Prosím o kontrolu logu Vyřešeno

[vašekp]

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:58:57, on 20.08.2025
Platform: Unknown Windows (WinNT 6.02.1008)
MSIE: Internet Explorer v11.0 (11.00.26100.1882)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\HP\HPAudioSwitch\HPAudioSwitch.exe
C:\Users\vper\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe
C:\Users\vper\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\EPSON Software\Download Navigator\EPSDNMON.EXE
C:\Program Files (x86)\Brother\iPrint&Scan\IPSMONITOR\iPSMonitor.exe
C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
C:\Program Files (x86)\Western Digital\Discovery\Current\WDDiscoveryMonitor.exe
C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe
c:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationService.exe
C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
C:\WINDOWS\SysWOW64\cmd.exe
C:\Program Files\WD Desktop App\kdd.exe
C:\Program Files (x86)\Brother\BrUtilities\BrLogRx.exe
C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe
C:\Users\vper\Downloads\HijackThis.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Local Page = %11%\blank.htm
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
F2 - REG:system.ini: UserInit=
O2 - BHO: Lync Click to Call BHO - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O2 - BHO: McAfee WebAdvisor - {B164E929-A1B6-4A06-B104-2CD0E90A88FF} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O4 - HKLM\..\Run: [ExpressVPNNotificationService] "C:\Program Files (x86)\ExpressVPN\expressvpn-ui\ExpressVPNNotificationServiceStarter.exe"
O4 - HKLM\..\Run: [WDDiscovery] C:\Program Files (x86)\Western Digital\Discovery\Current\WD Discovery.exe --autolaunch
O4 - HKLM\..\Run: [Reader Application Helper] C:\Program Files (x86)\Sony\ReaderDesktop\appHelper\ReaderAppHelper.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [M22A] C:\WINDOWS\twain_32\Brimm22a\Common\TwDsUiLaunch.exe
O4 - HKLM\..\Run: [BrStsMon00] C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe /AUTORUN
O4 - HKLM\..\Run: [BrotherSoftwareUpdateNotification] C:\Program Files (x86)\Brother\SoftwareUpdateNotification\SoftwareUpdateNotificationService.exe /Autorun
O4 - HKCU\..\Run: [HPSEU_Host_Launcher] C:\System.sav\util\HPSEU\HpseuHostLauncher.exe
O4 - HKCU\..\Run: [OneDrive] "C:\Users\vper\AppData\Local\Microsoft\OneDrive\OneDrive.exe" /background
O4 - HKCU\..\Run: [CCleaner Smart Cleaning] "C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR
O4 - HKCU\..\Run: [sznAgent] C:\Users\vper\AppData\Roaming\Seznam Browser\sznAgent\Seznam.cz.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\vper\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\vper\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [EPSDNMON] "C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE"
O4 - HKCU\..\Run: [Opera Browser Assistant] C:\Users\vper\AppData\Local\Programs\Opera\assistant\browser_assistant.exe
O4 - HKCU\..\Run: [Opera Stable] C:\Users\vper\AppData\Local\Programs\Opera\opera.exe
O4 - Startup: Poslat do aplikace OneNote.lnk = C:\Program Files\Microsoft Office\root\Office16\ONENOTEM.EXE
O4 - Global Startup: Brother iPSMonitor.lnk = C:\Program Files (x86)\Brother\iPrint&Scan\IPSMONITOR\iPSMonitor.exe
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\Program Files\Microsoft Office\Root\Office16\EXCEL.EXE/3000
O8 - Extra context menu item: Se&nd to OneNote - res://C:\Program Files\Microsoft Office\Root\Office16\ONBttnIE.dll/105
O9 - Extra button: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\HP\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra 'Tools' menuitem: Lync Click to Call - {31D09BA0-12F5-4CCE-BE8A-2923E76605DA} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\OCHelper.dll
