUP.Optional.Reimage HKCU\Software\Reimage
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine
PUP.Optional.Reimage HKLM\Software\Classes\REI_AxControl.ReiEngine.1
PUP.Optional.Reimage HKLM\Software\Reimage
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries found.
***** [ Chromium URLs ] *****
No malicious Chromium URLs found.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries found.
***** [ Firefox URLs ] *****
No malicious Firefox URLs found.
***** [ Preinstalled Software ] *****
Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.ACERClear.fiShellExtension Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{ED32C084-BABB-11E1-B491-D4D66088709B}
Preinstalled.AcerCareCenter File C:\Users\Public\Desktop\Acer Care Center.lnk
Preinstalled.AcerCareCenter Folder C:\Program Files (x86)\ACER\CARE CENTER
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5BBD01AC-9294-4DAA-9107-28D24CA5B5D5}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCAgent
Preinstalled.AcerCareCenter Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\ACCBackgroundApplication
Preinstalled.AcerCareCenter Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{1AF41E84-3408-499A-8C93-8891F0612719}
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCAGENT
Preinstalled.AcerCareCenter Task C:\Windows\System32\Tasks\ACCBACKGROUNDAPPLICATION
Preinstalled.AcerDocsOfficeAddIn Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{DCBF3379-246B-47E1-8173-639B63940838}
Preinstalled.AcerExplorerAgent Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}
Preinstalled.AcerQuickAccess File C:\Users\Bohouš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Acer Quick Access.lnk
Preinstalled.AcerQuickAccess Folder C:\Program Files\ACER\ACER QUICK ACCESS
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5DA900AF-37C0-4379-978E-DB0C892DC1E1}
Preinstalled.AcerQuickAccess Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Quick Access
Preinstalled.AcerQuickAccess Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}
Preinstalled.AcerQuickAccess Task C:\Windows\System32\Tasks\QUICK ACCESS
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\FRAMEWORK
Preinstalled.AcerUEIPFramework Folder C:\Program Files\ACER\USER EXPERIENCE IMPROVEMENT PROGRAM\PLUGIN\APPMONITOR
Preinstalled.AcerUEIPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{12A718F2-2357-4D41-9E1F-18583A4745F7}
Preinstalled.AcerUpdater Folder C:\ProgramData\ACER\ACER UPDATER
Preinstalled.AcerabDocs File C:\Users\Public\Desktop\abDocs.lnk
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS
Preinstalled.AcerabDocs Folder C:\Program Files (x86)\ACER\ABDOCS OFFICE ADDIN
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{DC876671-591F-42ED-82F3-685F5F70F4FB}
Preinstalled.AcerabDocs Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|abDocsDllLoader
Preinstalled.AcerabDocs Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}
Preinstalled.AcerabDocs Task C:\Windows\System32\Tasks\ABDOCSDLLLOADER
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.LenovoPowerDVD Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}
Preinstalled.WildTangentGamesBundle File C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WildTangent Games App - acer.lnk
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\12 LABOURS OF HERCULES III GIRL POWER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\HOME MAKEOVER
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH 3
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\JEWEL MATCH SNOWSCAPES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\MAGIC ACADEMY
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\POLAR BOWLER 1ST FRAME
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDGAMES\RUNEFALL
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES
Preinstalled.WildTangentGamesBundle Folder C:\Program Files (x86)\WILDTANGENT GAMES\APP
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Ext\Preapproved\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangent wildgames Master Uninstall
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-dinostorm
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-vegasworld
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGDF-acer-villagersandheroes
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-genres
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\WildTangentGameProvider-acer-main
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App
Preinstalled.WildTangentGamesBundle Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer
Preinstalled.WildTangentGamesBundle Registry HKU\.DEFAULT\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
Preinstalled.WildTangentGamesBundle Registry HKU\S-1-5-18\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}
AdwCleaner_Debug.log - [32048 octets] - [03/10/2019 21:06:41]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########
2019-10-03 19:06:41 : <INFO> [Application] AdwCleaner 7 . 4 . 1 launched
2019-10-03 19:06:46 : <INFO> [AdwUpgrade] Checking application updates
2019-10-03 19:06:46 : <INFO> [Telemetry] Sending hello
2019-10-03 19:06:47 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-03 19:06:47 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-03 19:06:47 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-10-03 19:06:47 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-10-03 19:06:47 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-10-03 19:06:47 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-10-03 19:06:47 : <INFO> [SslCert] ALPN: None
2019-10-03 19:06:48 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-03 19:06:48 : <INFO> [SslCert] KXE: "ECDH"
2019-10-03 19:06:48 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-03 19:06:48 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-10-03 19:06:55 : <INFO> [Button clicked] EULA agreed
2019-10-03 19:06:56 : <INFO> [Button clicked] Scan
2019-10-03 19:06:56 : <INFO> [Scan] Started
2019-10-03 19:06:56 : <INFO> [Database] Downloading database
2019-10-03 19:06:57 : <INFO> [Database] Checking integrity
2019-10-03 19:06:57 : <INFO> [Database] Found 2586 families
2019-10-03 19:06:57 : <INFO> [Database] Database v "2019-10-03.2"
2019-10-03 19:06:59 : <INFO> [Loading paths] Local paths loaded
2019-10-03 19:06:59 : <INFO> [Loading paths] Chrome paths loaded
2019-10-03 19:06:59 : <INFO> [Loading paths] User Keys loaded
2019-10-03 19:06:59 : <INFO> [Module initialized] "File"
2019-10-03 19:06:59 : <INFO> [Module initialized] "Folder"
2019-10-03 19:06:59 : <INFO> [Module initialized] "RegistryKey"
2019-10-03 19:06:59 : <INFO> [Module initialized] "RegistryValue"
2019-10-03 19:06:59 : <INFO> [Module initialized] "TaskName"
2019-10-03 19:06:59 : <INFO> [Module initialized] "Service"
2019-10-03 19:06:59 : <INFO> [Module initialized] "Winlogon"
2019-10-03 19:07:04 : <INFO> [Module initialized] "URL"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegAppInit"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegClasses"
2019-10-03 19:07:04 : <INFO> [Module initialized] "DNS"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegGuid"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegOther"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegProductID"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegSoftware"
2019-10-03 19:07:04 : <INFO> [Module initialized] "RegStartup"
2019-10-03 19:07:04 : <INFO> [Module initialized] "WMI"
2019-10-03 19:07:04 : <INFO> [Module initialized] "ChromiumExt"
2019-10-03 19:07:04 : <INFO> [Module initialized] "FirefoxExt"
2019-10-03 19:07:04 : <INFO> [Module initialize] Scan Browser
2019-10-03 19:07:04 : <INFO> [Module initialize] Scan Browser FF
2019-10-03 19:07:04 : <INFO> [Module initialize] FF start pages loaded
2019-10-03 19:07:04 : <INFO> [Module initialize] FF search providers loaded
2019-10-03 19:07:04 : <INFO> [Module initialize] FF plugin list loaded
2019-10-03 19:07:04 : <INFO> [Scan] Exclusions loaded
2019-10-03 19:07:10 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:07:10 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\analytics.app.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:07:10 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\titan.service.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:07:11 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:07:22 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\SOFTWARE\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Features\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:07:23 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\3DCCCD6BD02558446B24CF1C63EC213C" [ "Registry" ]
2019-10-03 19:07:30 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}" [ "Registry" ]
2019-10-03 19:07:31 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Users\\Bohou?\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\LocalService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Booking" , "C:\\Program Files\\Booking.com" [ "Folder" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "C:\\Windows\\Reimage.ini" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "C:\\Users\\Bohou?\\Downloads\\ReimageRepair.exe" [ "File" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "C:\\Program Files\\Reimage" [ "Folder" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine" [ "Registry" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine.1" [ "Registry" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKLM\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:07:32 : <INFO> [Scan] Item detected: "PUP.Optional.Reimage" , "HKCU\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "Amazon Assistant Service" [ "Service" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\System\\CurrentControlSet\\Services\\EventLog\\Application\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:34 : <INFO> [Scan] Item detected: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\System32\\Tasks_Migrated\\App Explorer" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Bohou?\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\App Explorer.lnk" [ "File" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Bohou?\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Public\\Pokki" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Public\\App Explorer" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "C:\\Windows\\System32\\Tasks\\APP EXPLORER" [ "Task" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}\u0000" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKCU\\Software\\Host App Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Host App Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "Adware.pokki" , "HKCU\\Software\\App Host Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "C:\\Program Files (x86)\\Amazon\\Amazon Assistant" [ "Folder" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\TypeLib\\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{E6AB05A4-A387-4083-91A5-E89A8DCEEBC0}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\CLSID\\{7B28BD81-CC45-4ADB-A043-12E35A15C402}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{7B28BD81-CC45-4ADB-A043-12E35A15C402}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\AppID\\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{F18AE3C4-D2AD-42AC-9282-509DCF035D06}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\TypeLib\\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{55B621F9-BAE8-4CF7-9D76-1DB25CD95850}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\Interface\\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{3268A00F-D329-42E1-ABF0-E78D5656BA2A}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Classes\\Interface\\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{571139B2-8D93-4B29-9AA9-496EF27D6AF8}" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\SOFTWARE\\Classes\\AppID\\AmazonAppIE.dll" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\AmazonAppIE.dll" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKLM\\Software\\Wow6432Node\\\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKU\\.DEFAULT\\Software\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKCU\\Software\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:36 : <INFO> [Scan] Item detected: "PUP.Optional.AmazonAssistant" , "HKU\\S-1-5-18\\Software\\AppDataLow\\Software\\Amazon\\AmazonAssistant" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\Acer Quick Access.lnk" [ "File" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "C:\\Program Files\\ACER\\ACER QUICK ACCESS" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "C:\\Windows\\System32\\Tasks\\QUICK ACCESS" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Quick Access" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\Quick Access" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{5DA900AF-37C0-4379-978E-DB0C892DC1E1}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerQuickAccess" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{E3678E72-78E3-4F91-A9FB-913876FF6DA2}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Users\\Public\\Desktop\\Acer Care Center.lnk" [ "File" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Program Files (x86)\\ACER\\CARE CENTER" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Windows\\System32\\Tasks\\ACCAGENT" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCAgent" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCAgent" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Plain\\{78E9D7FC-EA28-4EB8-B34D-C9005ED0ECE3}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "C:\\Windows\\System32\\Tasks\\ACCBACKGROUNDAPPLICATION" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCBackgroundApplication" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\ACCBackgroundApplication" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{5BBD01AC-9294-4DAA-9107-28D24CA5B5D5}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerCareCenter" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{1AF41E84-3408-499A-8C93-8891F0612719}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPowerDVD" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\InstallShield_{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.LenovoPowerDVD" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{B46BEA36-0B71-4A4E-AE41-87241643FA0A}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.ACERClear.fiShellExtension" , "HKLM\\Software\\Classes\\CLSID\\{ED32C084-BABB-11E1-B491-D4D66088709B}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.ACERClear.fiShellExtension" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{ED32C084-BABB-11E1-B491-D4D66088709B}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Users\\Public\\Desktop\\abDocs.lnk" [ "File" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Program Files (x86)\\ACER\\ABDOCS" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Program Files (x86)\\ACER\\ABDOCS OFFICE ADDIN" [ "Folder" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "C:\\Windows\\System32\\Tasks\\ABDOCSDLLLOADER" [ "Task" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "localScan" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{DC876671-591F-42ED-82F3-685F5F70F4FB}\u0000" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{CA4FE8B0-298C-4E5D-A486-F33B126D6A0A}" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Run|abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:38 : <INFO> [Scan] Item detected: "Preinstalled.AcerabDocs" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|abDocsDllLoader" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\WildTangent Games App - acer.lnk" [ "File" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\JEWEL MATCH 3" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\MAGIC ACADEMY" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\POLAR BOWLER 1ST FRAME" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\RUNEFALL" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\12 LABOURS OF HERCULES III GIRL POWER" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\HOME MAKEOVER" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES\\JEWEL MATCH SNOWSCAPES" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDGAMES" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES\\APP" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "C:\\Program Files (x86)\\WILDTANGENT GAMES" [ "Folder" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Ext\\Preapproved\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKU\\.DEFAULT\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:39 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKU\\S-1-5-18\\Software\\Microsoft\\Internet Explorer\\Low Rights\\ElevationPolicy\\{7A97880C-7DD3-4C6E-8DE0-881B1FC02BE6}" [ "Registry" ]
2019-10-03 19:07:46 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangent wildgames Master Uninstall" [ "Registry" ]
2019-10-03 19:07:46 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{70B446D1-E03B-4ab0-9B3C-0832142C9AA8}.WildTangent Games App-acer" [ "Registry" ]
