Prosím o preventivní kontrolu

[davidvr]

Dobrý den,
prosím o preventivní kontrolu ntb.

Děkuji

[Conder]

Ahoj

Stiahni AdwCleaner: https://toolslib.net/downloads/finish/1/

• Uloz na plochu a ukonci vsetky programy
• Spusti AdwCleaner ako spravca
• Odsuhlas licencne podmienky
• Klikni na Skenovat nyni (Scan now) a pockaj na dokoncenie
• Nechaj zaskrtnute vsetky nalezy
• Klikni na Cisteni a opravy (Clean and Repair) a potvrd restart PC teraz
• Po restartovani PC sa otvori AdwCleaner, klikni na Zobrazit soubor protokolu
• Otvori sa log, jeho obsah sem skopiruj

[davidvr]

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 11-14-2019
# Duration: 00:00:24
# OS: Windows 10 Pro
# Scanned: 35182
# Detected: 26


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

PUP.Optional.Seznam.cz C:\Users\David\AppData\Roaming\Seznam.cz
PUP.Optional.WebCompanion C:\ProgramData\Application Data\Lavasoft\Web Companion

***** [ Files ] *****

No malicious files found.

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
PUP.Optional.Legacy HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
PUP.Optional.Legacy HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.WebCompanion HKCU\Software\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
PUP.Optional.WebCompanion HKLM\Software\Wow6432Node\Lavasoft\Web Companion
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
PUP.Optional.WebCompanion HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
PUP.Optional.WebCompanion HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

PUP.Optional.DefaultSearch.ShrtCln Adaware Secure Search

***** [ Chromium URLs ] *****

No malicious Chromium URLs found.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

PUP.Optional.Legacy api.bing.com
PUP.Optional.Legacy api.bing.com
PUP.Optional.Legacy api.bing.com
PUP.Optional.Legacy http://securedsearch.lavasoft.com/?pr=v ... 54__181120

***** [ Preinstalled Software ] *****

Preinstalled.HPUsageTrackingLEDM Folder C:\Program Files (x86)\HP\HP UT LEDM\BIN
Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|HPUsageTrackingLEDM
Preinstalled.HPUsageTrackingLEDM Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{853F464A-B2B8-404E-BA3E-B98FF6862C41}


AdwCleaner_Debug.log - [9365 octets] - [14/11/2019 06:41:38]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[davidvr]

# -------------------------------
# Malwarebytes AdwCleaner 7.4.2.0
# -------------------------------
# Build: 10-21-2019
# Database: 2019-10-21.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 11-14-2019
# Duration: 00:00:02
# OS: Windows 10 Pro
# Cleaned: 20
# Failed: 3


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\ProgramData\Application Data\Lavasoft\Web Companion
Deleted C:\Users\David\AppData\Roaming\Seznam.cz

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKCU\Software\Lavasoft\Web Companion
Deleted HKCU\Software\Microsoft\Internet Explorer\Main|Start Page
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{993F5746-4C15-42BC-99C1-064A1764271B}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|Web Companion
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKCU\Software\Microsoft\Windows\CurrentVersion\Run|Web Companion
Deleted HKCU\Software\Seznam.cz
Deleted HKLM\SYSTEM\Setup\FirstBoot\Services\WCAssistantService
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
Deleted HKLM\Software\Wow6432Node\Lavasoft\Web Companion
Deleted HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com
Deleted HKU\.DEFAULT\Software\Mozilla\NativeMessagingHosts\com.webcompanion.native
Deleted HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings\ZoneMap\Domains\webcompanion.com

***** [ Chromium (and derivatives) ] *****

Deleted Adaware Secure Search

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

Deleted http://securedsearch.lavasoft.com/?pr=v ... 54__181120
Not Deleted api.bing.com
Not Deleted api.bing.com
Not Deleted api.bing.com

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner_Debug.log - [27790 octets] - [14/11/2019 06:41:38]
AdwCleaner[S00].txt - [3874 octets] - [14/11/2019 06:42:18]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[davidvr]