O9 - Extra button: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O9 - Extra 'Tools' menuitem: McAfee WebAdvisor - {48A61126-9A19-4C50-A214-FF08CB94995C} - C:\Program Files\McAfee\WebAdvisor\win32\IEPlugin.dll
O10 - Unknown file in Winsock LSP: c:\windows\system32\nlansp_c.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: mso-minsb-roaming.16 - {83C25742-A9F7-49FB-9138-434302C88D07} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: mso-minsb.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf-roaming.16 - {42089D2D-912D-4018-9087-2B87803E93FB} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: osf.16 - {5504BE45-A83B-4808-900A-3A5C36E7F77A} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesX86\Microsoft Office\Office16\MSOSB.DLL
O18 - Protocol: tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Protocol: windows.tbauth - {14654CA6-5711-491D-B89A-58E571679951} - C:\Windows\SysWOW64\tbauth.dll
O18 - Filter: application/x-mfe-ipt - {3EF5086B-5478-4598-A054-786C45D75692} - C:\Program Files (x86)\McAfee\MSC\McSnIePl.dll
O18 - Filter hijack: text/xml - {807583E5-5146-11D5-A672-00B0D022E945} - C:\Program Files\Microsoft Office\root\VFS\ProgramFilesCommonX86\Microsoft Shared\Office16\MSOXMLMF.DLL
O21 - SSODL: WDFSMountNotificator-wdfsconnect2017 - {A4606B98-8C5B-4571-A27B-184BD614D3B3} - C:\windows\SysWOW64\wdfsconnectMntNtf2017.dll
O22 - SharedTaskScheduler: Virtual Storage Mount Notification - {A4606B98-8C5B-4571-A27B-184BD614D3B3} - C:\windows\SysWOW64\wdfsconnectMntNtf2017.dll
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\WINDOWS\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - AMD - C:\WINDOWS\System32\DriverStore\FileRepository\u0372698.inf_amd64_2366d501a5d0e392\B370279\atiesrxx.exe
O23 - Service: aswbIDSAgent - Gen Digital Inc. - C:\Program Files\Avast Software\Avast\aswidsagent.exe
O23 - Service: Slu ba Avast Browser Update (avast) (avast) - Gen Digital Inc. - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Antivirus (avast! Antivirus) - Gen Digital Inc. - C:\Program Files\Avast Software\Avast\AvastSvc.exe
O23 - Service: Avast Firewall Service (avast! Firewall) - Gen Digital Inc. - C:\Program Files\Avast Software\Avast\afwServ.exe
O23 - Service: Avast Tools (avast! Tools) - Gen Digital Inc. - C:\Program Files\Avast Software\Avast\aswToolsSvc.exe
O23 - Service: Slu ba Avast Browser Update (avastm) (avastm) - Gen Digital Inc. - C:\Program Files (x86)\AVAST Software\Browser\Update\AvastBrowserUpdate.exe
O23 - Service: Avast Secure Browser Elevation Service (AvastSecureBrowserElevationService) (AvastSecureBrowserElevationService) - Gen Digital Inc. - C:\Program Files\AVAST Software\Browser\Application\139.0.31477.68\elevation_service.exe
O23 - Service: AvastWscReporter - AVAST Software - C:\Program Files\Avast Software\Avast\wsc_proxy.exe
O23 - Service: BrYNSvc - Brother Industries, Ltd. - C:\Program Files (x86)\Browny02\BrYNSvc.exe
O23 - Service: Slu ba CCleaner Browser Update (ccleaner) (ccleaner) - Gen Digital Inc. - C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Browser Elevation Service (CCleanerBrowserElevationService) (CCleanerBrowserElevationService) - Gen Digital Inc. - C:\Program Files\CCleaner Browser\Application\139.0.31477.68\elevation_service.exe
O23 - Service: Slu ba CCleaner Browser Update (ccleanerm) (ccleanerm) - Gen Digital Inc. - C:\Program Files (x86)\CCleaner Browser\Update\CCleanerBrowserUpdate.exe
O23 - Service: CCleaner Performance Optimizer Service (CCleanerPerformanceOptimizerService) - Gen Digital Inc. - C:\Program Files\CCleaner\CCleanerPerformanceOptimizerService.exe