2019-10-03 19:07:46 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2FA94A64-C84E-49d1-97DD-7BF06C7BBFB2}.WildTangent Games App" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGameProvider-acer-genres" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGameProvider-acer-main" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-acer-vegasworld" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-acer-villagersandheroes" [ "Registry" ]
2019-10-03 19:07:47 : <INFO> [Scan] Item detected: "Preinstalled.WildTangentGamesBundle" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\WildTangentGDF-acer-dinostorm" [ "Registry" ]
2019-10-03 19:07:54 : <INFO> [Scan] Item detected: "PUP.Optional.InstallCore" , "HKCU\\Software\\csastats" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUEIPFramework" , "C:\\Program Files\\ACER\\USER EXPERIENCE IMPROVEMENT PROGRAM\\PLUGIN\\APPMONITOR" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUEIPFramework" , "C:\\Program Files\\ACER\\USER EXPERIENCE IMPROVEMENT PROGRAM\\FRAMEWORK" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUEIPFramework" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{12A718F2-2357-4D41-9E1F-18583A4745F7}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerDocsOfficeAddIn" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{DCBF3379-246B-47E1-8173-639B63940838}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerUpdater" , "C:\\ProgramData\\ACER\\ACER UPDATER" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.AcerExplorerAgent" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4D0F42CF-1693-43D9-BDC8-19141D023EE0}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.ACERAOPFramework" , "C:\\Program Files (x86)\\ACER\\AOP FRAMEWORK" [ "Folder" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.ACERAOPFramework" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{4A37A114-702F-4055-A4B6-16571D4A5353}" [ "Registry" ]
2019-10-03 19:07:55 : <INFO> [Scan] Item detected: "Preinstalled.ACERAOPFramework" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|BacKGround Agent" [ "Registry" ]
2019-10-03 19:07:56 : <INFO> [Scan] Item detected: "PUP.Optional.Amazon1Button" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\F5415905096AA504A9FB967C7A138943" [ "Registry" ]
2019-10-03 19:07:56 : <INFO> [Scan] Item detected: "PUP.Optional.Amazon1Button" , "HKCU\\Software\\Classes\\Software\\APPDATALOW\\SOFTWARE\\AMAZON\\Amazon1ButtonApp" [ "Registry" ]
2019-10-03 19:07:58 : <INFO> [Telemetry] Sending to Influx
2019-10-03 19:07:59 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-10-03 19:07:59 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-10-03 19:07:59 : <INFO> [SslCert] Locality Name ()
2019-10-03 19:07:59 : <INFO> [SslCert] Organization ()
2019-10-03 19:07:59 : <INFO> [SslCert] Certificate EffectiveDate: "ne srp 18 10:50:38 2019 GMT"
2019-10-03 19:07:59 : <INFO> [SslCert] Certificate ExpirationDate: "so lis 16 10:50:38 2019 GMT"
2019-10-03 19:07:59 : <INFO> [SslCert] ALPN: Yes
2019-10-03 19:07:59 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-03 19:07:59 : <INFO> [SslCert] KXE: "ECDH"
2019-10-03 19:07:59 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-03 19:07:59 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-10-03 19:07:59 : <INFO> [Telemetry] Sending to DSE
2019-10-03 19:08:00 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-10-03 19:08:00 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-10-03 19:08:00 : <INFO> [SslCert] Locality Name ("San Jose")
2019-10-03 19:08:00 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-10-03 19:08:00 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-10-03 19:08:00 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-10-03 19:08:00 : <INFO> [SslCert] ALPN: Yes
2019-10-03 19:08:00 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-10-03 19:08:00 : <INFO> [SslCert] KXE: "ECDH"
2019-10-03 19:08:00 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-10-03 19:08:00 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-10-03 19:08:00 : <INFO> [Scan] Finished
2019-10-03 19:08:09 : <INFO> [Button clicked] Next
2019-10-03 19:08:25 : <INFO> [Checkbox clicked] Bundleware found "Don't show again": "Unchecked"
2019-10-03 19:08:26 : <INFO> [Button clicked] Bundleware found ok button
2019-10-03 19:08:59 : <INFO> [Button clicked] Clean & repair
2019-10-03 19:09:07 : <INFO> [Button clicked] Dialog button clicked [ 5 ]
2019-10-03 19:09:17 : <INFO> [Button clicked] Previous
2019-10-03 19:09:26 : <INFO> [Button clicked] Next
2019-10-03 19:09:29 : <INFO> [Button clicked] Bundleware found ok button
2019-10-03 19:09:36 : <INFO> [Button clicked] Clean & repair
2019-10-03 19:09:38 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2019-10-03 19:09:38 : <INFO> [Cleaning] Started
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2019-10-03 19:09:38 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "wsc_proxy.exe" 0
2019-10-03 19:09:39 : <WARNING> [Cleaning] Unable to Open process - "AvastSvc.exe" 0
2019-10-03 19:09:39 : <INFO> [Quarantine] Session folder: "C:\\AdwCleaner\\Quarantine\\v1\\20191003.210939"
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\analytics.app.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\analytics.app.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\titan.service.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\DOMStorage\\titan.service.amazonbrowserapp.com" [ "Registry" ]
2019-10-03 19:09:39 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{10ECCE17-29B5-4880-A8F5-EAD298611484}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{801B440B-1EE3-49B0-B05D-2AB076D4E8CB}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{9BB31AD8-5DB2-459E-A901-DEA536F23BA4}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:40 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\Interface\\{BD51A48E-EB5F-4454-8774-EF962DF64546}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{FA6468D2-FAA4-4951-A53B-2A5CF9CC0A36}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\{28FF42B8-A0DA-4BE5-9B81-E26DD59B350A}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{BD6ECB00-7C4A-4F97-B425-44117F2A7AAE}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{E4ADC61E-D06A-4E0E-8582-78C809CC8450}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\TypeLib\\{EB2BEAEF-150C-4DE4-9D09-F16403C22769}" [ "Registry" ]
2019-10-03 19:09:41 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\SOFTWARE\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\SOFTWARE\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Wow6432Node\\\\Classes\\AppID\\REI_AxControl.DLL" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Features\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Features\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Classes\\Installer\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\A38C15B2D5649AE4C9CDE19DE50DA96C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\3DCCCD6BD02558446B24CF1C63EC213C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Installer\\UserData\\S-1-5-18\\Products\\3DCCCD6BD02558446B24CF1C63EC213C" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{2B51C83A-465D-4EA9-9CDC-1ED95ED09AC6}" [ "Registry" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Users\\Bohou?\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Users\\Bohou?\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\LocalService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\LocalService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Favorites\\Booking.com.url" [ "File" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Booking" , "C:\\Program Files\\Booking.com" [ "Folder" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Booking" , "C:\\Program Files\\Booking.com" [ "Folder" ]
2019-10-03 19:09:42 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "C:\\Windows\\Reimage.ini" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "C:\\Windows\\Reimage.ini" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "C:\\Users\\Bohou?\\Downloads\\ReimageRepair.exe" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "C:\\Users\\Bohou?\\Downloads\\ReimageRepair.exe" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "C:\\Program Files\\Reimage" [ "Folder" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "C:\\Program Files\\Reimage" [ "Folder" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine.1" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKLM\\Software\\Classes\\REI_AxControl.ReiEngine.1" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKLM\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKLM\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Reimage" , "HKCU\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Reimage" , "HKCU\\Software\\Reimage" [ "Registry" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "C:\\Users\\Bohou?\\AppData\\Roaming\\Microsoft\\Internet Explorer\\Quick Launch\\User Pinned\\TaskBar\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\AmazonAssistant.lnk" [ "File" ]
2019-10-03 19:09:43 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "Amazon Assistant Service" [ "Service" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "Amazon Assistant Service" [ "Service" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\System\\CurrentControlSet\\Services\\EventLog\\Application\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\System\\CurrentControlSet\\Services\\EventLog\\Application\\Amazon Assistant Service" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Classes\\CLSID\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Explorer\\Browser Helper Objects\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:46 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Stats\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Assistant" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Ext\\Settings\\{0ddcea2a-7b00-4349-8acb-af7ba6da251f}" [ "Registry" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\System32\\Tasks_Migrated\\App Explorer" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\System32\\Tasks_Migrated\\App Explorer" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Bohou?\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Bohou?\\Desktop\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\ProgramData\\Microsoft\\Windows\\Start Menu\\Programs\\App Explorer.lnk" [ "File" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Bohou?\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Bohou?\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Public\\Pokki" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Public\\Pokki" [ "Folder" ]
2019-10-03 19:09:47 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\NetworkService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Public\\App Explorer" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Public\\App Explorer" [ "Folder" ]
2019-10-03 19:09:49 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:51 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\ServiceProfiles\\LocalService\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:51 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Users\\Default\\AppData\\Local\\Host App Service" [ "Folder" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "C:\\Windows\\System32\\Tasks\\APP EXPLORER" [ "Task" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "C:\\Windows\\System32\\Tasks\\APP EXPLORER" [ "Task" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tree\\App Explorer" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}\u0000" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKLM\\SOFTWARE\\Microsoft\\Windows NT\\CurrentVersion\\Schedule\\TaskCache\\Tasks\\{FA7C90EC-65F6-48BE-A0C5-EABCA5906743}\u0000" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKCU\\Software\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKCU\\Software\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\Host App Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "Adware.pokki" , "HKCU\\Software\\App Host Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Quarantined: "Adware.pokki" , "HKCU\\Software\\App Host Service" [ "Registry" ]
2019-10-03 19:09:52 : <INFO> [Cleaning] Processing: "PUP.Optional.AmazonAssistant" , "C:\\Program Files (x86)\\Amazon\\Amazon Assistant" [ "Folder" ]
2019-10-03 19:16:46 : <INFO> [Button clicked] Quarantine menu item
2019-10-03 19:16:49 : <INFO> [Button clicked] Log files menu item
Re: reklama
program adwcleaner se zasekl poslal jsem co jsem našel
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: reklama
Pokud to bude možné, smažte vše, co nalezl. V opačném případě spusťte ADW znovu, ale v nouz. režimu a vše, co najde, smažte.
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: reklama
dnes už se to povedlo
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-04-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Not Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [126010 octets] - [03/10/2019 21:06:41]
AdwCleaner[S00].txt - [17864 octets] - [03/10/2019 21:07:58]
AdwCleaner[S01].txt - [11465 octets] - [03/10/2019 21:23:07]
AdwCleaner[S02].txt - [2131 octets] - [04/10/2019 11:08:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-04-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Not Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [126010 octets] - [03/10/2019 21:06:41]
AdwCleaner[S00].txt - [17864 octets] - [03/10/2019 21:07:58]
AdwCleaner[S01].txt - [11465 octets] - [03/10/2019 21:23:07]
AdwCleaner[S02].txt - [2131 octets] - [04/10/2019 11:08:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
Re: reklama
ještě jeden scan v nouzovém režimu , reklamy stále naskakují
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-04-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Not Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [126010 octets] - [03/10/2019 21:06:41]
AdwCleaner[S00].txt - [17864 octets] - [03/10/2019 21:07:58]
AdwCleaner[S01].txt - [11465 octets] - [03/10/2019 21:23:07]
AdwCleaner[S02].txt - [2131 octets] - [04/10/2019 11:08:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
# -------------------------------
# Malwarebytes AdwCleaner 7.4.1.0
# -------------------------------
# Build: 09-05-2019
# Database: 2019-10-03.2 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 10-04-2019
# Duration: 00:00:05
# OS: Windows 10 Home
# Cleaned: 4
# Failed: 2
***** [ Services ] *****
No malicious services cleaned.
***** [ Folders ] *****
Not Deleted C:\Program Files (x86)\Amazon\Amazon Assistant
***** [ Files ] *****
No malicious files cleaned.
***** [ DLL ] *****
No malicious DLLs cleaned.
***** [ WMI ] *****
No malicious WMI cleaned.
***** [ Shortcuts ] *****
No malicious shortcuts cleaned.
***** [ Tasks ] *****
No malicious tasks cleaned.
***** [ Registry ] *****
Deleted HKCU\Software\Classes\Software\APPDATALOW\SOFTWARE\AMAZON\Amazon1ButtonApp
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\F5415905096AA504A9FB967C7A138943
***** [ Chromium (and derivatives) ] *****
No malicious Chromium entries cleaned.
***** [ Chromium URLs ] *****
No malicious Chromium URLs cleaned.
***** [ Firefox (and derivatives) ] *****
No malicious Firefox entries cleaned.
***** [ Firefox URLs ] *****
No malicious Firefox URLs cleaned.
***** [ Preinstalled Software ] *****
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|BacKGround Agent
Deleted Preinstalled.ACERAOPFramework Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{4A37A114-702F-4055-A4B6-16571D4A5353}
Not Deleted Preinstalled.ACERAOPFramework Folder C:\Program Files (x86)\ACER\AOP FRAMEWORK
*************************
[+] Delete Tracing Keys
[+] Reset Winsock
*************************
AdwCleaner_Debug.log - [126010 octets] - [03/10/2019 21:06:41]
AdwCleaner[S00].txt - [17864 octets] - [03/10/2019 21:07:58]
AdwCleaner[S01].txt - [11465 octets] - [03/10/2019 21:23:07]
AdwCleaner[S02].txt - [2131 octets] - [04/10/2019 11:08:20]
########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: reklama
OK. Teď dejte logy FRST+Addition: https://forum.viry.cz/viewtopic.php?f=13&t=154679 .
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: reklama
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 02-10-2019
Ran by Bohouš (04-10-2019 18:46:46)
Running from C:\Users\Bohouš\Downloads
Windows 10 Home Version 1809 17763.737 (X64) (2019-01-12 13:14:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2889436172-48253687-2582613514-500 - Administrator - Disabled)
Bohouš (S-1-5-21-2889436172-48253687-2582613514-1001 - Administrator - Enabled) => C:\Users\Bohouš
DefaultAccount (S-1-5-21-2889436172-48253687-2582613514-503 - Limited - Disabled)
Guest (S-1-5-21-2889436172-48253687-2582613514-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2889436172-48253687-2582613514-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-5b51de30-df30-4dd9-93b9-2cbc39d96780) (Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Amazon Assistant (HKLM-x32\...\{0538B1C2-85C1-4ECC-BA77-61F537D81092}) (Version: 10.18.0221 - Amazon) <==== ATTENTION
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6623.01 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3602.01 - CyberLink Corp.)