2019-11-14 05:41:38 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-14 05:41:40 : <INFO> [Telemetry] Sending hello
ication updates
2019-11-14 05:41:42 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-14 05:41:42 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-14 05:41:42 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-14 05:41:42 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-14 05:41:42 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-14 05:41:42 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-14 05:41:42 : <INFO> [SslCert] ALPN: None
2019-11-14 05:41:42 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:41:42 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:41:42 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:41:42 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-14 05:41:51 : <INFO> [Button clicked] EULA agreed
2019-11-14 05:41:53 : <INFO> [Button clicked] Scan
2019-11-14 05:41:53 : <INFO> [Scan] Started
2019-11-14 05:41:54 : <INFO> [Database] Downloading database
2019-11-14 05:41:58 : <INFO> [Database] Checking integrity
2019-11-14 05:41:58 : <INFO> [Database] Found 2588 families
2019-11-14 05:41:58 : <INFO> [Database] Database v "2019-10-21.1"
2019-11-14 05:41:58 : <INFO> [Loading paths] Local paths loaded
2019-11-14 05:41:58 : <INFO> [Loading paths] Chrome paths loaded
2019-11-14 05:41:58 : <INFO> [Loading paths] User Keys loaded
2019-11-14 05:41:58 : <INFO> [Module initialized] "File"
2019-11-14 05:41:58 : <INFO> [Module initialized] "Folder"
2019-11-14 05:41:58 : <INFO> [Module initialized] "RegistryKey"
2019-11-14 05:41:58 : <INFO> [Module initialized] "RegistryValue"
2019-11-14 05:41:58 : <INFO> [Module initialized] "TaskName"
2019-11-14 05:41:59 : <INFO> [Module initialized] "Service"
2019-11-14 05:41:59 : <INFO> [Module initialized] "Winlogon"
2019-11-14 05:42:00 : <INFO> [Module initialized] "URL"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegAppInit"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegClasses"
2019-11-14 05:42:00 : <INFO> [Module initialized] "DNS"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegFirewallPolicy"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegGuid"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegIEElevationPolicy"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegOther"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegProductID"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegSoftware"
2019-11-14 05:42:00 : <INFO> [Module initialized] "RegStartup"
2019-11-14 05:42:00 : <INFO> [Module initialized] "WMI"
2019-11-14 05:42:00 : <INFO> [Module initialized] "ChromiumExt"
2019-11-14 05:42:00 : <INFO> [Module initialized] "FirefoxExt"
2019-11-14 05:42:00 : <INFO> [Module initialize] Scan Browser
2019-11-14 05:42:01 : <INFO> [Module initialize] Scan Browser FF
2019-11-14 05:42:01 : <INFO> [Module initialize] FF start pages loaded
2019-11-14 05:42:01 : <INFO> [Module initialize] FF search providers loaded
2019-11-14 05:42:01 : <INFO> [Module initialize] FF plugin list loaded
2019-11-14 05:42:01 : <INFO> [Scan] Exclusions loaded
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\Main|Start Page" [ "Registry" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "SubScan" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}|URL" [ "Registry" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "SubScan" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}|FaviconURL" [ "Registry" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "SubScan" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}|TopResultURL" [ "Registry" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}" [ "Registry" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "http://securedsearch.lavasoft.com/?pr=v ... 54__181120" [ "Firefox URLs" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:03 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:04 : <INFO> [Scan] Item detected: "SubScan" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{993F5746-4C15-42BC-99C1-064A1764271B}|DisplayName" [ "Registry" ]
2019-11-14 05:42:04 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{993F5746-4C15-42BC-99C1-064A1764271B}" [ "Registry" ]
2019-11-14 05:42:08 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|Web Companion" [ "Registry" ]
2019-11-14 05:42:08 : <INFO> [Scan] Item detected: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|Web Companion" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Mozilla\\NativeMessagingHosts\\com.webcompanion.native" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-11-14 05:42:11 : <INFO> [Scan] Item detected: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Lavasoft\\Web Companion" [ "Registry" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "C:\\Users\\David\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "Preinstalled.HPUsageTrackingLEDM" , "C:\\Program Files (x86)\\HP\\HP UT LEDM\\BIN" [ "Folder" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "Preinstalled.HPUsageTrackingLEDM" , "HKLM\\Software\\Wow6432Node\\\\Microsoft\\Windows\\CurrentVersion\\Uninstall\\{853F464A-B2B8-404E-BA3E-B98FF6862C41}" [ "Registry" ]