O23 - Service: @%SystemRoot%\system32\CredentialEnrollmentManager.exe,-100 (CredentialEnrollmentManagerUserSvc) - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: CredentialEnrollmentManagerUserSvc_1aa7575b - Unknown owner - C:\WINDOWS\system32\CredentialEnrollmentManager.exe (file missing)
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: ExpressVPN Service (ExpressVPNService) - ExpressVPN - C:\Program Files (x86)\ExpressVPN\bootstrap\amd64\nssm.exe
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\WINDOWS\system32\fxssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\GameInputSvc.exe,-101 (GameInputSvc) - Unknown owner - C:\WINDOWS\System32\GameInputSvc.exe (file missing)
O23 - Service: Google Chrome Elevation Service (GoogleChromeElevationService) (GoogleChromeElevationService) - Google LLC - C:\Program Files\Google\Chrome\Application\139.0.7258.128\elevation_service.exe
O23 - Service: Intern aktualiza n slu ba Google (GoogleUpdaterInternalService141.0.7340.0) (GoogleUpdaterInternalService141.0.7340.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\141.0.7340.0\updater.exe
O23 - Service: Aktualiza n slu ba Google (GoogleUpdaterService141.0.7340.0) (GoogleUpdaterService141.0.7340.0) - Google LLC - C:\Program Files (x86)\Google\GoogleUpdater\141.0.7340.0\updater.exe
O23 - Service: Slu ba Aktualizace Google (gupdate) (gupdate) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Slu ba Aktualizace Google (gupdatem) (gupdatem) - Google LLC - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: HP Comm Recovery (HP Comm Recover) - HP Inc. - C:\Program Files\HPCommRecovery\HPCommRecovery.exe
O23 - Service: HP One Agent Service (hp-one-agent-service) - HP Inc; HP Development Company, L.P. - C:\Program Files\HP\HP One Agent\hp-one-agent-service.exe
O23 - Service: @oem82.inf,%ServiceAppHelperDesc%;HP App Helper HSA Service (HPAppHelperCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\AppHelperCap.exe
O23 - Service: @oem82.inf,%ServiceDiagsDesc%;HP Diagnostics HSA Service (HPDiagsCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\DiagsCap.exe
O23 - Service: @oem82.inf,%ServiceNetworkDesc%;HP Network HSA Service (HPNetworkCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\NetworkCap.exe
O23 - Service: HP Print Scan Doctor Service (HPPrintScanDoctorService) - HP Inc. - C:\Program Files\HPPrintScanDoctor\HPPrintScanDoctorService.exe
O23 - Service: HP CASL Framework Service (hpqcaslwmiex) - HP - C:\Program Files (x86)\HP\Shared\hpqwmiex.exe
O23 - Service: @oem82.inf,%ServiceSysInfoDesc%;HP System Info HSA Service (HPSysInfoCap) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpcustomcapcomp.inf_amd64_2ce7f3bdc4152084\x64\SysInfoCap.exe
O23 - Service: @oem84.inf,%hpanalyticscomp%;HP Insights Analytics (HpTouchpointAnalyticsService) - HP Inc. - C:\WINDOWS\System32\DriverStore\FileRepository\hpanalyticscomp.inf_amd64_0f2b4c962c16d743\x64\TouchpointAnalyticsClientService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: LibreOffice Maintenance Service (LibreOfficeMaintenance) - The Document Foundation - C:\Program Files\LibreOffice\program\update_service.exe
O23 - Service: @%SystemRoot%\System32\localkdcsvc.dll,-1 (LocalKdc) - Unknown owner - C:\WINDOWS\System32\lsass.exe (file missing)
O23 - Service: McAfee WebAdvisor - McAfee, LLC - C:\Program Files\McAfee\WebAdvisor\ServiceHost.exe
O23 - Service: McAfee AP Service (McAPExe) - McAfee, LLC - C:\Program Files\Common Files\McAfee\VSCore_21_4\McApExe.exe
O23 - Service: McAfee Activation Service (McAWFwk) - McAfee, LLC. - C:\Program Files\Common Files\McAfee\ActWiz\McAWFwk.exe
O23 - Service: McAfee CSP Service (mccspsvc) - McAfee, LLC - C:\Program Files\Common Files\McAfee\CSP\4.3.107.0\\McCSPServiceHost.exe