Elf - Šílená dobrodružství (HKLM-x32\...\Elf - Šílená dobrodružství_is1) (Version: - Play, Inc.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-ea799b8b-6f85-417e-85ba-bff80ee0a7ad) (Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-d80fbd23-db4b-48a9-84e7-036de3c8b0d1) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-11acefa0-c327-4eaa-9975-c3e5ca9a5559) (Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-9d27480b-2632-4306-bd42-4b67ad54b4d0) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Opera Stable 63.0.3368.94 (HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Opera 63.0.3368.94) (Version: 63.0.3368.94 - Opera Software)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-1de450b5-f58d-43ac-a261-2a6bbd2dc4c0) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Rory's Restaurant (HKLM-x32\...\WTA-a07fbcd5-17d5-4c94-b058-c99573b5d0d5) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-1948085b-40b6-41f8-a724-98ced6e73aae) (Version: 3.0.2.126 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.15 (HKLM-x32\...\Skype_is1) (Version: 8.15 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-14] (Acer Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.149.100.0_x86__kgqvnymyfvs32 [2019-10-03] (king.com)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-04-15] (AMZN Mobile LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-08-06] (MAGIX)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-13] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Bohouš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-10-03 19:55 - 2019-10-03 19:55 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{00158E66-DB9A-426E-9D24-6D103F13DB1A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{93140AF5-7AA0-4D93-A91B-DCAC86A72099}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{7AF7A430-4352-4756-B931-ECBFEC41E46A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1ED4194A-7AD1-4D61-ADA5-0D84310D3161}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{55B03420-27E4-40ED-ACC4-B63535FB869F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F5DF5E6C-3399-4DF9-8FB6-3F68BEEF8346}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3563E760-0405-499B-B93B-AE6A09F3FFFE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{8B4A3CE6-0BC8-41D8-AAEC-F850EE4308C0}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{F19C0B41-B41D-4636-993A-9B0073B118D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{BE019DF7-0D2B-4A0B-9E96-D31BF38D8EF7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{835D4ECD-2704-4BC2-AEAD-23A2234EE502}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{C38CBC46-4B38-474A-882D-EEA0A25ADA55}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{4491A09B-962B-4DEB-8EF5-04965F0A9486}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{F123BE20-B0E4-4FDD-89E5-72B5906688F1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9D645B37-3168-4669-BFA6-1D2383457971}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{D8B94443-7004-44DD-A71C-5BB4E8FE65C6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{384CE4A9-83B2-4927-B3CD-2F084F1A03A0}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9E07CC85-CD8D-41D3-9F96-2A95B3294E66}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{77B6F4B1-1485-462E-8D8F-4CA05271A36B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{CDDF75BA-8BD6-428E-BE85-6EE69EC2F913}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{64A81581-B775-4B4E-94E7-B568F190C76E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1500A6EE-1BEE-4DD3-ADB9-309EC65A3C3B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{310625C6-056E-44F9-80E7-B4796B3F6866}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{31651EC8-77BE-4EAE-AF57-E7DF13A02AF4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A05378DB-F483-467A-8E48-8A23B87C4582}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{EB139087-BA88-4DA4-AD6D-5CFE23C756F2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{65D0AC94-9E03-4580-9A53-AD22856A058E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C3465365-BEB0-4BF2-B40D-469C8084919F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C4461638-58E8-4537-ACEF-3D0B029C46B5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{13BFC0EA-B4B9-483E-9A35-62E2FD42E44D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{B00F5C8D-BBE2-41F4-BB16-176573F9A377}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{B91F4FAD-3EE7-42DE-A9AA-9B4D8758313D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9DFA67D9-1D44-442F-997C-5FED64B4D99F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{2CBD19E7-389F-47DD-9045-A0386096D5E6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{FB619021-D3C6-4B8E-8E6E-6940402C2B45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{812E25A7-5A28-4684-995D-C81A363D5753}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FB0146DF-6793-45AC-8763-BDAB19DBF9EE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{92550CF9-FA58-4DD1-93C4-D4A742827B3B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{DD8B417C-9472-4516-AFFE-397C34A1B17C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{35C20F44-731E-458E-91FA-86A7990EE38F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32DCA067-70E4-4CCE-A3FC-B0EA8D053A73}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FD1DBC1-9BA4-4BC0-B1B1-99579028B2DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Codecs (Whitelisted) ==================
==================== Restore Points =========================
18-08-2019 11:01:44 Windows Update
01-09-2019 19:30:03 Naplánovaný kontrolní bod
09-09-2019 18:36:38 Naplánovaný kontrolní bod
16-09-2019 18:45:03 Windows Update
04-10-2019 12:17:57 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2019 12:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656
Error: (10/04/2019 12:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15656
Error: (10/04/2019 12:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/04/2019 12:05:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Bohouš\Downloads\adwcleaner_7.4.1.exe ; Popis = AdwCleaner_BeforeCleaning_04/10/2019_12:05:36; Chyba = 0x8007043c).
Error: (10/04/2019 11:09:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (10/04/2019 11:08:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Amazon Assistant Service since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (10/03/2019 09:24:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (10/03/2019 09:23:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Amazon Assistant Service since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
System errors:
=============
Error: (10/04/2019 06:43:24 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:43:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:43:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:43:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:41:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:35:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VDKNTO2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VDKNTO2\Bohouš (SID: S-1-5-21-2889436172-48253687-2582613514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/04/2019 12:24:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VDKNTO2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VDKNTO2\Bohouš (SID: S-1-5-21-2889436172-48253687-2582613514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/04/2019 12:19:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VDKNTO2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VDKNTO2\Bohouš (SID: S-1-5-21-2889436172-48253687-2582613514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-09-16 19:34:20.294
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {51927E61-3609-43B2-BB77-90D6A2792291}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-19 19:07:19.440
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C2420373-AEA0-4014-81CB-47BA37337C1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-13 18:43:34.190
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {38C03A32-F9C3-4B9F-8ED8-17CB16962A1F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-10 17:52:57.077
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {22B05B9D-1EAD-4910-95C9-C0336A430AB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-09 19:36:29.684
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4A313842-EC42-4FDA-BE08-A74DD5690930}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-15 19:27:59.385
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.1044.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-07-10 19:03:06.905
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.795.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chybyři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře.
Date: 2019-07-08 18:05:01.243
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.502.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070670
Popis chyby :Pro sadu aktualizací nebylo nalezeno správné pořadí instalace.
Date: 2019-07-08 18:05:01.242
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.502.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070670
Popis chyby :Pro sadu aktualizací nebylo nalezeno správné pořadí instalace.
Date: 2019-07-08 18:05:01.242
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.502.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070670
Popis chyby :Pro sadu aktualizací nebylo nalezeno správné pořadí instalace.
==================== Memory info ===========================
BIOS: American Megatrends Inc. R01-A2 07/14/2015
Motherboard: Acer Aspire XC-704
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 4011.37 MB
Available physical RAM: 1287.23 MB
Total Virtual: 4715.37 MB
Available Virtual: 1920.12 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:465.46 GB) (Free:407.77 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.46 GB) (Free:461.48 GB) NTFS
\\?\Volume{697e8eb6-84cd-47d6-a803-27e480ce538a}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{549cecbf-0ffc-46e3-b6cc-8fcb1892f3ea}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EA937B04)
Partition: GPT.
==================== End of Addition.txt ============================
Ran by Bohouš (04-10-2019 18:46:46)
Running from C:\Users\Bohouš\Downloads
Windows 10 Home Version 1809 17763.737 (X64) (2019-01-12 13:14:16)
Boot Mode: Normal
==========================================================
==================== Accounts: =============================
Administrator (S-1-5-21-2889436172-48253687-2582613514-500 - Administrator - Disabled)
Bohouš (S-1-5-21-2889436172-48253687-2582613514-1001 - Administrator - Enabled) => C:\Users\Bohouš
DefaultAccount (S-1-5-21-2889436172-48253687-2582613514-503 - Limited - Disabled)
Guest (S-1-5-21-2889436172-48253687-2582613514-501 - Limited - Disabled)
WDAGUtilityAccount (S-1-5-21-2889436172-48253687-2582613514-504 - Limited - Disabled)
==================== Security Center ========================
(If an entry is included in the fixlist, it will be removed.)
AV: Avast Antivirus (Enabled - Up to date) {8EA8924E-BC81-DC44-8BB0-8BAE75D86EBF}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Avast Antivirus (Enabled - Up to date) {35C973AA-9ABB-D3CA-B100-B0DC0E5F2402}
==================== Installed Programs ======================
(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
. . . (HKLM\...\{DB52A2D0-CAA1-4ED1-B122-29E7EDDE187F}) (Version: 2.1.28.3 - Intel) Hidden
. . . (HKLM-x32\...\{06DA421D-EE23-487D-878F-F0AF97EF69AD}) (Version: 2.6.1.4 - Intel) Hidden
12 Labours of Hercules III: Girl Power (HKLM-x32\...\WTA-5b51de30-df30-4dd9-93b9-2cbc39d96780) (Version: 3.0.2.118 - WildTangent) Hidden
abFiles (HKLM-x32\...\{13885028-098C-4799-9B71-27DAC96502D5}) (Version: 2.03.2003 - Acer Incorporated)
abMusic (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 3.01.2003.6 - Acer Incorporated)
abPhoto (HKLM-x32\...\{B5AD89F2-03D3-4206-8487-018298007DD0}) (Version: 4.00.2001.1 - Acer Incorporated)
Adobe Flash Player 21 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 21.0.0.213 - Adobe Systems Incorporated)
Amazon Assistant (HKLM-x32\...\{0538B1C2-85C1-4ECC-BA77-61F537D81092}) (Version: 10.18.0221 - Amazon) <==== ATTENTION
Avast Free Antivirus (HKLM-x32\...\Avast Antivirus) (Version: 19.8.2393 - AVAST Software)
Bonjour (HKLM\...\{B91110FB-33B4-468B-90C2-4D5E8AE3FAE1}) (Version: 2.0.2.0 - Apple Inc.)
Booking (HKLM-x32\...\{13D4CD54-EA09-4FDB-B979-8B2BC0F020CA}_is1) (Version: 2.0.701 - Booking)
CyberLink PhotoDirector 5 (HKLM-x32\...\InstallShield_{5A454EC5-217A-42a5-8CE1-2DDEC4E70E01}) (Version: 5.0.6623.01 - CyberLink Corp.)
CyberLink PowerDirector 12 (HKLM-x32\...\InstallShield_{E1646825-D391-42A0-93AA-27FA810DA093}) (Version: 12.0.3602.01 - CyberLink Corp.)
Elf - Šílená dobrodružství (HKLM-x32\...\Elf - Šílená dobrodružství_is1) (Version: - Play, Inc.)
Foxit PhantomPDF (HKLM-x32\...\{A4023BDF-82D5-412D-9D58-8C2819EBFE2E}) (Version: 7.0.410.326 - Foxit Software Inc.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 77.0.3865.90 - Google LLC)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.34.11 - Google LLC) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.99.0 - Google Inc.) Hidden
Home Makeover (HKLM-x32\...\WTA-ea799b8b-6f85-417e-85ba-bff80ee0a7ad) (Version: 3.0.2.59 - WildTangent) Hidden
Intel(R) Chipset Device Software (HKLM-x32\...\{60c073df-e736-4210-9c3a-5fc2b651cef3}) (Version: 10.1.1.7 - Intel(R) Corporation) Hidden
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 20.19.15.4703 - Intel Corporation)
Intel(R) Trusted Execution Engine (HKLM\...\{176E2755-0A17-42C6-88E2-192AB2131278}) (Version: 2.0.0.1067 - Intel Corporation)
Intel® Driver Update Utility (HKLM-x32\...\{fe2eebd3-ee15-4538-bb19-b627e3f2a911}) (Version: 2.6.1.4 - Intel)
Intel® Security Assist (HKLM-x32\...\{84DB01CB-7EB7-4261-9249-99A32768D991}) (Version: 1.0.0.523 - Intel Corporation)
Jewel Match 3 (HKLM-x32\...\WTA-d80fbd23-db4b-48a9-84e7-036de3c8b0d1) (Version: 2.2.0.97 - WildTangent) Hidden
Jewel Match Snowscapes (HKLM-x32\...\WTA-11acefa0-c327-4eaa-9975-c3e5ca9a5559) (Version: 3.0.2.118 - WildTangent) Hidden
Magic Academy (HKLM-x32\...\WTA-9d27480b-2632-4306-bd42-4b67ad54b4d0) (Version: 2.2.0.97 - WildTangent) Hidden
Microsoft OneDrive (HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\OneDriveSetup.exe) (Version: 19.152.0801.0009 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.24215 (HKLM-x32\...\{e2803110-78b3-4664-a479-3611a381656a}) (Version: 14.0.24215.1 - Microsoft Corporation)
Opera Stable 63.0.3368.94 (HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Opera 63.0.3368.94) (Version: 63.0.3368.94 - Opera Software)
Polar Bowler 1st Frame (HKLM-x32\...\WTA-1de450b5-f58d-43ac-a261-2a6bbd2dc4c0) (Version: 3.0.2.59 - WildTangent) Hidden
Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 10.0.10125.31213 - Realtek Semiconductor Corp.)
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 10.1.505.2015 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7525 - Realtek Semiconductor Corp.)
Rory's Restaurant (HKLM-x32\...\WTA-a07fbcd5-17d5-4c94-b058-c99573b5d0d5) (Version: 3.0.2.126 - WildTangent) Hidden
Runefall (HKLM-x32\...\WTA-1948085b-40b6-41f8-a724-98ced6e73aae) (Version: 3.0.2.126 - WildTangent) Hidden
Skype Click to Call (HKLM-x32\...\{873F8E7C-10E6-449F-BD7E-5FBA7C8E1C9B}) (Version: 8.5.0.9167 - Microsoft Corporation)
Skype verze 8.15 (HKLM-x32\...\Skype_is1) (Version: 8.15 - Skype Technologies S.A.)
Update for Windows 10 for x64-based Systems (KB4023057) (HKLM\...\{9CBA860F-7437-4A75-941C-8EF559F2D145}) (Version: 2.52.0.0 - Microsoft Corporation)
UpdateAssistant (HKLM-x32\...\{7C070E60-8769-4763-BBD8-7537A28A60D4}) (Version: 1.10.0.0 - Microsoft Corporation) Hidden
Windows 10 Update Assistant (HKLM-x32\...\{D5C69738-B486-402E-85AC-2456D98A64E4}) (Version: 1.4.9200.22350 - Microsoft Corporation)
Windows Setup Remediations (x64) (KB4023057) (HKLM\...\{5534e02f-0f5d-40dd-ba92-bea38d22384d}.sdb) (Version: - )
Packages:
=========
Acer Explorer -> C:\Program Files\WindowsApps\AcerIncorporated.AcerExplorer_2.0.3007.0_x86__48frkmn4z8aw4 [2016-07-14] (Acer Incorporated)
Candy Crush Soda Saga -> C:\Program Files\WindowsApps\king.com.CandyCrushSodaSaga_1.149.100.0_x86__kgqvnymyfvs32 [2019-10-03] (king.com)
Kindle -> C:\Program Files\WindowsApps\AMZNMobileLLC.KindleforWindows8_2.1.0.2_neutral__stfe6vwa9jnbp [2016-04-15] (AMZN Mobile LLC)
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x64__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Advertising SDK for XAML -> C:\Program Files\WindowsApps\Microsoft.Advertising.Xaml_10.1811.1.0_x86__8wekyb3d8bbwe [2019-01-21] (Microsoft Corporation) [MS Ad]
Microsoft Solitaire Collection -> C:\Program Files\WindowsApps\Microsoft.MicrosoftSolitaireCollection_4.4.8204.0_x64__8wekyb3d8bbwe [2019-08-30] (Microsoft Studios) [MS Ad]
Microsoft Zprávy -> C:\Program Files\WindowsApps\Microsoft.BingNews_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
MSN Money -> C:\Program Files\WindowsApps\Microsoft.BingFinance_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
MSN Počasí -> C:\Program Files\WindowsApps\Microsoft.BingWeather_4.32.12463.0_x64__8wekyb3d8bbwe [2019-09-16] (Microsoft Corporation) [MS Ad]
MSN Sports -> C:\Program Files\WindowsApps\Microsoft.BingSports_4.31.11905.0_x64__8wekyb3d8bbwe [2019-08-06] (Microsoft Corporation) [MS Ad]
Music Maker Jam -> C:\Program Files\WindowsApps\MAGIX.MusicMakerJam_3.0.0.0_x64__a2t3txkz9j1jw [2019-08-06] (MAGIX)
Pošta a Kalendář -> C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_16005.12026.20218.0_x64__8wekyb3d8bbwe [2019-09-27] (Microsoft Corporation) [MS Ad]
Twitter -> C:\Program Files\WindowsApps\9E2F88E3.Twitter_6.1.4.1000_neutral__wgeqdkkx372wm [2018-09-13] (Twitter Inc.)