2019-11-14 05:42:16 : <INFO> [Scan] Item detected: "Preinstalled.HPUsageTrackingLEDM" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|HPUsageTrackingLEDM" [ "Registry" ]
2019-11-14 05:42:17 : <INFO> [Scan] Item detected: "SubScan" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{993F5746-4C15-42BC-99C1-064A1764271B}|SuggestionsURL" [ "Registry" ]
2019-11-14 05:42:17 : <INFO> [Scan] Item detected: "SubScan" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{993F5746-4C15-42BC-99C1-064A1764271B}|FaviconURL" [ "Registry" ]
2019-11-14 05:42:17 : <INFO> [Scan] Item detected: "PUP.Optional.DefaultSearch.ShrtCln" , "Adaware Secure Search" [ "Chromium" ]
2019-11-14 05:42:18 : <INFO> [Telemetry] Sending to Influx
2019-11-14 05:42:18 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-14 05:42:18 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-14 05:42:18 : <INFO> [SslCert] Locality Name ()
2019-11-14 05:42:18 : <INFO> [SslCert] Organization ()
2019-11-14 05:42:18 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-14 05:42:18 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-14 05:42:18 : <INFO> [SslCert] ALPN: Yes
2019-11-14 05:42:18 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:42:18 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:42:18 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:42:18 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-14 05:42:18 : <INFO> [Telemetry] Sending to DSE
2019-11-14 05:42:20 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-14 05:42:20 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-14 05:42:20 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-14 05:42:20 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-14 05:42:20 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-14 05:42:20 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-14 05:42:20 : <INFO> [SslCert] ALPN: Yes
2019-11-14 05:42:20 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:42:20 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:42:20 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:42:20 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-14 05:42:20 : <INFO> [Scan] Finished
2019-11-14 05:42:27 : <INFO> [Button clicked] Next
2019-11-14 05:42:29 : <INFO> [Button clicked] Bundleware found ok button
2019-11-14 05:42:35 : <INFO> [Button clicked] Clean & repair
2019-11-14 05:42:37 : <INFO> [Button clicked] Dialog button clicked [ 2 ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Started
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "[System Process]" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "System" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "Registry" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "wsc_proxy.exe" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "Memory Compression" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "AvastSvc.exe" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "SgrmBroker.exe" 0
2019-11-14 05:42:37 : <WARNING> [Cleaning] Unable to Open process - "SecurityHealthService.exe" 0
2019-11-14 05:42:37 : <INFO> [Quarantine] Session folder: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237"
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\Main|Start Page" [ "Registry" ]
2019-11-14 05:42:37 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] ObjectsProcessed = 1
2019-11-14 05:42:37 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\Main|Start Page" [ "Registry" ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}" [ "Registry" ]
2019-11-14 05:42:37 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] ObjectsProcessed = 2
2019-11-14 05:42:37 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{BDF61FAE-9D19-40F0-8F34-688DEB334CA9}" [ "Registry" ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "http://securedsearch.lavasoft.com/?pr=v ... 54__181120" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] ObjectsProcessed = 3
2019-11-14 05:42:37 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "http://securedsearch.lavasoft.com/?pr=v ... 54__181120" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Quarantine failed.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] ObjectsProcessed = 4
2019-11-14 05:42:37 : <WARNING> [Cleaning] Failed to quarantine: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Quarantine failed.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] ObjectsProcessed = 5