O23 - Service: McAfee Firewall Core Service (mfefire) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service: McAfee Service Controller (mfemms) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service: McAfee Validation Trust Protection Service (mfevtp) - McAfee, LLC - C:\Program Files\Common Files\McAfee\SystemCore\mfemms.exe
O23 - Service: McAfee Module Core Service (ModuleCoreService) - McAfee, LLC - C:\Program Files\Common Files\McAfee\ModuleCore\ModuleCoreService.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\WINDOWS\System32\msdtc.exe (file missing)
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: McAfee PEF Service (PEFService) - McAfee, LLC - C:\Program Files\Common Files\McAfee\PEF\CORE\PEFService.exe
O23 - Service: @%systemroot%\system32\PerceptionSimulation\PerceptionSimulationService.exe,-101 (perceptionsimulation) - Unknown owner - C:\WINDOWS\system32\PerceptionSimulation\PerceptionSimulationService.exe (file missing)
O23 - Service: @%SystemRoot%\System32\ReFsDedupSvc.exe,-100 (refsdedupsvc) - Unknown owner - C:\WINDOWS\System32\ReFsDedupSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\WINDOWS\system32\locator.exe (file missing)
O23 - Service: Realtek Audio Universal Service (RtkAudioUniversalService) - Realtek Semiconductor - C:\WINDOWS\System32\DriverStore\FileRepository\realtekservice.inf_amd64_bb0c442560f99618\RtkAudUService64.exe
O23 - Service: @oem69.inf,%RtkBtManServ.SvcDesc%;Realtek Bluetooth Device Manager Service (RtkBtManServ) - Realtek Semiconductor Corp. - C:\WINDOWS\RtkBtManServ.exe
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: Sound Research SECOMN Service (SECOMNService) - Unknown owner - C:\WINDOWS\System32\SECOMN64.exe (file missing)
O23 - Service: @%systemroot%\system32\SecurityHealthAgent.dll,-1002 (SecurityHealthService) - Unknown owner - C:\WINDOWS\system32\SecurityHealthService.exe (file missing)
O23 - Service: @%ProgramFiles%\Windows Defender Advanced Threat Protection\MsSense.exe,-1001 (Sense) - Unknown owner - C:\Program Files (x86)\Windows Defender Advanced Threat Protection\MsSense.exe (file missing)
O23 - Service: @%SystemRoot%\system32\SensorDataService.exe,-101 (SensorDataService) - Unknown owner - C:\WINDOWS\System32\SensorDataService.exe (file missing)
O23 - Service: @firewallapi.dll,-50323 (SNMPTrap) - Unknown owner - C:\WINDOWS\System32\snmptrap.exe (file missing)
O23 - Service: Sony SCSI Helper Service - Sony Corporation - C:\Program Files (x86)\Common Files\Sony Shared\Fsk\SonySCSIHelperService.exe
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\WINDOWS\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\WINDOWS\system32\sppsvc.exe (file missing)
O23 - Service: @oem19.inf,%SynTPEnhService.SVCDESC%;SynTPEnhService (SynTPEnhService) - Unknown owner - C:\WINDOWS\System32\SynTPEnhService.exe (file missing)
O23 - Service: @%SystemRoot%\system32\TieringEngineService.exe,-702 (TieringEngineService) - Unknown owner - C:\WINDOWS\system32\TieringEngineService.exe (file missing)
O23 - Service: Brother USB Application Controller (USBAppControl) - Unknown owner - C:\Program Files (x86)\Brother\iPrint&Scan\UsbAppControl\USBAppControl.exe
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\WINDOWS\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\WINDOWS\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\WINDOWS\system32\vssvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\WINDOWS\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\WINDOWS\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
O23 - Service: Brother Workflow Application Controller (WorkflowAppControl) - Unknown owner - C:\Program Files (x86)\Brother\iPrint&Scan\WorkflowAppControl\WorkflowAppControl.exe