==================== Custom CLSID (Whitelisted): ==========================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
ShellIconOverlayIdentifiers: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers1: [Foxit_ConvertToPDF] -> {C5269811-4A29-4818-A4BB-111F9FC63A5F} => C:\Program Files (x86)\Foxit PhantomPDF\plugins\ConvertToPDFShellExtension_x64.dll [2015-01-28] (Foxit Software Incorporated -> Foxit Software Inc.)
ContextMenuHandlers3: [00asw] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
ContextMenuHandlers5: [igfxDTCM] -> {9B5F5829-A529-4B12-814A-E81BCB8D93FC} => C:\WINDOWS\system32\igfxDTCM.dll [2017-07-27] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShell.dll [2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
==================== Shortcuts & WMI ========================
(The entries could be listed to be restored or removed.)
ShortcutWithArgument: C:\Users\Bohouš\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\d249d9ddd424b688\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory=Default
==================== Loaded Modules (Whitelisted) ==============
2019-10-03 19:55 - 2019-10-03 19:55 - 001743360 ____T (bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\bookingDesktopApppdate.dll
==================== Alternate Data Streams (Whitelisted) =========
(If an entry is included in the fixlist, only the ADS will be removed.)
==================== Safe Mode (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"
==================== Association (Whitelisted) ===============
(If an entry is included in the fixlist, the registry item will be restored to default or removed.)
==================== Internet Explorer trusted/restricted ===============
(If an entry is included in the fixlist, it will be removed from the registry.)
==================== Hosts content: ===============================
(If needed Hosts: directive could be included in the fixlist to reset Hosts.)
2015-07-10 13:04 - 2015-07-10 13:02 - 000000824 _____ C:\WINDOWS\system32\drivers\etc\hosts
==================== Other Areas ============================
(Currently there is no automatic fix for this section.)
HKLM\System\CurrentControlSet\Control\Session Manager\Environment\\Path -> C:\Program Files (x86)\Intel\TXE Components\TCS\;C:\Program Files\Intel\TXE Components\TCS\;%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SYSTEMROOT%\System32\WindowsPowerShell\v1.0\;C:\Program Files\Intel\TXE Components\DAL\;C:\Program Files (x86)\Intel\TXE Components\DAL\;C:\Program Files\Intel\TXE Components\IPT\;C:\Program Files (x86)\Intel\TXE Components\IPT\;%SYSTEMROOT%\System32\OpenSSH\
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\web\wallpaper\Acer01.jpg
DNS Servers: 192.168.0.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.
==================== MSCONFIG/TASK MANAGER disabled items ==
If an entry is included in the fixlist, it will be removed.
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\StartupApproved\Run: => "BingSvc"
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\StartupApproved\Run: => "OneDrive"
==================== FirewallRules (Whitelisted) ===============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
FirewallRules: [{00158E66-DB9A-426E-9D24-6D103F13DB1A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{93140AF5-7AA0-4D93-A91B-DCAC86A72099}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{7AF7A430-4352-4756-B931-ECBFEC41E46A}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1ED4194A-7AD1-4D61-ADA5-0D84310D3161}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{55B03420-27E4-40ED-ACC4-B63535FB869F}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{F5DF5E6C-3399-4DF9-8FB6-3F68BEEF8346}] => (Allow) C:\Program Files (x86)\Bonjour\mDNSResponder.exe (Apple Inc. -> Apple Inc.)
FirewallRules: [{3563E760-0405-499B-B93B-AE6A09F3FFFE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{8B4A3CE6-0BC8-41D8-AAEC-F850EE4308C0}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{F19C0B41-B41D-4636-993A-9B0073B118D2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{BE019DF7-0D2B-4A0B-9E96-D31BF38D8EF7}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{835D4ECD-2704-4BC2-AEAD-23A2234EE502}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{C38CBC46-4B38-474A-882D-EEA0A25ADA55}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{4491A09B-962B-4DEB-8EF5-04965F0A9486}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{F123BE20-B0E4-4FDD-89E5-72B5906688F1}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9D645B37-3168-4669-BFA6-1D2383457971}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{D8B94443-7004-44DD-A71C-5BB4E8FE65C6}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{384CE4A9-83B2-4927-B3CD-2F084F1A03A0}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9E07CC85-CD8D-41D3-9F96-2A95B3294E66}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{77B6F4B1-1485-462E-8D8F-4CA05271A36B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{CDDF75BA-8BD6-428E-BE85-6EE69EC2F913}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{64A81581-B775-4B4E-94E7-B568F190C76E}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{1500A6EE-1BEE-4DD3-ADB9-309EC65A3C3B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{310625C6-056E-44F9-80E7-B4796B3F6866}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{31651EC8-77BE-4EAE-AF57-E7DF13A02AF4}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{A05378DB-F483-467A-8E48-8A23B87C4582}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{EB139087-BA88-4DA4-AD6D-5CFE23C756F2}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{65D0AC94-9E03-4580-9A53-AD22856A058E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\Movie\PowerDVD.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C3465365-BEB0-4BF2-B40D-469C8084919F}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12ML.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{C4461638-58E8-4537-ACEF-3D0B029C46B5}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD12\PowerDVD12.exe (CyberLink Corp. -> CyberLink Corp.)
FirewallRules: [{13BFC0EA-B4B9-483E-9A35-62E2FD42E44D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{B00F5C8D-BBE2-41F4-BB16-176573F9A377}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\WindowsUpnp.exe (Acer Incorporated -> acer)
FirewallRules: [{B91F4FAD-3EE7-42DE-A9AA-9B4D8758313D}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{9DFA67D9-1D44-442F-997C-5FED64B4D99F}] => (Allow) C:\Program Files (x86)\Acer\abPhoto\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{2CBD19E7-389F-47DD-9045-A0386096D5E6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{FB619021-D3C6-4B8E-8E6E-6940402C2B45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{812E25A7-5A28-4684-995D-C81A363D5753}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{FB0146DF-6793-45AC-8763-BDAB19DBF9EE}] => (Allow) C:\Program Files (x86)\Acer\abMusic\DMCDaemon.exe (Acer Incorporated -> acer)
FirewallRules: [{92550CF9-FA58-4DD1-93C4-D4A742827B3B}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{DD8B417C-9472-4516-AFFE-397C34A1B17C}] => (Allow) C:\Program Files (x86)\Acer\abMusic\WindowsUpnpMV.exe (Acer Incorporated -> acer)
FirewallRules: [{35C20F44-731E-458E-91FA-86A7990EE38F}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{32DCA067-70E4-4CCE-A3FC-B0EA8D053A73}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe (Skype Software Sarl -> Skype Technologies S.A.)
FirewallRules: [{5FD1DBC1-9BA4-4BC0-B1B1-99579028B2DE}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
==================== Codecs (Whitelisted) ==================
==================== Restore Points =========================
18-08-2019 11:01:44 Windows Update
01-09-2019 19:30:03 Naplánovaný kontrolní bod
09-09-2019 18:36:38 Naplánovaný kontrolní bod
16-09-2019 18:45:03 Windows Update
04-10-2019 12:17:57 Windows Update
==================== Faulty Device Manager Devices =============
==================== Event log errors: =========================
Application errors:
==================
Error: (10/04/2019 12:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledSPRetry 15656
Error: (10/04/2019 12:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: m->NextScheduledEvent 15656
Error: (10/04/2019 12:31:19 PM) (Source: Bonjour Service) (EventID: 100) (User: )
Description: Task Scheduling Error: Continuously busy for more than a second
Error: (10/04/2019 12:05:39 PM) (Source: System Restore) (EventID: 8193) (User: )
Description: Vytvoření bodu obnovení se nezdařilo (Proces = C:\Users\Bohouš\Downloads\adwcleaner_7.4.1.exe ; Popis = AdwCleaner_BeforeCleaning_04/10/2019_12:05:36; Chyba = 0x8007043c).
Error: (10/04/2019 11:09:37 AM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (10/04/2019 11:08:56 AM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Amazon Assistant Service since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
Error: (10/03/2019 09:24:37 PM) (Source: VSS) (EventID: 8193) (User: )
Description: Chyba služby Stínová kopie svazků: Při volání rutiny QueryFullProcessImageNameW došlo k neočekávané chybě. hr= 0x80070006, Neplatný popisovač.
.
Operace:
Spouštění asynchronní operace
Kontext:
Aktuální stav: DoSnapshotSet
Error: (10/03/2019 09:23:55 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 513) (User: )
Description: Služba Šifrování selhala při volání OnIdentity() v objektu System Writer.
Details:
AddWin32ServiceFiles: Unable to back up image of service Amazon Assistant Service since QueryServiceConfig API failed
System Error:
Systém nemůže nalézt uvedený soubor.
.
System errors:
=============
Error: (10/04/2019 06:43:24 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:43:20 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:43:17 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:43:13 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:41:40 PM) (Source: Disk) (EventID: 7) (User: )
Description: Zařízení \Device\Harddisk0\DR0 má chybný blok.
Error: (10/04/2019 06:35:25 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VDKNTO2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VDKNTO2\Bohouš (SID: S-1-5-21-2889436172-48253687-2582613514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/04/2019 12:24:41 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VDKNTO2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VDKNTO2\Bohouš (SID: S-1-5-21-2889436172-48253687-2582613514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Error: (10/04/2019 12:19:35 PM) (Source: DCOM) (EventID: 10016) (User: DESKTOP-VDKNTO2)
Description: Nastavení oprávnění specifické pro aplikaci neuděluje oprávnění Místní Aktivace pro serverovou aplikaci COM s identifikátorem CLSID
{2593F8B9-4EAF-457C-B68A-50F6B8EA6B54}
a APPID
{15C20B67-12E7-4BB6-92BB-7AFF07997402}
uživateli DESKTOP-VDKNTO2\Bohouš (SID: S-1-5-21-2889436172-48253687-2582613514-1001) z adresy LocalHost (pomocí LRPC) běžící v kontejneru aplikací Není k dispozici – SID (Není k dispozici). Toto oprávnění zabezpečení lze změnit pomocí nástroje správy Služba komponent.
Windows Defender:
===================================
Date: 2019-09-16 19:34:20.294
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {51927E61-3609-43B2-BB77-90D6A2792291}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-19 19:07:19.440
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {C2420373-AEA0-4014-81CB-47BA37337C1D}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-08-13 18:43:34.190
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {38C03A32-F9C3-4B9F-8ED8-17CB16962A1F}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-10 17:52:57.077
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {22B05B9D-1EAD-4910-95C9-C0336A430AB3}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-06-09 19:36:29.684
Description:
Prohledávání Antivirová ochrana v programu Windows Defender bylo zastaveno před dokončením.
ID prohledávání: {4A313842-EC42-4FDA-BE08-A74DD5690930}
Typ prohledávání: Antimalwarový program
Parametry prohledávání: Rychlé prohledávání
Uživatel: NT AUTHORITY\SYSTEM
Date: 2019-07-15 19:27:59.385
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.1044.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. Date: 2019-07-10 19:03:06.905
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.297.795.0
Zdroj aktualizace: Server Microsoft Update
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\SYSTEM
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80240016
Popis chyby
ři zjišťování aktualizací došlo k neočekávaným potížím. Informace o instalaci nebo řešení potíží s aktualizacemi naleznete v nápovědě a podpoře. Date: 2019-07-08 18:05:01.243
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.502.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070670
Popis chyby :Pro sadu aktualizací nebylo nalezeno správné pořadí instalace.
Date: 2019-07-08 18:05:01.242
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.502.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antispywarový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070670
Popis chyby :Pro sadu aktualizací nebylo nalezeno správné pořadí instalace.
Date: 2019-07-08 18:05:01.242
Description:
Prohledávání Antivirová ochrana v programu Windows Defender zjistilo chybu při pokusu o aktualizaci podpisů.
Nová verze podpisu:
Předchozí verze podpisu: 1.295.502.0
Zdroj aktualizace: Centrum společnosti Microsoft pro ochranu před škodlivým softwarem
Typ podpisu: Antivirový program
Typ aktualizace: Úplné
Uživatel: NT AUTHORITY\NETWORK SERVICE
Aktuální verze modulu:
Předchozí verze modulu: 1.1.16100.4
Kód chyby: 0x80070670
Popis chyby :Pro sadu aktualizací nebylo nalezeno správné pořadí instalace.
==================== Memory info ===========================
BIOS: American Megatrends Inc. R01-A2 07/14/2015
Motherboard: Acer Aspire XC-704
Processor: Intel(R) Celeron(R) CPU N3050 @ 1.60GHz
Percentage of memory in use: 67%
Total physical RAM: 4011.37 MB
Available physical RAM: 1287.23 MB
Total Virtual: 4715.37 MB
Available Virtual: 1920.12 MB
==================== Drives ================================
Drive c: (Acer) (Fixed) (Total:465.46 GB) (Free:407.77 GB) NTFS
Drive d: (DATA) (Fixed) (Total:465.46 GB) (Free:461.48 GB) NTFS
\\?\Volume{697e8eb6-84cd-47d6-a803-27e480ce538a}\ (Recovery) (Fixed) (Total:0.49 GB) (Free:0.1 GB) NTFS
\\?\Volume{549cecbf-0ffc-46e3-b6cc-8fcb1892f3ea}\ (ESP) (Fixed) (Total:0.09 GB) (Free:0.04 GB) FAT32
==================== MBR & Partition Table ==================
========================================================
Disk: 0 (Size: 931.5 GB) (Disk ID: EA937B04)
Partition: GPT.