2019-11-14 05:42:37 : <WARNING> [Cleaning] Failed to quarantine: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Quarantine failed.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] ObjectsProcessed = 6
2019-11-14 05:42:37 : <WARNING> [Cleaning] Failed to quarantine: "PUP.Optional.Legacy" , "api.bing.com" [ "Firefox URLs" ]
2019-11-14 05:42:37 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{993F5746-4C15-42BC-99C1-064A1764271B}" [ "Registry" ]
2019-11-14 05:42:37 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:37 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 7
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Internet Explorer\\SearchScopes\\{993F5746-4C15-42BC-99C1-064A1764271B}" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 8
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Run|Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 9
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Legacy" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237\\6"
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237\\6\\Web Companion"
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237\\6\\Web Companion\\Logs"
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237\\6\\Web Companion\\Logs\\Webcompanion"
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 10
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "C:\\ProgramData\\Application Data\\Lavasoft\\Web Companion" [ "Folder" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 11
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKLM\\SYSTEM\\Setup\\FirstBoot\\Services\\WCAssistantService" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 12
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 13
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 14
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKU\\S-1-5-18\\Software\\Microsoft\\Windows\\CurrentVersion\\Internet Settings\\ZoneMap\\Domains\\webcompanion.com" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Mozilla\\NativeMessagingHosts\\com.webcompanion.native" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 15
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKU\\.DEFAULT\\Software\\Mozilla\\NativeMessagingHosts\\com.webcompanion.native" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 16
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKLM\\Software\\Wow6432Node\\Lavasoft\\Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Lavasoft\\Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 17
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.WebCompanion" , "HKCU\\Software\\Lavasoft\\Web Companion" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "C:\\Users\\David\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237\\13"
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: "C:\\AdwCleaner\\Quarantine\\v1\\20191114.064237\\13\\Seznam.cz"
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-14 05:42:38 : <DEBUG> [recurseProcessNameHashes]: Done.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 18
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "C:\\Users\\David\\AppData\\Roaming\\Seznam.cz" [ "Folder" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 19
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Seznam.cz" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 20
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKLM\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run32|seznam-listicka-distribuce" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] ObjectsProcessed = 21
2019-11-14 05:42:38 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.autoupdate" [ "Registry" ]
2019-11-14 05:42:38 : <INFO> [Cleaning] Processing: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-11-14 05:42:38 : <DEBUG> [Quarantine] Created quarantine record.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:38 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:39 : <DEBUG> [Cleaning] ObjectsProcessed = 22
2019-11-14 05:42:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.Seznam.cz" , "HKCU\\Software\\Microsoft\\Windows\\CurrentVersion\\Explorer\\StartupApproved\\Run|cz.seznam.software.szndesktop" [ "Registry" ]
2019-11-14 05:42:39 : <INFO> [Cleaning] Processing: "PUP.Optional.DefaultSearch.ShrtCln" , "Adaware Secure Search" [ "Chromium" ]
2019-11-14 05:42:39 : <DEBUG> [Cleaning] Cleaned the item.
2019-11-14 05:42:39 : <DEBUG> [Cleaning] Updated quarantine index file.
2019-11-14 05:42:39 : <DEBUG> [Cleaning] ObjectsProcessed = 23
2019-11-14 05:42:39 : <INFO> [Cleaning] Quarantined: "PUP.Optional.DefaultSearch.ShrtCln" , "Adaware Secure Search" [ "Chromium" ]
2019-11-14 05:42:39 : <INFO> [Engine Additional Action] "Delete Tracing Keys"