--
End of file - 19266 bytes

[Reklama]

[jaro3]

AVAST Software
McAfee
2 antiviry? Jeden odinstaluj!

Stáhni si ATF Cleaner
https://www.majorgeeks.com/mg/getmirror ... ner,2.html
Poklepej na ATF Cleaner.exe, klikni na select all, poté:
-Když používáš Firefox (Mozzila), klikni na Firefox nahoře a vyber: Select All, poté klikni na Empty Selected.
-Když používáš Operu, klikni nahoře na Operu a vyber: Select All, poté klikni na Empty Selected. Poté klikni na Main (hlavní stránku ) a klikni na Empty Selected.
Po vyčištění klikni na Exit k zavření programu.
ATF-Cleaner je jednoduchý nástroj na odstranění historie z webového prohlížeče. Program dokáže odstranit cache, cookies, historii a další stopy po surfování na Internetu. Mezi podporované prohlížeče patří Internet Explorer, Firefox a Opera. Aplikace navíc umí odstranit dočasné soubory Windows, vysypat koš atd.
- Pokud používáš jen Google Chrome ,Edge , tak ATF nemusíš použít.


Stáhni si TFC
http://www.geekstogo.com/forum/files/fi ... -oldtimer/
https://www.bleepingcomputer.com/download/tfc/
https://www.majorgeeks.com/files/detail ... eaner.html
https://www.majorgeeks.com/mg/get/temp_ ... ner,1.html

Otevři soubor a zavři všechny ostatní okna, Klikni na Start k zahájení procesu. Program by neměl trvat dlouho.
Poté by se měl PC restartovat, pokud ne , proveď sám.

Stáhni AdwCleaner (by Xplode)
http://www.bleepingcomputer.com/download/adwcleaner/
http://www.adlice.com/downloadprogress/
pro majitele win7 stáhni zde:
https://filehippo.com/download_adwcleaner/ ( nedávej aktualizaci!)

Ulož si ho na svojí plochu . Klikni na „Souhlasím“ k povrzení podmínek.
Ukonči všechny programy , okna a prohlížeče
Spusť program poklepáním a klikni na „Skenování“
Po skenu se objeví log , který se otevře. ( jinak je uložen systémovem disku jako) C:\AdwCleaner\Logs, jeho obsah sem celý vlož.

Stáhni si Malwarebytes' Anti-Malware
https://www.malwarebytes.com/mwb-download/thankyou/

na plochu , nainstaluj a spusť ho
-Pokud není program aktuální , klikni na možnost „Aktualizovat nyní“ či „Opravit nyní“.
- bude nalezena aktualizace a nainstaluje se.
- poté klikni na Spustit skenování
- po proběhnutí skenu se ti objeví hláška vpravo dole, tak klikni na Zobrazit zprávu a vyber Export a vyber Kopírovat do schránky a vlož sem celý log. Nebo klikni na „Textový soubor ( .txt)“ a log si ulož. A vlož sem.
-jinak se log nachází v programu po kliknutí na „Zprávy“ , nebo je uložen zde: C:\ProgramData\Malwarebytes\Malwarebytes Anti-Malware\Logs

- po té klikni na tlačítko Dokončit, a program zavři křížkem vpravo nahoře.
(zatím nic nemaž!).
Pokud budou problémy , spusť v nouz. režimu.
(Po skončení scanu klikni na vidličku save result a vyber export to TXT. Po chvilce se objeví okno a uložíš si log v txt kam chceš. Pak ho zkopíruj a vlož sem).

[vašekp]

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Scan
# -------------------------------
# Start: 08-22-2025
# Duration: 00:00:18
# OS: Windows 11 (Build 26100.4946)
# Scanned: 32097
# Detected: 43


***** [ Services ] *****

No malicious services found.

***** [ Folders ] *****

Adware.RuKometa C:\Users\vper\Desktop\Kometa
PUP.Optional.Seznam.cz C:\Program Files (x86)\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\vper\AppData\Local\Seznam.cz
PUP.Optional.Seznam.cz C:\Users\vper\AppData\Roaming\Seznam.cz

***** [ Files ] *****

PUP.Optional.CleanMyPC C:\Users\vper\Downloads\REGCLEANER.EXE

***** [ DLL ] *****

No malicious DLLs found.

***** [ WMI ] *****

No malicious WMI found.

***** [ Shortcuts ] *****

No malicious shortcuts found.

***** [ Tasks ] *****

No malicious tasks found.

***** [ Registry ] *****

PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.autoupdate
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Run|cz.seznam.software.szndesktop
PUP.Optional.Seznam.cz HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\SeznamInstall
PUP.Optional.Seznam.cz HKCU\Software\Mozilla\NativeMessagingHosts\sznpp_nm
PUP.Optional.Seznam.cz HKCU\Software\Seznam.cz
PUP.Optional.Seznam.cz HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run32|seznam-listicka-distribuce
PUP.Optional.Seznam.cz HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Run|seznam-listicka-distribuce

***** [ Chromium (and derivatives) ] *****

PUP.Optional.Seznam.cz Seznam Doplněk – Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
PUP.Optional.Seznam.cz Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

PUP.Optional.Conduit BitTorrentBar Customized Web Search
PUP.Optional.Legacy Web Search
PUP.Optional.Legacy Web Search

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries found.

***** [ Firefox URLs ] *****

No malicious Firefox URLs found.

***** [ Hosts File Entries ] *****

No malicious hosts file entries found.