==================== End of Addition.txt ============================
Re: reklama
Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 02-10-2019
Ran by Bohouš (administrator) on DESKTOP-VDKNTO2 (Acer Aspire XC-704) (04-10-2019 18:41:54)
Running from C:\Users\Bohouš\Downloads
Loaded Profiles: Bohouš (Available Profiles: Bohouš)
Platform: Windows 10 Home Version 1809 17763.737 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\WINDOWS\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel(R) Software Development Products -> ) C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera_crashreporter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Run: [BingSvc] => C:\Users\Bohouš\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-10-03] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CCA6876-C10F-468A-B03E-BA7ADD83AB99} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
Task: {1560446C-747F-4C67-AA9D-A07667181676} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {2265F463-8687-45BF-95CC-DA71C088C94F} - System32\Tasks\Opera scheduled Autoupdate 1565097187 => C:\Users\Bohouš\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-09-18] (Opera Software AS -> Opera Software)
Task: {3CFD1DEF-542C-40E6-ABF8-7C50B87A8125} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F902E77-B300-486D-8C04-5477AB4A17E0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {4827049C-5273-4DF0-B457-8479653A45CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {5B7153B8-FA3B-40AC-A1F9-A7D24E9B3CF2} - System32\Tasks\{815FB0FF-B1C1-44E2-AB69-CE9CC76C35BD} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/cs/go/help.faq.installer?LastError=1618
Task: {62640E22-2AC4-4352-810D-CF5775486AC9} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
Task: {7AAD027B-0ED3-44E5-99C5-61DD51335AB1} - System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => C:\WINDOWS\system32\pcalua.exe -a E:\start.exe -d E:\
Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {959592A4-6734-4F99-A6A1-AEE8EEA19F35} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {967B2BAC-8D4F-4236-A3EB-04254A6D7F4D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {B4361798-F30C-48DB-B4A6-246847EC62CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {B69B4BC9-BF1D-42A0-A26E-4FBFA1148F6A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {D6ECEC41-87B3-4422-A550-4DD1E3E3674B} - System32\Tasks\{B7B9E57E-A9A9-4405-AE37-2F5E82CF5DD8} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/cs/go/help.faq.installer?LastError=1618
Task: {EF603418-C23A-4F51-A357-CD559C03B4F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d994c949-e4e2-481c-a4cc-bb76e7c2e4b8}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> DefaultScope {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
FireFox:
========
FF DefaultProfile: wm41p2os.default
FF ProfilePath: C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default [2019-10-03]
FF Homepage: Mozilla\Firefox\Profiles\wm41p2os.default -> hxxps://www.seznam.cz/
FF Extension: (Bing Search) - C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-04-15] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\Extensions\langpack-cs@firefox.mozilla.org [2016-04-15] [Legacy] [not signed]
FF SearchPlugin: C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml [2016-04-15]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-10-03] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-10-03] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-10-03] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-10-03] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default [2019-10-04]
CHR Extension: (Prezentace) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (YouTube) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Tabulky) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Skype) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-27]
CHR Profile: C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-02]
CHR Profile: C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2017-07-27] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-08] (CyberLink Corp. -> )
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7408072 2017-07-27] (Intel(R) pGFX -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-04 18:41 - 2019-10-04 18:44 - 000022575 _____ C:\Users\Bohouš\Downloads\FRST.txt
2019-10-04 18:41 - 2019-10-04 18:43 - 000000000 ____D C:\FRST
2019-10-04 18:39 - 2019-10-04 18:39 - 001615360 _____ (Farbar) C:\Users\Bohouš\Downloads\FRST64.exe
2019-10-04 12:01 - 2019-10-04 12:05 - 000108838 _____ C:\WINDOWS\ntbtlog.txt
2019-10-04 12:01 - 2019-10-04 12:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-03 21:58 - 2019-10-03 21:58 - 004482451 _____ C:\Users\Bohouš\Downloads\bombic_full.zip
2019-10-03 21:06 - 2019-10-03 21:09 - 000000000 ____D C:\AdwCleaner
2019-10-03 21:06 - 2019-10-03 21:06 - 007636680 _____ (Malwarebytes) C:\Users\Bohouš\Downloads\adwcleaner_7.4.1.exe
2019-10-03 20:27 - 2019-10-03 20:27 - 001222144 _____ C:\Users\Bohouš\Downloads\RSITx64.exe
2019-10-03 20:25 - 2019-10-03 20:25 - 000000000 ____D C:\rsit
2019-10-03 20:25 - 2019-10-03 20:25 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-10-03 20:24 - 2019-10-03 20:24 - 001107968 _____ C:\Users\Bohouš\Downloads\RSIT.exe
2019-10-03 20:13 - 2019-10-03 20:13 - 000000000 ____D C:\Users\Bohouš\AppData\Local\CEF
2019-10-03 20:03 - 2019-10-03 20:03 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-10-03 20:03 - 2019-10-03 20:03 - 000002080 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-10-03 19:59 - 2019-10-04 18:35 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-03 19:59 - 2019-10-03 19:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-10-03 19:57 - 2019-10-03 19:59 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-03 19:57 - 2019-10-03 19:59 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-03 19:57 - 2019-10-03 19:57 - 000590136 _____ (Reimage) C:\Users\Bohouš\Downloads\ReimageRepair (1).exe
2019-10-03 19:57 - 2019-10-03 19:57 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-10-03 19:57 - 2019-10-03 19:56 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-03 19:57 - 2019-10-03 19:55 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-03 19:57 - 2019-10-03 19:55 - 000276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-03 19:57 - 2019-10-03 19:55 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-03 19:55 - 2019-10-03 19:55 - 000003548 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2019-10-03 19:55 - 2019-10-03 19:55 - 000003424 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2019-10-03 19:55 - 2019-10-03 19:55 - 000003268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2019-10-03 19:55 - 2019-10-03 19:55 - 000003256 _____ C:\Users\Public\Desktop\Booking.lnk
2019-10-03 19:55 - 2019-10-03 19:55 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\Booking
2019-10-03 19:52 - 2019-10-03 19:52 - 000000000 ____D C:\Program Files\AVAST Software
2019-10-03 19:51 - 2019-10-03 19:57 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-03 19:51 - 2019-10-03 19:51 - 002599473 _____ (AIMP DevTeam) C:\Users\Bohouš\Downloads\setup.exe
2019-10-03 19:50 - 2019-10-03 19:50 - 002324328 _____ ( ) C:\Users\Bohouš\Downloads\setup_3411195454.exe
2019-10-03 19:32 - 2019-10-03 19:33 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-03 19:32 - 2019-10-03 19:32 - 001151544 _____ (Google LLC) C:\Users\Bohouš\Downloads\ChromeSetup (2).exe
2019-09-16 19:16 - 2019-09-04 21:44 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-16 19:16 - 2019-09-04 21:44 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-16 19:04 - 2019-09-16 19:04 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 020817408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 005597808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002279296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001764352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-16 19:04 - 2019-09-16 19:04 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 022124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 009679672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 006310064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 004353016 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 003821728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 002779488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001899152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001864192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001702096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-16 19:03 - 2019-09-16 19:03 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001484592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-16 19:03 - 2019-09-16 19:03 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000606088 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000585184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000515960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000505128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 007690648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001294280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-16 19:02 - 2019-09-16 19:02 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-16 19:02 - 2019-09-16 19:02 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000774192 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-04 18:45 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-04 18:39 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-04 18:34 - 2016-11-07 18:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-10-04 18:34 - 2016-04-15 19:05 - 000000000 __SHD C:\Users\Bohouš\IntelGraphicsProfiles
2019-10-04 12:07 - 2019-01-12 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-04 12:06 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-04 12:05 - 2018-02-24 12:35 - 000000000 ____D C:\Program Files (x86)\Amazon
2019-10-03 22:01 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-03 21:40 - 2019-01-12 14:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-03 21:24 - 2015-07-16 06:21 - 000000000 ____D C:\Program Files\Acer
2019-10-03 21:24 - 2015-07-16 06:15 - 000000000 ____D C:\ProgramData\Acer
2019-10-03 21:24 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files (x86)\Acer
2019-10-03 21:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-10-03 21:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-03 20:49 - 2019-01-12 15:13 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{012D95D5-6C8F-411B-AECA-BC457E9A5129}
2019-10-03 20:14 - 2016-04-15 19:11 - 000000000 ____D C:\Users\Bohouš\AppData\Local\CrashDumps
2019-10-03 20:13 - 2016-04-17 13:26 - 000000000 ____D C:\Users\Bohouš\AppData\Roaming\AVAST Software
2019-10-03 19:57 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-03 19:33 - 2016-11-27 18:15 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 19:33 - 2016-11-27 18:15 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-03 19:32 - 2019-01-12 15:13 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-03 19:32 - 2019-01-12 15:13 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-03 19:11 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-03 19:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-03 18:50 - 2018-02-16 16:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-28 18:33 - 2018-02-15 18:08 - 000000000 ____D C:\Users\Bohouš\AppData\Local\Packages
2019-09-27 18:34 - 2019-08-06 15:13 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1565097187
2019-09-27 18:34 - 2019-08-06 15:13 - 000001466 _____ C:\Users\Bohouš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-09-27 18:32 - 2019-01-12 15:13 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2889436172-48253687-2582613514-1001
2019-09-27 18:32 - 2019-01-12 14:55 - 000002368 _____ C:\Users\Bohouš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-27 18:32 - 2016-04-15 19:18 - 000000000 ___RD C:\Users\Bohouš\OneDrive
2019-09-16 19:23 - 2019-01-12 15:07 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-16 19:23 - 2018-09-15 19:32 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-16 19:23 - 2018-09-15 19:32 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-16 19:17 - 2018-02-15 18:38 - 000000000 ___RD C:\Users\Bohouš\3D Objects
2019-09-16 19:17 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-16 19:16 - 2019-01-12 14:50 - 000275688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-16 19:13 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Files in the root of some directories ================
2018-02-15 16:24 - 2019-08-06 15:08 - 000007601 _____ () C:\Users\Bohouš\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
Ran by Bohouš (administrator) on DESKTOP-VDKNTO2 (Acer Aspire XC-704) (04-10-2019 18:41:54)
Running from C:\Users\Bohouš\Downloads
Loaded Profiles: Bohouš (Available Profiles: Bohouš)
Platform: Windows 10 Home Version 1809 17763.737 (X64) Language: Čeština (Česko)
Default browser: Chrome
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/
==================== Processes (Whitelisted) =================
(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
() [File not signed] C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe
(Apple Inc. -> Apple Inc.) C:\Program Files (x86)\Bonjour\mDNSResponder.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswEngSrv.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\aswidsagent.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
(AVAST Software s.r.o. -> AVAST Software) C:\Program Files\AVAST Software\Avast\wsc_proxy.exe
(bookingDesktopApp.) [File not signed] C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe
(CyberLink Corp. -> ) C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\1.3.34.11\GoogleCrashHandler64.exe
(Google Inc -> Google LLC) C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
(Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation) C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe
(Intel(R) pGFX -> ) C:\WINDOWS\System32\igfxTray.exe
(Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxCUIService.exe
(Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxEM.exe
(Intel(R) pGFX -> Intel Corporation) C:\WINDOWS\System32\igfxHK.exe
(Intel(R) Software Development Products -> ) C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\WINDOWS\Microsoft.NET\Framework64\v3.0\WPF\PresentationFontCache.exe
(Microsoft Corporation) C:\Program Files\WindowsApps\Microsoft.YourPhone_1.19091.313.0_x64__8wekyb3d8bbwe\YourPhone.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\dllhost.exe
(Microsoft Windows -> Microsoft Corporation) C:\WINDOWS\System32\smartscreen.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera.exe
(Opera Software AS -> Opera Software) C:\Users\Bohouš\AppData\Local\Programs\Opera\63.0.3368.94\opera_crashreporter.exe
(Realtek Semiconductor Corp -> Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Skype) C:\Program Files\WindowsApps\Microsoft.SkypeApp_14.52.138.0_x64__kzf8qxf38zg5c\SkypeBackgroundHost.exe
==================== Registry (Whitelisted) ===========================
(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13876952 2015-05-20] (Realtek Semiconductor Corp -> Realtek Semiconductor)
HKLM\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvLaunch.exe [268680 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
HKLM-x32\...\Run: [isa] => C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Run: [BingSvc] => C:\Users\Bohouš\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\77.0.3865.90\Installer\chrmstp.exe [2019-10-03] (Google LLC -> Google LLC)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
==================== Scheduled Tasks (Whitelisted) =============
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
Task: {0CCA6876-C10F-468A-B03E-BA7ADD83AB99} - System32\Tasks\bookingDesktopAppUpdateTaskMachineCore => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
Task: {1560446C-747F-4C67-AA9D-A07667181676} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
Task: {2265F463-8687-45BF-95CC-DA71C088C94F} - System32\Tasks\Opera scheduled Autoupdate 1565097187 => C:\Users\Bohouš\AppData\Local\Programs\Opera\launcher.exe [1520152 2019-09-18] (Opera Software AS -> Opera Software)
Task: {3CFD1DEF-542C-40E6-ABF8-7C50B87A8125} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {3F902E77-B300-486D-8C04-5477AB4A17E0} - System32\Tasks\Avast Software\Overseer => C:\Program Files\Common Files\AVAST Software\Overseer\overseer.exe [1873288 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {4827049C-5273-4DF0-B457-8479653A45CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {5B7153B8-FA3B-40AC-A1F9-A7D24E9B3CF2} - System32\Tasks\{815FB0FF-B1C1-44E2-AB69-CE9CC76C35BD} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/cs/go/help.faq.installer?LastError=1618
Task: {62640E22-2AC4-4352-810D-CF5775486AC9} - System32\Tasks\bookingDesktopAppUpdateTaskMachineUA => C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
Task: {7AAD027B-0ED3-44E5-99C5-61DD51335AB1} - System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => C:\WINDOWS\system32\pcalua.exe -a E:\start.exe -d E:\
Task: {8F35D0C4-32AD-4255-A5CB-2C4F9284D50A} - System32\Tasks\Software Update Application => C:\ProgramData\OEM\UpgradeTool\ListCheck.exe [472928 2015-07-10] (Acer Incorporated -> Acer Incorporated)
Task: {959592A4-6734-4F99-A6A1-AEE8EEA19F35} - System32\Tasks\USER_ESRV_SVC_WILLAMETTE => "C:\WINDOWS\System32\Wscript.exe" //B //NoLogo "C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\task.vbs"
Task: {967B2BAC-8D4F-4236-A3EB-04254A6D7F4D} - System32\Tasks\Avast Emergency Update => C:\Program Files\AVAST Software\Avast\AvEmUpdate.exe [3933576 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
Task: {B4361798-F30C-48DB-B4A6-246847EC62CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {B69B4BC9-BF1D-42A0-A26E-4FBFA1148F6A} - System32\Tasks\Intel\Intel Telemetry 2 => C:\Program Files\Intel\Telemetry 2.0\lrio.exe [1741576 2016-03-17] (Intel(R) Software -> Intel Corporation)
Task: {D6ECEC41-87B3-4422-A550-4DD1E3E3674B} - System32\Tasks\{B7B9E57E-A9A9-4405-AE37-2F5E82CF5DD8} => "c:\windows\system32\launchwinapp.exe" hxxp://ui.skype.com/ui/0/7.22.0.109/cs/go/help.faq.installer?LastError=1618
Task: {EF603418-C23A-4F51-A357-CD559C03B4F7} - System32\Tasks\ACC => C:\Program Files (x86)\Acer\Care Center\LiveUpdateChecker.exe
(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
Task: C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job => C:\WINDOWS\explorer.exe
==================== Internet (Whitelisted) ====================
(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1
Tcpip\..\Interfaces\{d994c949-e4e2-481c-a4cc-bb76e7c2e4b8}: [DhcpNameServer] 192.168.0.1
Internet Explorer:
==================
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://acer15.msn.com/?pc=ACTE
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://acer15.msn.com/?pc=ACTE
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> DefaultScope {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
FireFox:
========
FF DefaultProfile: wm41p2os.default
FF ProfilePath: C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default [2019-10-03]
FF Homepage: Mozilla\Firefox\Profiles\wm41p2os.default -> hxxps://www.seznam.cz/
FF Extension: (Bing Search) - C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\Extensions\bingsearch.full@microsoft.com.xpi [2016-04-15] [Legacy]
FF Extension: (Czech (CZ) Language Pack) - C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\Extensions\langpack-cs@firefox.mozilla.org [2016-04-15] [Legacy] [not signed]
FF SearchPlugin: C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml [2016-04-15]
FF Extension: (Skype) - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2016-01-06] [Legacy]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_21_0_0_213.dll [2016-04-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_21_0_0_213.dll [2016-04-17] (Adobe Systems Incorporated -> )
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=3 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-10-03] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @bookingdesktopapp.com/bookingDesktopApp Update;version=9 -> C:\Program Files (x86)\bookingDesktopApp\Update\1.3.99.0\npbookingDesktopAppUpdate3.dll [2019-10-03] (bookingDesktopApp.) [File not signed]
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/pdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.fdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xdp -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @foxitsoftware.com/Foxit PhantomPDF Plugin,version=1.0,application/vnd.xfdf -> C:\Program Files (x86)\Foxit PhantomPDF\plugins\npFoxitPhantomPDFPlugin.dll [2014-10-20] (Foxit Software Incorporated -> Foxit Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.56 -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIIPT.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\TXE Components\IPT\npIntelWebAPIUpdater.dll [2014-07-02] (Intel(R) Identity Protection Technology Software -> Intel Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-10-03] (Google Inc -> Google LLC)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.34.11\npGoogleUpdate3.dll [2019-10-03] (Google Inc -> Google LLC)
FF Plugin-x32: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files (x86)\WildTangent Games\App\BrowserIntegration\Registered\0\NP_wtapp.dll [No File]
Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://www.seznam.cz/
CHR StartupUrls: Default -> "hxxp://www.seznam.cz/"
CHR Profile: C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default [2019-10-04]
CHR Extension: (Prezentace) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-22]
CHR Extension: (Dokumenty) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-22]
CHR Extension: (Disk Google) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2016-11-27]
CHR Extension: (YouTube) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2016-11-27]
CHR Extension: (Tabulky) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-22]
CHR Extension: (Dokumenty Google offline) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-23]
CHR Extension: (Skype) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2017-12-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2019-10-03]