2019-11-14 05:42:39 : <INFO> [Engine Additional Action] "Reset Winsock"
2019-11-14 05:42:39 : <INFO> [Telemetry] Sending to Influx
2019-11-14 05:42:40 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-14 05:42:40 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-14 05:42:40 : <INFO> [SslCert] Locality Name ()
2019-11-14 05:42:40 : <INFO> [SslCert] Organization ()
2019-11-14 05:42:40 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-14 05:42:40 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-14 05:42:40 : <INFO> [SslCert] ALPN: Yes
2019-11-14 05:42:40 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:42:40 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:42:40 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:42:40 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-14 05:42:40 : <INFO> [Telemetry] Sending to DSE
2019-11-14 05:42:40 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-14 05:42:40 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-14 05:42:40 : <INFO> [SslCert] Locality Name ("San Jose")
2019-11-14 05:42:40 : <INFO> [SslCert] Organization ("Malwarebytes Inc.")
2019-11-14 05:42:40 : <INFO> [SslCert] Certificate EffectiveDate: "et úno 22 00:00:00 2018 GMT"
2019-11-14 05:42:40 : <INFO> [SslCert] Certificate ExpirationDate: "st dub 22 12:00:00 2020 GMT"
2019-11-14 05:42:40 : <INFO> [SslCert] ALPN: Yes
2019-11-14 05:42:40 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:42:40 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:42:40 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:42:40 : <INFO> [Telemetry] Status code: QVariant(int, 201)
2019-11-14 05:42:40 : <INFO> [Cleaning] Finished
2019-11-14 05:42:48 : <INFO> [Button clicked] Dialog button clicked [ 6 ]
2019-11-14 05:42:48 : <INFO> [Application] Closing AdwCleaner
2019-11-14 05:43:31 : <INFO> [Application] AdwCleaner 7 . 4 . 2 launched
2019-11-14 05:43:41 : <INFO> [MBBanner] Checking Iris
2019-11-14 05:43:41 : <INFO> [IRIS] Making request
2019-11-14 05:43:41 : <INFO> [Telemetry] Sending hello
ication updates
2019-11-14 05:43:43 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-14 05:43:43 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-14 05:43:43 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-14 05:43:43 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-14 05:43:43 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-14 05:43:43 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-14 05:43:43 : <INFO> [SslCert] ALPN: None
2019-11-14 05:43:43 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:43:43 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:43:43 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:43:43 : <INFO> [SslCert] Issued by ("DigiCert SHA2 High Assurance Server CA")
2019-11-14 05:43:43 : <INFO> [SslCert] Issued to ("*.malwarebytes.com")
2019-11-14 05:43:43 : <INFO> [SslCert] Locality Name ("Santa Clara")
2019-11-14 05:43:43 : <INFO> [SslCert] Organization ("Malwarebytes Inc")
2019-11-14 05:43:43 : <INFO> [SslCert] Certificate EffectiveDate: "po oíj 2 00:00:00 2017 GMT"
2019-11-14 05:43:43 : <INFO> [SslCert] Certificate ExpirationDate: "út oíj 6 12:00:00 2020 GMT"
2019-11-14 05:43:43 : <INFO> [SslCert] ALPN: None
2019-11-14 05:43:43 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:43:43 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:43:43 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:43:43 : <INFO> [Telemetry] Status code: QVariant(int, 200)
2019-11-14 05:43:43 : <WARNING> [File Downloader] Error downloading ( QNetworkReply::NetworkError(ContentNotFoundError) )
2019-11-14 05:43:43 : <INFO> [IRIS] Failed
2019-11-14 05:43:47 : <INFO> [Button clicked] Log files menu item
2019-11-14 05:43:51 : <INFO> [Button clicked] Dashboard menu item
2019-11-14 05:43:54 : <INFO> [Button clicked] Survey closed
2019-11-14 05:43:55 : <INFO> [Telemetry] Sending NPS Survey
2019-11-14 05:43:56 : <INFO> [SslCert] Issued by ("Let's Encrypt Authority X3")
2019-11-14 05:43:56 : <INFO> [SslCert] Issued to ("telemetry-02.adwc.mb.fr33tux.org")
2019-11-14 05:43:56 : <INFO> [SslCert] Locality Name ()
2019-11-14 05:43:56 : <INFO> [SslCert] Organization ()
2019-11-14 05:43:56 : <INFO> [SslCert] Certificate EffectiveDate: "et oíj 17 14:50:26 2019 GMT"
2019-11-14 05:43:56 : <INFO> [SslCert] Certificate ExpirationDate: "st led 15 14:50:26 2020 GMT"
2019-11-14 05:43:56 : <INFO> [SslCert] ALPN: Yes
2019-11-14 05:43:56 : <INFO> [SslCert] Cipher: "ECDHE-RSA-AES256-GCM-SHA384"
2019-11-14 05:43:56 : <INFO> [SslCert] KXE: "ECDH"
2019-11-14 05:43:56 : <INFO> [SslCert] Protocol: "TLSv1.2"
2019-11-14 05:43:56 : <INFO> [Telemetry] Status code: QVariant(int, 204)
2019-11-14 05:44:00 : <INFO> [Button clicked] Log files menu item