***** [ Preinstalled Software ] *****

Preinstalled.HPAudioSwitch Folder C:\Program Files (x86)\HP\HPAUDIOSWITCH
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{17F4011F-A697-4021-B52D-400AA0B6F096}
Preinstalled.HPAudioSwitch Registry HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\HPAudioSwitch
Preinstalled.HPAudioSwitch Task C:\Windows\System32\Tasks\HPAUDIOSWITCH
Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Explorer\StartupApproved\Run|HPSEU_Host_Launcher
Preinstalled.HPCleanFLC Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Run|HPSEU_Host_Launcher
Preinstalled.HPRegistrationService Folder C:\ProgramData\HP\HP REGISTRATION SERVICE
Preinstalled.HPSupportAssistant Folder C:\HP\SUPPORT
Preinstalled.HPSupportAssistant Folder C:\Program Files (x86)\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\ProgramData\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Folder C:\Users\vper\AppData\Roaming\HEWLETT-PACKARD\HP SUPPORT FRAMEWORK
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Classes\CLSID\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSupportAssistant Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}
Preinstalled.HPSureConnect Folder C:\Program Files\HPCOMMRECOVERY
Preinstalled.HPSureConnect Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{6468C4A5-E47E-405F-B675-A70A70983EA6}
Preinstalled.HPTouchpointAnalyticsClient Folder C:\ProgramData\HP\HP TOUCHPOINT ANALYTICS CLIENT
Preinstalled.HPTouchpointAnalyticsClient Registry HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{E5FB98E0-0784-44F0-8CEC-95CD4690C43F}
Preinstalled.ReaderforPC File C:\Users\Public\Desktop\Reader for PC.lnk
Preinstalled.ReaderforPC Folder C:\Program Files (x86)\SONY\READERDESKTOP
Preinstalled.ReaderforPC Registry HKLM\Software\Wow6432Node\\Microsoft\Windows\CurrentVersion\Uninstall\{02F29E25-2B7A-43BA-AF95-D0978593F399}



########## EOF - C:\AdwCleaner\Logs\AdwCleaner[S00].txt ##########

[jaro3]

A Malwarebytes' Anti-Malware?

Spusť znovu AdwCleaner (u Windows Vista či Windows7, klikni na AdwCleaner pravým a vyber „Spustit jako správce“
klikni na „Skenování“ , po prohledání klikni na „ do karantény“

Program provede opravu, po automatickém restartu klikni na Zobrazit logovací soubor“ a pak poklepej na odpovídají log, (C:\AdwCleaner [C?].txt) , jeho obsah sem celý vlož.

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.

[vašekp]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/22/2025
Scan Time: 8:55 AM
Log File: feac4ed4-7f24-11f0-ad35-b05cda4e7638.json

-Software Information-
Version: 5.3.7.209
Components Version: 139.0.5357
Update Package Version: 1.0.102261
License: Trial

-System Information-
OS: Windows 11 (Build 26100.4946)
CPU: x64
File System: NTFS
User: LAPTOP-EH9554IO\vper

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 224753
Threats Detected: 26
Threats Quarantined: 0
Time Elapsed: 3 min, 35 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 4
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 28, 454832, 1.0.102261, , ame, , ,
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 28, 454832, 1.0.102261, , ame, , ,
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 1244, 455066, 1.0.102261, , ame, , ,
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, No Action By User, 1244, 455066, 1.0.102261, , ame, , ,