CHR Extension: (Gmail) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2019-03-27]
CHR Extension: (Chrome Media Router) - C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2019-09-27]
CHR Profile: C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\Guest Profile [2019-09-02]
CHR Profile: C:\Users\Bohouš\AppData\Local\Google\Chrome\User Data\System Profile [2019-09-02]
CHR HKLM-x32\...\Chrome\Extension: [eofcbnmajmjmplflapaojjnihcjkigck] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - hxxps://clients2.google.com/service/update2/crx
==================== Services (Whitelisted) ====================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R3 aswbIDSAgent; C:\Program Files\AVAST Software\Avast\aswidsagent.exe [6085360 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [996880 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 AvastWscReporter; C:\Program Files\AVAST Software\Avast\wsc_proxy.exe [57504 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
S2 bookingdesktopapp; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
S3 bookingdesktopappm; C:\Program Files (x86)\bookingDesktopApp\Update\bookingDesktopAppUpdate.exe [102400 2019-10-03] (bookingDesktopApp.) [File not signed]
S3 ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
R2 igfxCUIService2.0.0.0; C:\WINDOWS\system32\igfxCUIService.exe [373712 2017-07-27] (Intel(R) pGFX -> Intel Corporation)
S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\TXE Components\TCS\SocketHeciServer.exe [881152 2015-05-22] (Intel® Trusted Connect Service -> Intel(R) Corporation)
R3 Intel(R) Security Assist; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isa.exe [330240 2015-02-26] () [File not signed]
S2 isaHelperSvc; C:\Program Files (x86)\Intel\Intel(R) Security Assist\isaHelperService.exe [7680 2015-02-26] () [File not signed]
R2 jhi_service; C:\Program Files (x86)\Intel\TXE Components\DAL\jhi_service.exe [174368 2015-04-21] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
R2 RichVideo; C:\Program Files (x86)\CyberLink\Shared files\RichVideo.exe [253776 2014-10-08] (CyberLink Corp. -> )
R2 SystemUsageReportSvc_WILLAMETTE; C:\Program Files (x86)\Intel Driver Update Utility\SUR\SurSvc.exe [117400 2016-06-08] (Intel(R) Software Development Products -> )
S3 USER_ESRV_SVC_WILLAMETTE; C:\Program Files\Intel\SUR\WILLAMETTE\ESRV\esrv_svc.exe [416408 2016-06-08] (Intel(R) Software Development Products -> )
S3 WdNisSvc; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\NisSrv.exe [3004048 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S3 WinDefend; C:\ProgramData\Microsoft\Windows Defender\platform\4.18.1909.6-0\MsMpEng.exe [103384 2019-10-03] (Microsoft Windows Publisher -> Microsoft Corporation)
S2 CCDMonitorService; "C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe" [X]
S2 GamesAppIntegrationService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppIntegrationService.exe" [X]
S3 GamesAppService; "C:\Program Files (x86)\WildTangent Games\App\GamesAppService.exe" [X]
S3 QASvc; "C:\Program Files\Acer\Acer Quick Access\QASvc.exe" [X]
S3 UEIPSvc; "C:\Program Files\Acer\User Experience Improvement Program\Framework\UBTService.exe" [X]
===================== Drivers (Whitelisted) ======================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
R0 aswArDisk; C:\WINDOWS\System32\drivers\aswArDisk.sys [37616 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswArPot; C:\WINDOWS\System32\drivers\aswArPot.sys [204824 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswbidsdriver; C:\WINDOWS\System32\drivers\aswbidsdriver.sys [274456 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbidsh; C:\WINDOWS\System32\drivers\aswbidsh.sys [209552 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswbuniv; C:\WINDOWS\System32\drivers\aswbuniv.sys [65120 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswElam; C:\WINDOWS\System32\drivers\aswElam.sys [16304 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> AVAST Software)
R1 aswHdsKe; C:\WINDOWS\System32\drivers\aswHdsKe.sys [276952 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswKbd; C:\WINDOWS\System32\drivers\aswKbd.sys [42736 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswMonFlt; C:\WINDOWS\System32\drivers\aswMonFlt.sys [171520 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswRdr; C:\WINDOWS\System32\drivers\aswRdr2.sys [110320 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswRvrt; C:\WINDOWS\System32\drivers\aswRvrt.sys [83792 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSnx; C:\WINDOWS\System32\drivers\aswSnx.sys [848432 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R1 aswSP; C:\WINDOWS\System32\drivers\aswSP.sys [460448 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R2 aswStm; C:\WINDOWS\System32\drivers\aswStm.sys [236024 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R0 aswVmm; C:\WINDOWS\System32\drivers\aswVmm.sys [316528 2019-10-03] (AVAST Software s.r.o. -> AVAST Software)
R3 igfxLP; C:\WINDOWS\system32\DRIVERS\igdkmd64lp.sys [7408072 2017-07-27] (Intel(R) pGFX -> Intel Corporation)
R3 rt640x64; C:\WINDOWS\System32\drivers\rt640x64.sys [886528 2015-05-29] (Realtek Semiconductor Corp -> Realtek )
R2 RtkIOAC60; C:\WINDOWS\system32\DRIVERS\RtkIOAC60.sys [38656 2015-06-09] (Realtek Semiconductor Corp -> Realtek semiconductor corp)
R3 RTSUER; C:\WINDOWS\system32\Drivers\RtsUer.sys [420440 2015-05-27] (Microsoft Windows Hardware Compatibility Publisher -> Realsil Semiconductor Corporation)
S3 semav6msr64; C:\WINDOWS\system32\drivers\semav6msr64.sys [21984 2015-06-04] (Intel(R) Code Signing External -> )
R3 TXEIx64; C:\WINDOWS\System32\drivers\TXEIx64.sys [146232 2015-06-26] (Intel Corporation - Embedded Subsystems and IP Blocks Group -> Intel Corporation)
S3 WdBoot; C:\WINDOWS\system32\drivers\wd\WdBoot.sys [46688 2019-10-03] (Microsoft Windows Early Launch Anti-malware Publisher -> Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\wd\WdFilter.sys [350136 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\drivers\wd\WdNisDrv.sys [54200 2019-10-03] (Microsoft Windows -> Microsoft Corporation)
==================== NetSvcs (Whitelisted) ===================
(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
==================== One month (created) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-04 18:41 - 2019-10-04 18:44 - 000022575 _____ C:\Users\Bohouš\Downloads\FRST.txt
2019-10-04 18:41 - 2019-10-04 18:43 - 000000000 ____D C:\FRST
2019-10-04 18:39 - 2019-10-04 18:39 - 001615360 _____ (Farbar) C:\Users\Bohouš\Downloads\FRST64.exe
2019-10-04 12:01 - 2019-10-04 12:05 - 000108838 _____ C:\WINDOWS\ntbtlog.txt
2019-10-04 12:01 - 2019-10-04 12:01 - 000000214 _____ C:\WINDOWS\Tasks\CreateExplorerShellUnelevatedTask.job
2019-10-03 21:58 - 2019-10-03 21:58 - 004482451 _____ C:\Users\Bohouš\Downloads\bombic_full.zip
2019-10-03 21:06 - 2019-10-03 21:09 - 000000000 ____D C:\AdwCleaner
2019-10-03 21:06 - 2019-10-03 21:06 - 007636680 _____ (Malwarebytes) C:\Users\Bohouš\Downloads\adwcleaner_7.4.1.exe
2019-10-03 20:27 - 2019-10-03 20:27 - 001222144 _____ C:\Users\Bohouš\Downloads\RSITx64.exe
2019-10-03 20:25 - 2019-10-03 20:25 - 000000000 ____D C:\rsit
2019-10-03 20:25 - 2019-10-03 20:25 - 000000000 ____D C:\Program Files (x86)\trend micro
2019-10-03 20:24 - 2019-10-03 20:24 - 001107968 _____ C:\Users\Bohouš\Downloads\RSIT.exe
2019-10-03 20:13 - 2019-10-03 20:13 - 000000000 ____D C:\Users\Bohouš\AppData\Local\CEF
2019-10-03 20:03 - 2019-10-03 20:03 - 000002092 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Avast Free Antivirus.lnk
2019-10-03 20:03 - 2019-10-03 20:03 - 000002080 _____ C:\Users\Public\Desktop\Avast Free Antivirus.lnk
2019-10-03 19:59 - 2019-10-04 18:35 - 000004264 _____ C:\WINDOWS\system32\Tasks\Avast Emergency Update
2019-10-03 19:59 - 2019-10-03 19:59 - 000000000 ____D C:\WINDOWS\system32\Tasks\Avast Software
2019-10-03 19:57 - 2019-10-03 19:59 - 000848432 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSnx.sys
2019-10-03 19:57 - 2019-10-03 19:59 - 000460448 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswSP.sys
2019-10-03 19:57 - 2019-10-03 19:57 - 000590136 _____ (Reimage) C:\Users\Bohouš\Downloads\ReimageRepair (1).exe
2019-10-03 19:57 - 2019-10-03 19:57 - 000000000 ____D C:\Program Files\Common Files\AVAST Software
2019-10-03 19:57 - 2019-10-03 19:56 - 000316528 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswVmm.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000236024 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswStm.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000171520 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswMonFlt.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000110320 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRdr2.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000083792 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswRvrt.sys
2019-10-03 19:57 - 2019-10-03 19:56 - 000016304 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswElam.sys
2019-10-03 19:57 - 2019-10-03 19:55 - 000355720 _____ (AVAST Software) C:\WINDOWS\system32\aswBoot.exe
2019-10-03 19:57 - 2019-10-03 19:55 - 000276952 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswHdsKe.sys
2019-10-03 19:57 - 2019-10-03 19:55 - 000042736 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswKbd.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000274456 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsdriver.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000209552 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbidsh.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000204824 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArPot.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000065120 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswbuniv.sys
2019-10-03 19:57 - 2019-10-03 19:54 - 000037616 _____ (AVAST Software) C:\WINDOWS\system32\Drivers\aswArDisk.sys
2019-10-03 19:55 - 2019-10-03 19:55 - 000003548 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineUA
2019-10-03 19:55 - 2019-10-03 19:55 - 000003424 _____ C:\WINDOWS\system32\Tasks\bookingDesktopAppUpdateTaskMachineCore
2019-10-03 19:55 - 2019-10-03 19:55 - 000003268 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Booking.lnk
2019-10-03 19:55 - 2019-10-03 19:55 - 000003256 _____ C:\Users\Public\Desktop\Booking.lnk
2019-10-03 19:55 - 2019-10-03 19:55 - 000000000 ____D C:\Program Files (x86)\bookingDesktopApp
2019-10-03 19:53 - 2019-10-03 19:54 - 000000000 ____D C:\Program Files (x86)\Booking
2019-10-03 19:52 - 2019-10-03 19:52 - 000000000 ____D C:\Program Files\AVAST Software
2019-10-03 19:51 - 2019-10-03 19:57 - 000000000 ____D C:\ProgramData\AVAST Software
2019-10-03 19:51 - 2019-10-03 19:51 - 002599473 _____ (AIMP DevTeam) C:\Users\Bohouš\Downloads\setup.exe
2019-10-03 19:50 - 2019-10-03 19:50 - 002324328 _____ ( ) C:\Users\Bohouš\Downloads\setup_3411195454.exe
2019-10-03 19:32 - 2019-10-03 19:33 - 000000000 ____D C:\Program Files (x86)\Google
2019-10-03 19:32 - 2019-10-03 19:32 - 001151544 _____ (Google LLC) C:\Users\Bohouš\Downloads\ChromeSetup (2).exe
2019-09-16 19:16 - 2019-09-04 21:44 - 000835480 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2019-09-16 19:16 - 2019-09-04 21:44 - 000179816 _____ (Adobe) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2019-09-16 19:04 - 2019-09-16 19:04 - 026808320 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgehtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 023453696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 020817408 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgehtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 019011584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 012939776 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 012244992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 008903680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mstscax.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 007921664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mstscax.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 007871488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Chakra.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 006542464 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Media.Protection.PlayReady.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 006065664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Chakra.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 005597808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\shell32.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 005436696 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 004874752 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 004488192 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsrchvw.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 003702784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 003550384 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 003442176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsrchvw.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 003096576 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmcore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002469432 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2vdec.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002323696 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2vdec.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002279296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\iertutil.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002127360 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_fs.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002099752 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfplat.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 002086400 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\xpsservices.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001782272 _____ (Microsoft Corporation) C:\WINDOWS\system32\wsp_health.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001764352 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001604760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfplat.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001573240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\propsys.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001521664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_fs.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001465472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32full.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001388032 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcastdvruserservice.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001312256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msjet40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001309696 _____ (Microsoft Corporation) C:\WINDOWS\system32\webplatstorageserver.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001307648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wsp_health.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001297120 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001221528 _____ (Microsoft Corporation) C:\WINDOWS\system32\ClipUp.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 001132032 _____ (Microsoft Corporation) C:\WINDOWS\system32\nettrace.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001075832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 001071616 _____ (Microsoft Corporation) C:\WINDOWS\HelpPane.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 001047552 _____ (Microsoft Corporation) C:\WINDOWS\system32\clusapi.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000988672 _____ (Microsoft Corporation) C:\WINDOWS\system32\StorSvc.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000968192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Unistore.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000914432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Microsoft.Graphics.Display.DisplayEnhancementService.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000912384 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeManager.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000883200 _____ (Microsoft Corporation) C:\WINDOWS\system32\CPFilters.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000833024 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\webplatstorageserver.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000798736 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\fvevol.sys
2019-09-16 19:04 - 2019-09-16 19:04 - 000793600 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\clusapi.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\nshwfp.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000703488 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9diag.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000690688 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\CPFilters.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000682496 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\uReFS.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000663040 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\EdgeManager.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000660544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\fontdrvhost.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000652832 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppXDeploymentClient.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000626176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tdh.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\resutils.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000605184 _____ (Microsoft Corporation) C:\WINDOWS\system32\facecredentialprovider.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000532992 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000525824 _____ (Microsoft Corporation) C:\WINDOWS\system32\nltest.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000489984 _____ (Microsoft Corporation) C:\WINDOWS\system32\ResourceMapper.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000480256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\resutils.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000475648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msxbde40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000450872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\policymanager.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000449376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppResolver.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000439808 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ngccredprov.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000425472 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\daxexec.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000409256 _____ (Microsoft Corporation) C:\WINDOWS\system32\tsmf.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000386048 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\SysWOW64\curl.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000353280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd3x40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000349144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\tsmf.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000330752 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\edgeIso.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000322048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\cryptngc.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000313344 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msrd2x40.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000195224 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecurityCenterBroker.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000154624 _____ (Microsoft Corporation) C:\WINDOWS\system32\fcon.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000144080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\imm32.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000140088 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\dwmapi.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000106048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\OpenWith.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000098080 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000091136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\drvsetup.dll
2019-09-16 19:04 - 2019-09-16 19:04 - 000080896 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mcbuilder.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000078336 _____ (Microsoft Corporation) C:\WINDOWS\system32\ComputerDefaults.exe