[Conder]

Ak nepotrebujes/nepouzivas program "McAfee True Key", mozes ho odinstalovat.

Tiez odporucam odinstalovat starsie verzie Javy - Java 8 Update 144 a Java 8 Update 191. Ak Javu potrebujes, nainstaluj aktualnu verziu z https://java.com/en/download/

Nasledne poprosim o obidva logy z FRST (FRST.txt a Addition.txt) podla tohto navodu: https://forum.viry.cz/viewtopic.php?f=13&t=154679

[davidvr]

odinstalováno

logy v příloze

[Conder]

Otvor poznamkovy blok (Win+R -> notepad -> enter)

• Skopiruj nasledujuci text a vloz ho do poznamkoveho bloku:

  Kód: Vybrat vše

  Start
  CloseProcesses:
  CreateRestorePoint:
  
  PowerShell: Get-ChildItem -Path "$ENV:USERPROFILE\Desktop" -Recurse -Force | Measure-Object -Property Length -Sum
  HKU\S-1-5-21-1178174967-152315223-1449852044-1002\...\Policies\Explorer: [] 
  HKU\S-1-5-21-1178174967-152315223-1449852044-1002\...\MountPoints2: {f2683100-2143-11e9-9fea-58fb84bda190} - "E:\HiSuiteDownLoader.exe" 
  Lsa: [Notification Packages] scecli "C:\Program Files\TrueKey\McAfeeTrueKeyPasswordFilter"
  Task: {F5E331B8-B536-4DC4-A0C3-BD127D034949} - \Microsoft\Windows\UNP\RunCampaignManager -> No File <==== ATTENTION
  FF NewTab: Mozilla\Firefox\Profiles\2uo1z16k.default -> hxxp://securedsearch.lavasoft.com/?pr=vmn&id=webcompa&ent=hp_WCYID10454__181120
  CHR HKLM-x32\...\Chrome\Extension: [nladljmabboanhihfkjacnnkgjhnokhj]
  2019-11-18 22:22 - 2019-11-18 22:22 - 000000000 ____D C:\Users\David\Desktop\FRST-OlderVersion
  2019-11-18 22:17 - 2019-11-18 22:18 - 000000000 ____D C:\ProgramData\McInstTemp0053571574111869
  2019-11-11 21:25 - 2019-11-11 21:27 - 000000000 ____D C:\rsit
  2019-11-11 21:25 - 2019-11-11 21:27 - 000000000 ____D C:\Program Files\trend micro
  2019-11-11 21:25 - 2019-11-11 21:25 - 001222144 _____ C:\Users\David\Downloads\RSITx64.exe
  2019-11-11 21:25 - 2019-11-11 21:25 - 001222144 _____ C:\Users\David\Desktop\RSITx64.exe
  2019-11-18 22:18 - 2018-10-29 19:14 - 000000000 ____D C:\Program Files\McAfee
  2019-11-18 22:18 - 2017-05-30 00:09 - 000000000 ____D C:\Program Files\Common Files\McAfee
  2019-11-18 22:18 - 2017-05-30 00:00 - 000000000 ____D C:\ProgramData\McAfee
  2017-07-26 21:31 - 2017-07-26 21:31 - 331479536 _____ () C:\Users\David\AppData\Local\ACCCx4_1_1_202.zip.aamdownload
  2017-07-26 21:31 - 2017-07-26 21:31 - 000003693 _____ () C:\Users\David\AppData\Local\ACCCx4_1_1_202.zip.aamdownload.aamd
  ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} =>  -> No File
  AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorB.sys:com.dropbox.attributes [168]
  AlternateDataStreams: C:\WINDOWS\system32\Drivers\iaStorS.sys:com.dropbox.attributes [168]
  AlternateDataStreams: C:\ProgramData\TEMP:8927A071 [462]
  AlternateDataStreams: C:\ProgramData\TEMP:A1EDB939 [114]
  
  Hosts:
  EmptyTemp:
  End

• Uloz na plochu s nazvom fixlist.txt
• Spusti znovu FRST a klikni na Fix
• Po dokonceni si FRST vyziada restart PC, potvrd kliknutim na OK
• Po restartovani PC bude na ploche subor Fixlog.txt, jeho obsah sem skopiruj