File: 22
RiskWare.SetDefaultBrowser, C:\USERS\VPER\APPDATA\ROAMING\SEZNAM BROWSER\DEFAULTBROWSER.EXE, No Action By User, 8991, 1281400, 1.0.102261, , ame, , 4ADC091F25781329CAE1AD8FDF94EDD7, 21F1E8DE0E8FAF5EB5505CFEF3CC0F14EE3EAB7C3442AB0BB1D1A3E2E3988022
PUP.Optional.BundleInstaller, C:\USERS\VPER\DOWNLOADS\EVERESTHOME220.EXE, No Action By User, 96, 1175903, 1.0.102261, , ame, , 6CA9BB27010C90693F7A045172F43C9B, 7F7147FD7E5A3B8946FD90D138256D8D67DE403CD1A35CBA9781EF713C39EDBE
PUP.Optional.Avanquest, C:\USERS\VPER\DOWNLOADS\DRIVER_UPDATER_SETUP.EXE, No Action By User, 2520, 904416, 1.0.102261, , ame, , 86E33F673643C9B85DCC6345FD351F27, B8871BA02EE397BF319E4D6F308A59851D5BC740E4F9B3D183045181738F5825
PUP.Optional.Seznam, C:\USERS\VPER\DOWNLOADS\SPOTIFYFULLSETUP (1).EXE, No Action By User, 4257, 623984, 1.0.102261, , ame, , 08E9544C1FDCAA86A64F3ECBE8B28F28, 79F7CEF89A9EEDB5F23738BDCA6E9BFAE293F8583EF79BAA6F6DC33613BEB9C3
Malware.AI.3725601409, C:\USERS\VPER\DOWNLOADS\REGCLEANER.EXE, No Action By User, 1000000, 0, 1.0.102261, A7306AC23B87C522DE102A81, dds, 03492315, 9F1948CF9E4909727FDE11AC296430C7, A67DBC977F98283F28F00028A56F0E26D9E287BA28B4567251096CAF0A3CB5FA
PUP.Optional.BundleInstaller, C:\USERS\VPER\DOWNLOADS\PICASA39-SETUP.EXE, No Action By User, 96, 1175903, 1.0.102261, , ame, , 1A4E5CCD35A56D84281A143F831563BE, 321502845D1C6BAE83ADDD564FF6DB1B92E9D5722865795DAF9CD66CD3A9D39F
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 28, 454832, 1.0.102261, , ame, , 9DA6EB016AF75DE0A08527A904D8E59D, 02535A69F835419800A018EC541E6F5F0EA5C5F6ECC5BEE18A8260D15FB27CA8
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, No Action By User, 28, 454832, 1.0.102261, , ame, , 05C84CE3687BEDE5F78971A234B23078, 277D8E57A7B434B23145EE04D51C9AC251A9A736E3E8FA366A5D0EEED95A1226
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022921.ldb, No Action By User, 28, 454832, 1.0.102261, , ame, , DD7ECB01F3724CA1CD422C2E2A334BC8, 852081FA59EAC2ADAC5C8939A36DDE8940D058B64E366DA9699661493DB859AA
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022924.ldb, No Action By User, 28, 454832, 1.0.102261, , ame, , 21316DD7153D36FD2BBB53906320B3F9, C878BF5759AE2B314F75042A659CC68084259E59DE9B63EA47C334D2F6C91725
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022926.ldb, No Action By User, 28, 454832, 1.0.102261, , ame, , BDCD7C834DF402968259C2A53CED0C40, 72F61B81743B8C58067B3D18A0C3B93712836DDA18664F7F9330E1BDDBEA0B32
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022927.log, No Action By User, 28, 454832, 1.0.102261, , ame, , 7746D06743E13F1348786ABE8FDC70B1, D47A34EB3C2E4E3F8699F13B544BB97B3C30B82457CAA249D4BF258B364645E3
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022928.ldb, No Action By User, 28, 454832, 1.0.102261, , ame, , 421589A23A99493B0A1D671354869E31, 0E0F5874CB67603366CB3A845EE6B1984B4BAD852DB3A375AE43E16F084C2714
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, No Action By User, 28, 454832, 1.0.102261, , ame, , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, No Action By User, 28, 454832, 1.0.102261, , ame, , ,
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, No Action By User, 28, 454832, 1.0.102261, , ame, , 5BA24118800E644942BB478EE0B3D275, 4F94AC12F0CCAEA14DFF6CC4A14DAAF261AD4D3D94338E9FA4308F370AA2E326
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, No Action By User, 28, 454832, 1.0.102261, , ame, , F1DC56F3635B6C1D5D1291F8BAAFAC8E, D3A70AB1DBEDAE067A4FAA0C353C621B3E668F8406C944713851B9D97E3CF1BC
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, No Action By User, 28, 454832, 1.0.102261, , ame, , 08909253DD49A734465DE6031057CDA6, 4D1A335A67582C3408BC988EAC4EA5BFC43A9D1E3AF1FBA45743FF017BBAC030
PUP.Optional.Seznam, C:\USERS\VPER\DOWNLOADS\SPOTIFYFULLSETUP.EXE, No Action By User, 4257, 623984, 1.0.102261, , ame, , 08E9544C1FDCAA86A64F3ECBE8B28F28, 79F7CEF89A9EEDB5F23738BDCA6E9BFAE293F8583EF79BAA6F6DC33613BEB9C3
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 28, 454832, 1.0.102261, , ame, , 9DA6EB016AF75DE0A08527A904D8E59D, 02535A69F835419800A018EC541E6F5F0EA5C5F6ECC5BEE18A8260D15FB27CA8
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 1244, 455066, 1.0.102261, , ame, , 9DA6EB016AF75DE0A08527A904D8E59D, 02535A69F835419800A018EC541E6F5F0EA5C5F6ECC5BEE18A8260D15FB27CA8
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, No Action By User, 1244, 455066, 1.0.102261, , ame, , 9DA6EB016AF75DE0A08527A904D8E59D, 02535A69F835419800A018EC541E6F5F0EA5C5F6ECC5BEE18A8260D15FB27CA8