2019-09-16 19:04 - 2019-09-16 19:04 - 000066048 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ComputerDefaults.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 022124760 _____ (Microsoft Corporation) C:\WINDOWS\system32\shell32.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 017484800 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Xaml.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 015221248 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.UI.Xaml.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 009679672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 007886848 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Data.Pdf.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 007645392 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Media.Protection.PlayReady.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 006444544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Data.Pdf.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 006310064 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\windows.storage.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 005573232 _____ (Microsoft Corporation) C:\WINDOWS\system32\StartTileData.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 005569024 _____ (Microsoft Corporation) C:\WINDOWS\system32\twinui.pcshell.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 004588752 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppsvc.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 004353016 _____ (Microsoft Corporation) C:\WINDOWS\explorer.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 004056576 _____ (Microsoft Corporation) C:\WINDOWS\system32\EdgeContent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 003821728 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\explorer.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 003634688 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kfull.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 003490816 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmcore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 003385856 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentServer.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 003082752 _____ (Microsoft Corporation) C:\WINDOWS\system32\DWrite.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002924344 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tcpip.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 002879488 _____ (Microsoft Corporation) C:\WINDOWS\system32\xpsservices.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002871608 _____ (Microsoft Corporation) C:\WINDOWS\system32\aitstatic.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 002779488 _____ (Microsoft Corporation) C:\WINDOWS\system32\iertutil.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002700784 _____ (Microsoft Corporation) C:\WINDOWS\system32\KernelBase.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002693120 _____ (Microsoft Corporation) C:\WINDOWS\system32\WebRuntimeManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002421248 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32kbase.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 002233688 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002192384 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.onecore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002085168 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEng.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 002073240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\KernelBase.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001994768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001966096 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\refs.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 001929728 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiosrv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001904128 _____ (Microsoft Corporation) C:\WINDOWS\system32\FntCache.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001899152 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioEng.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001864192 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001721360 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001702096 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.efi
2019-09-16 19:03 - 2019-09-16 19:03 - 001687552 _____ (Microsoft Corporation) C:\WINDOWS\system32\enterprisecsps.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001674480 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001668752 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32full.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001655976 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.ApplicationModel.Store.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001641400 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppobjs.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001608192 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentExtensions.desktop.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001563880 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdrecordcpu.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001551360 _____ (Microsoft Corporation) C:\WINDOWS\system32\SpeechPal.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001484592 _____ (Microsoft Corporation) C:\WINDOWS\system32\msctf.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001472576 _____ (Microsoft Corporation) C:\WINDOWS\system32\winload.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 001388544 _____ (Microsoft Corporation) C:\WINDOWS\system32\qmgr.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001344960 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.efi
2019-09-16 19:03 - 2019-09-16 19:03 - 001331536 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSes.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001318400 _____ (Microsoft Corporation) C:\WINDOWS\system32\NotificationController.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001272560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdrecordcpu.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001256960 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemSettings.Handlers.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001182240 _____ (Microsoft Corporation) C:\WINDOWS\system32\winresume.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 001180248 _____ (Microsoft Corporation) C:\WINDOWS\system32\rpcrt4.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001171968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Unistore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001098136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AudioSes.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001081656 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Services.TargetedContent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001054952 _____ (Microsoft Corporation) C:\WINDOWS\system32\ApplyTrustOffline.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 001052160 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPSSVC.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 001010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\refsutil.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000948224 _____ (Microsoft Corporation) C:\WINDOWS\system32\uDWM.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000900096 _____ (Microsoft Corporation) C:\WINDOWS\system32\usocore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000888120 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\pidgenx.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000848896 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Internal.Signals.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000811024 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000807760 _____ (Microsoft Corporation) C:\WINDOWS\system32\fontdrvhost.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\uReFS.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000794112 _____ (Microsoft Corporation) C:\WINDOWS\system32\LogonController.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000782968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\rpcrt4.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000779776 _____ (Microsoft Corporation) C:\WINDOWS\system32\winlogon.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000774968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Services.TargetedContent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000749568 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioEndpointBuilder.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000741392 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_StorageSense.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000740904 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000736768 _____ (Microsoft Corporation) C:\WINDOWS\system32\LockController.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000736056 _____ (Microsoft Corporation) C:\WINDOWS\system32\LicensingWinRT.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000689664 _____ (Microsoft Corporation) C:\WINDOWS\system32\ActivationManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000637752 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000622392 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\LicensingWinRT.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000622080 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnrSvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000616448 _____ (Microsoft Corporation) C:\WINDOWS\system32\daxexec.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000606088 _____ (Microsoft Corporation) C:\WINDOWS\system32\directmanipulation.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000604344 _____ (Microsoft Corporation) C:\WINDOWS\system32\audiodg.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000595456 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000591160 _____ (Microsoft Corporation) C:\WINDOWS\system32\hal.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000589312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ActivationManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000585184 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppResolver.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000574464 _____ (Microsoft Corporation) C:\WINDOWS\system32\MusNotification.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000572416 _____ (Microsoft Corporation) C:\WINDOWS\system32\wpnprv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000558592 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngccredprov.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000554000 _____ (Microsoft Corporation) C:\WINDOWS\system32\pcasvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000540240 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\StructuredQuery.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000535056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 000519168 _____ (Microsoft Corporation) C:\WINDOWS\system32\sppcext.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000515960 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\directmanipulation.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000515152 _____ (Microsoft Corporation) C:\WINDOWS\system32\policymanager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000505128 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64win.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000497152 _____ (Microsoft Corporation) C:\WINDOWS\system32\NgcCtnr.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000484352 _____ (Microsoft Corporation) C:\WINDOWS\system32\cloudAP.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000464912 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000449024 _____ (Microsoft Corporation) C:\WINDOWS\system32\edgeIso.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000435712 _____ (Microsoft Corporation) C:\WINDOWS\system32\cryptngc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000378368 _____ (Microsoft Corporation) C:\WINDOWS\system32\provengine.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000360960 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceEnroller.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000351432 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Storage.ApplicationData.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000347576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AudioSrvPolicyManager.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000346624 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxAllUserStore.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000330672 _____ (Microsoft Corporation) C:\WINDOWS\system32\ttdwriter.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000330592 _____ (Microsoft Corporation) C:\WINDOWS\system32\wow64.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000324408 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000312832 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.ApplicationModel.Store.TestingFramework.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000293376 _____ (Microsoft Corporation) C:\WINDOWS\system32\TDLMigration.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000279416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\Windows.Storage.ApplicationData.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000275968 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.AppDefaults.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000274432 _____ (Microsoft Corporation) C:\WINDOWS\system32\SystemEventsBrokerServer.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000272648 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ttdwriter.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\SettingsHandlers_ManagePhone.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000251904 _____ (Microsoft Corporation) C:\WINDOWS\system32\HttpsDataSource.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000228864 _____ (Microsoft Corporation) C:\WINDOWS\system32\provisioningcsp.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000190976 _____ (Microsoft Corporation) C:\WINDOWS\system32\ngcpopkeysrv.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000177176 _____ (Microsoft Corporation) C:\WINDOWS\system32\imm32.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000175616 _____ (Microsoft Corporation) C:\WINDOWS\system32\NcaSvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000168248 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmapi.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000164152 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000157696 _____ (Microsoft Corporation) C:\WINDOWS\system32\dssvc.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000130872 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.Graphics.Display.BrightnessOverride.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000130560 _____ (Microsoft Corporation) C:\WINDOWS\system32\dwmredir.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000128512 _____ (Microsoft Corporation) C:\WINDOWS\system32\Windows.UI.Storage.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000126976 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppxSysprep.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000120832 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatecsp.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000120344 _____ (Microsoft Corporation) C:\WINDOWS\system32\OpenWith.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000099840 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiCx.sys
2019-09-16 19:03 - 2019-09-16 19:03 - 000094208 _____ (Microsoft Corporation) C:\WINDOWS\system32\mcbuilder.exe
2019-09-16 19:03 - 2019-09-16 19:03 - 000071696 _____ (Microsoft Corporation) C:\WINDOWS\system32\win32appinventorycsp.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000060416 _____ (Microsoft Corporation) C:\WINDOWS\system32\TpmTasks.dll
2019-09-16 19:03 - 2019-09-16 19:03 - 000025088 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ws2ifsl.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 007690648 _____ (Microsoft Corporation) C:\WINDOWS\system32\windows.storage.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 003333984 _____ (Microsoft Corporation) C:\WINDOWS\system32\combase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 002706432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\win32kfull.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 002645504 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\DWrite.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 002593032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\combase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001893376 _____ (Microsoft Corporation) C:\WINDOWS\system32\wevtsvc.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001743168 _____ (Microsoft Corporation) C:\WINDOWS\system32\propsys.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001387512 _____ (Microsoft Corporation) C:\WINDOWS\system32\WinTypes.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001294280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msctf.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001253688 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvix64.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 001191512 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ucrtbase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 001048888 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvax64.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 001022824 _____ (Microsoft Corporation) C:\WINDOWS\system32\ucrtbase.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000865576 _____ (Microsoft Corporation) C:\WINDOWS\system32\AppXDeploymentClient.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000851272 _____ (Microsoft Corporation) C:\WINDOWS\system32\ci.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000806568 _____ C:\WINDOWS\SysWOW64\locale.nls
2019-09-16 19:02 - 2019-09-16 19:02 - 000806568 _____ C:\WINDOWS\system32\locale.nls
2019-09-16 19:02 - 2019-09-16 19:02 - 000793824 _____ (Microsoft Corporation) C:\WINDOWS\system32\oleaut32.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000791352 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\acpi.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000774192 _____ (Microsoft Corporation) C:\WINDOWS\system32\pkeyhelper.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000773632 _____ (Microsoft Corporation) C:\WINDOWS\system32\tdh.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000764416 _____ (Microsoft Corporation) C:\WINDOWS\system32\updatehandlers.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000751928 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\vhdmp.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000675096 _____ (Microsoft Corporation) C:\WINDOWS\system32\StructuredQuery.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000652600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\spaceport.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000652304 _____ (Microsoft Corporation) C:\WINDOWS\system32\securekernel.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000646656 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32time.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000607744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\nshwfp.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000603784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\oleaut32.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000532192 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mf.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000520208 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\Vid.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000513336 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000511288 _____ (Microsoft Corporation) C:\WINDOWS\system32\dcntel.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000506200 _____ (Microsoft Corporation) C:\WINDOWS\system32\mf.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000421376 _____ (curl, hxxps://curl.haxx.se/) C:\WINDOWS\system32\curl.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000415544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\aepic.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000405304 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\clfs.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000402368 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000398208 _____ (Microsoft Corporation) C:\WINDOWS\system32\SgrmEnclave_secure.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000294728 _____ (Microsoft Corporation) C:\WINDOWS\system32\skci.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000273920 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\AppxAllUserStore.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000248832 _____ (Microsoft Corporation) C:\WINDOWS\system32\w32tm.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000240128 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winnat.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000224768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ptpprov.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000211968 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\w32tm.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000209920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\hidclass.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000202752 _____ (Microsoft Corporation) C:\WINDOWS\system32\SecureTimeAggregator.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000164504 _____ (Microsoft Corporation) C:\WINDOWS\system32\vertdll.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000163328 _____ (Microsoft Corporation) C:\WINDOWS\system32\profext.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000140600 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\tm.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000133632 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\profext.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000109568 _____ (Microsoft Corporation) C:\WINDOWS\system32\drvsetup.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000090632 _____ (Microsoft Corporation) C:\WINDOWS\system32\hvloader.dll
2019-09-16 19:02 - 2019-09-16 19:02 - 000087056 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\winhvr.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000036152 _____ (Microsoft Corporation) C:\WINDOWS\system32\DeviceCensus.exe
2019-09-16 19:02 - 2019-09-16 19:02 - 000031744 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\UcmUcsiAcpiClient.sys
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth8.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth7.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth6.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth5.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth4.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth3.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth2.bin
2019-09-16 19:02 - 2019-09-16 19:02 - 000000315 _____ C:\WINDOWS\system32\DrtmAuth1.bin
==================== One month (modified) ========
(If an entry is included in the fixlist, the file/folder will be moved.)
2019-10-04 18:45 - 2018-09-15 09:33 - 000000000 ____D C:\ProgramData\regid.1991-06.com.microsoft
2019-10-04 18:39 - 2018-09-15 09:23 - 000000000 ____D C:\WINDOWS\CbsTemp
2019-10-04 18:34 - 2016-11-07 18:54 - 000000180 _____ C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
2019-10-04 18:34 - 2016-04-15 19:05 - 000000000 __SHD C:\Users\Bohouš\IntelGraphicsProfiles
2019-10-04 12:07 - 2019-01-12 15:13 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2019-10-04 12:06 - 2018-09-15 08:09 - 000524288 _____ C:\WINDOWS\system32\config\BBI
2019-10-04 12:05 - 2018-02-24 12:35 - 000000000 ____D C:\Program Files (x86)\Amazon
2019-10-03 22:01 - 2018-09-15 09:31 - 000000000 ____D C:\WINDOWS\INF
2019-10-03 21:40 - 2019-01-12 14:50 - 000000000 ____D C:\WINDOWS\system32\SleepStudy
2019-10-03 21:24 - 2015-07-16 06:21 - 000000000 ____D C:\Program Files\Acer
2019-10-03 21:24 - 2015-07-16 06:15 - 000000000 ____D C:\ProgramData\Acer
2019-10-03 21:24 - 2015-07-16 06:15 - 000000000 ____D C:\Program Files (x86)\Acer
2019-10-03 21:09 - 2018-04-12 01:38 - 000000000 ____D C:\WINDOWS\system32\Tasks_Migrated
2019-10-03 21:04 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\NDF
2019-10-03 20:49 - 2019-01-12 15:13 - 000004210 _____ C:\WINDOWS\system32\Tasks\User_Feed_Synchronization-{012D95D5-6C8F-411B-AECA-BC457E9A5129}
2019-10-03 20:14 - 2016-04-15 19:11 - 000000000 ____D C:\Users\Bohouš\AppData\Local\CrashDumps
2019-10-03 20:13 - 2016-04-17 13:26 - 000000000 ____D C:\Users\Bohouš\AppData\Roaming\AVAST Software
2019-10-03 19:57 - 2018-09-15 09:33 - 000000000 ___HD C:\WINDOWS\ELAMBKUP
2019-10-03 19:33 - 2016-11-27 18:15 - 000002377 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2019-10-03 19:33 - 2016-11-27 18:15 - 000002336 _____ C:\Users\Public\Desktop\Google Chrome.lnk
2019-10-03 19:32 - 2019-01-12 15:13 - 000003472 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineUA
2019-10-03 19:32 - 2019-01-12 15:13 - 000003348 _____ C:\WINDOWS\system32\Tasks\GoogleUpdateTaskMachineCore
2019-10-03 19:11 - 2018-09-15 09:33 - 000000000 ___HD C:\Program Files\WindowsApps
2019-10-03 19:11 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\AppReadiness
2019-10-03 18:50 - 2018-02-16 16:59 - 000000000 ____D C:\WINDOWS\system32\Drivers\wd
2019-09-28 18:33 - 2018-02-15 18:08 - 000000000 ____D C:\Users\Bohouš\AppData\Local\Packages
2019-09-27 18:34 - 2019-08-06 15:13 - 000004214 _____ C:\WINDOWS\system32\Tasks\Opera scheduled Autoupdate 1565097187
2019-09-27 18:34 - 2019-08-06 15:13 - 000001466 _____ C:\Users\Bohouš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Prohlížeč Opera.lnk
2019-09-27 18:32 - 2019-01-12 15:13 - 000003378 _____ C:\WINDOWS\system32\Tasks\OneDrive Standalone Update Task-S-1-5-21-2889436172-48253687-2582613514-1001
2019-09-27 18:32 - 2019-01-12 14:55 - 000002368 _____ C:\Users\Bohouš\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\OneDrive.lnk
2019-09-27 18:32 - 2016-04-15 19:18 - 000000000 ___RD C:\Users\Bohouš\OneDrive
2019-09-16 19:23 - 2019-01-12 15:07 - 001693636 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2019-09-16 19:23 - 2018-09-15 19:32 - 000716776 _____ C:\WINDOWS\system32\perfh005.dat
2019-09-16 19:23 - 2018-09-15 19:32 - 000144856 _____ C:\WINDOWS\system32\perfc005.dat
2019-09-16 19:17 - 2018-02-15 18:38 - 000000000 ___RD C:\Users\Bohouš\3D Objects
2019-09-16 19:17 - 2016-04-27 08:56 - 000000000 __RHD C:\Users\Public\AccountPictures
2019-09-16 19:16 - 2019-01-12 14:50 - 000275688 _____ C:\WINDOWS\system32\FNTCACHE.DAT
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ___SD C:\WINDOWS\system32\DiagSvcs
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ___RD C:\WINDOWS\ImmersiveControlPanel
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\SysWOW64\Dism
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\system32\oobe
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellExperiences
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\ShellComponents
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\PolicyDefinitions
2019-09-16 19:13 - 2018-09-15 09:33 - 000000000 ____D C:\WINDOWS\bcastdvr
2019-09-16 19:13 - 2018-09-15 08:09 - 000000000 ____D C:\WINDOWS\system32\Dism
==================== Files in the root of some directories ================
2018-02-15 16:24 - 2019-08-06 15:08 - 000007601 _____ () C:\Users\Bohouš\AppData\Local\resmon.resmoncfg
==================== SigCheck ===============================
(There is no automatic fix for files that do not pass verification.)
==================== End of FRST.txt ============================
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: reklama
Otevřte poznámkový blok a zkopírujte do něj:
Uložte do C:\Users\Bohouš\Downloads jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.Start
CloseProcesses:
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Run: [BingSvc] => C:\Users\Bohouš\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> © 2015 Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3CFD1DEF-542C-40E6-ABF8-7C50B87A8125} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4827049C-5273-4DF0-B457-8479653A45CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {7AAD027B-0ED3-44E5-99C5-61DD51335AB1} - System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => C:\WINDOWS\system32\pcalua.exe -a E:\start.exe -d E:\
Task: {B4361798-F30C-48DB-B4A6-246847EC62CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> DefaultScope {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
FF SearchPlugin: C:\Users\Bohouš\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml [2016-04-15]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{2CBD19E7-389F-47DD-9045-A0386096D5E6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{FB619021-D3C6-4B8E-8E6E-6940402C2B45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
EmptyTemp:
End
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: reklama
Proběhla mi nějaká aktualizace windows a log se mi nezobrazil . Mohu ho někde najít ?
Re: reklama
asi jsem ho našel , jestli je to on
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-10-2019
Ran by Bohouš (04-10-2019 20:19:15) Run:1
Running from C:\Users\Bohouš\Downloads
Loaded Profiles: Bohouš (Available Profiles: Bohouš)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Run: [BingSvc] => C:\Users\Bohou�\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> � 2015 Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3CFD1DEF-542C-40E6-ABF8-7C50B87A8125} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4827049C-5273-4DF0-B457-8479653A45CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {7AAD027B-0ED3-44E5-99C5-61DD51335AB1} - System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => C:\WINDOWS\system32\pcalua.exe -a E:\start.exe -d E:\
Task: {B4361798-F30C-48DB-B4A6-246847EC62CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> DefaultScope {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
FF SearchPlugin: C:\Users\Bohou�\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml [2016-04-15]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{2CBD19E7-389F-47DD-9045-A0386096D5E6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{FB619021-D3C6-4B8E-8E6E-6940402C2B45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CFD1DEF-542C-40E6-ABF8-7C50B87A8125}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CFD1DEF-542C-40E6-ABF8-7C50B87A8125}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4827049C-5273-4DF0-B457-8479653A45CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4827049C-5273-4DF0-B457-8479653A45CD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AAD027B-0ED3-44E5-99C5-61DD51335AB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AAD027B-0ED3-44E5-99C5-61DD51335AB1}" => removed successfully
C:\WINDOWS\System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BDB0E617-3543-4BA6-BFF3-D284E351A795}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4361798-F30C-48DB-B4A6-246847EC62CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4361798-F30C-48DB-B4A6-246847EC62CA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKU\S-1-5-21-2889436172-48253687-2582613514-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA6FD437-F17F-4546-8D2E-FF586DCFB67F} => removed successfully
HKLM\Software\Classes\CLSID\{BA6FD437-F17F-4546-8D2E-FF586DCFB67F} => not found
"C:\Users\Bohou�\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CBD19E7-389F-47DD-9045-A0386096D5E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB619021-D3C6-4B8E-8E6E-6940402C2B45}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 109081210 B
Java, Flash, Steam htmlcache => 1247 B
Windows/system/drivers => 1150116 B
Edge => 4148190 B
Chrome => 440052825 B
Firefox => 11542269 B
Opera => 326745186 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5470 B
LocalService => 0 B
NetworkService => 152610 B
NetworkService => 0 B
Bohouš => 37838907 B
RecycleBin => 491911710 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:20:29 ====
Fix result of Farbar Recovery Scan Tool (x64) Version: 02-10-2019
Ran by Bohouš (04-10-2019 20:19:15) Run:1
Running from C:\Users\Bohouš\Downloads
Loaded Profiles: Bohouš (Available Profiles: Bohouš)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
CloseProcesses:
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\...\Run: [BingSvc] => C:\Users\Bohou�\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-11-05] (Microsoft Corporation -> � 2015 Microsoft Corporation)
FF HKLM\SOFTWARE\Policies\Mozilla\Firefox: Restriction <==== ATTENTION
Task: {3CFD1DEF-542C-40E6-ABF8-7C50B87A8125} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
Task: {4827049C-5273-4DF0-B457-8479653A45CD} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
Task: {7AAD027B-0ED3-44E5-99C5-61DD51335AB1} - System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => C:\WINDOWS\system32\pcalua.exe -a E:\start.exe -d E:\
Task: {B4361798-F30C-48DB-B4A6-246847EC62CA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [154920 2019-10-03] (Google Inc -> Google LLC)
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> DefaultScope {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
SearchScopes: HKU\S-1-5-21-2889436172-48253687-2582613514-1001 -> {BA6FD437-F17F-4546-8D2E-FF586DCFB67F} URL =
FF SearchPlugin: C:\Users\Bohou�\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml [2016-04-15]
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => -> No File
FirewallRules: [{2CBD19E7-389F-47DD-9045-A0386096D5E6}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
FirewallRules: [{FB619021-D3C6-4B8E-8E6E-6940402C2B45}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe No File
EmptyTemp:
End
*****************
Processes closed successfully.
"HKU\S-1-5-21-2889436172-48253687-2582613514-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc" => removed successfully
HKLM\SOFTWARE\Policies\Mozilla => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3CFD1DEF-542C-40E6-ABF8-7C50B87A8125}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3CFD1DEF-542C-40E6-ABF8-7C50B87A8125}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\Microsoft\Windows\UNP\RunCampaignManager" => not found
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{4827049C-5273-4DF0-B457-8479653A45CD}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4827049C-5273-4DF0-B457-8479653A45CD}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{7AAD027B-0ED3-44E5-99C5-61DD51335AB1}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7AAD027B-0ED3-44E5-99C5-61DD51335AB1}" => removed successfully
C:\WINDOWS\System32\Tasks\{BDB0E617-3543-4BA6-BFF3-D284E351A795} => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{BDB0E617-3543-4BA6-BFF3-D284E351A795}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{B4361798-F30C-48DB-B4A6-246847EC62CA}" => removed successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B4361798-F30C-48DB-B4A6-246847EC62CA}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\Software\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKU\S-1-5-21-2889436172-48253687-2582613514-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
HKU\S-1-5-21-2889436172-48253687-2582613514-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{BA6FD437-F17F-4546-8D2E-FF586DCFB67F} => removed successfully
HKLM\Software\Classes\CLSID\{BA6FD437-F17F-4546-8D2E-FF586DCFB67F} => not found
"C:\Users\Bohou�\AppData\Roaming\Mozilla\Firefox\Profiles\wm41p2os.default\searchplugins\bing-.xml" => not found
C:\WINDOWS\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat => moved successfully
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\igfxcui => removed successfully
HKLM\Software\Classes\CLSID\{3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => not found
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{2CBD19E7-389F-47DD-9045-A0386096D5E6}" => removed successfully
"HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{FB619021-D3C6-4B8E-8E6E-6940402C2B45}" => removed successfully
=========== EmptyTemp: ==========
BITS transfer queue => 8937472 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 109081210 B
Java, Flash, Steam htmlcache => 1247 B
Windows/system/drivers => 1150116 B
Edge => 4148190 B
Chrome => 440052825 B
Firefox => 11542269 B
Opera => 326745186 B
Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 0 B
systemprofile32 => 0 B
LocalService => 5470 B
LocalService => 0 B
NetworkService => 152610 B
NetworkService => 0 B
Bohouš => 37838907 B
RecycleBin => 491911710 B
EmptyTemp: => 1.3 GB temporary data Removed.
================================
The system needed a reboot.
==== End of Fixlog 20:20:29 ====
-
Rudy
- Site Admin
- Příspěvky: 118244
- Registrován: 30 říj 2003 13:42
- Bydliště: Plzeň
- Kontaktovat uživatele:
Re: reklama
Je to ono. Bylo smazáno. Nastala nějaká změna?
Dotazy a logy vkládejte pouze do vašich threadů. Soukromé zprávy, icq a e-maily neslouží k řešení vašich problémů.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Podpořte, prosím, naše fórum : https://platba.viry.cz/payment/.
Navštivte:
e-mail: rudy(zavináč)forum.viry.cz
Varování: Před odvirováním PC si udělejte zálohy svých důležitých dat (pošta, kontakty, dokumenty, fotografie, videa, hudba apod.). Virus mimo svých "viditelných" aktivit může poškodit systém!
Po dořešení vašeho problému bude vlákno zamknuto. Stejně tak tehdy, pokud bude nečinné více než 14dnů. Pokud budete chtít vlákno aktivovat, napište mi na mail uvedený výše.
Re: reklama
bohužel ne stále se mi zobrazují reklamy na opeře i na chromu , když vypnu prohlížeče tak mi tam zůstane na ploše
Přispějete na provoz fóra?