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

[jaro3]

. spusť znovu Malwarebytes' Anti-Malware a dej Skenovat nyní
- po proběhnutí programu se ti objeví hláška tak klikni na „Vše do karantény(smazat vybrané)“ a na „Exportovat záznam“ a vyber „textový soubor“ , soubor nějak pojmenuj a někam ho ulož. Zkopíruj sem celý obsah toho logu.


Ještě to další viz výše.

[vašekp]

Malwarebytes
www.malwarebytes.com

-Log Details-
Scan Date: 8/22/2025
Scan Time: 4:58 PM
Log File: 83e08b40-7f68-11f0-b5f3-b05cda4e7638.json

-Software Information-
Version: 5.3.7.209
Components Version: 139.0.5357
Update Package Version: 1.0.102275
License: Trial

-System Information-
OS: Windows 11 (Build 26100.4946)
CPU: x64
File System: NTFS
User: LAPTOP-EH9554IO\vper

-Scan Summary-
Scan Type: Threat Scan
Scan Initiated By: Manual
Result: Completed
Objects Scanned: 224864
Threats Detected: 26
Threats Quarantined: 26
Time Elapsed: 2 min, 2 sec

-Scan Options-
Memory: Enabled
Startup: Enabled
File system: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Detect
PUM: Detect

-Scan Details-
Process: 0
(No malicious items detected)

Module: 0
(No malicious items detected)

Registry Key: 0
(No malicious items detected)

Registry Value: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Data Stream: 0
(No malicious items detected)

Folder: 4
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 28, 454832, 1.0.102275, , ame, , ,
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 1244, 455066, 1.0.102275, , ame, , ,
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 1244, 455066, 1.0.102275, , ame, , ,
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Sync Data\LevelDB, Quarantined, 28, 454832, 1.0.102275, , ame, , ,

File: 22
RiskWare.SetDefaultBrowser, C:\USERS\VPER\APPDATA\ROAMING\SEZNAM BROWSER\DEFAULTBROWSER.EXE, Quarantined, 8991, 1281400, 1.0.102275, , ame, , 4ADC091F25781329CAE1AD8FDF94EDD7, 21F1E8DE0E8FAF5EB5505CFEF3CC0F14EE3EAB7C3442AB0BB1D1A3E2E3988022
PUP.Optional.Avanquest, C:\USERS\VPER\DOWNLOADS\DRIVER_UPDATER_SETUP.EXE, Quarantined, 2520, 904416, 1.0.102275, , ame, , 86E33F673643C9B85DCC6345FD351F27, B8871BA02EE397BF319E4D6F308A59851D5BC740E4F9B3D183045181738F5825
PUP.Optional.BundleInstaller, C:\USERS\VPER\DOWNLOADS\EVERESTHOME220.EXE, Quarantined, 96, 1175903, 1.0.102275, , ame, , 6CA9BB27010C90693F7A045172F43C9B, 7F7147FD7E5A3B8946FD90D138256D8D67DE403CD1A35CBA9781EF713C39EDBE
Malware.AI.3725601409, C:\USERS\VPER\DOWNLOADS\REGCLEANER.EXE, Quarantined, 1000000, 0, 1.0.102275, A7306AC23B87C522DE102A81, dds, 03492797, 9F1948CF9E4909727FDE11AC296430C7, A67DBC977F98283F28F00028A56F0E26D9E287BA28B4567251096CAF0A3CB5FA
PUP.Optional.Seznam, C:\USERS\VPER\DOWNLOADS\SPOTIFYFULLSETUP (1).EXE, Quarantined, 4257, 623984, 1.0.102275, , ame, , 08E9544C1FDCAA86A64F3ECBE8B28F28, 79F7CEF89A9EEDB5F23738BDCA6E9BFAE293F8583EF79BAA6F6DC33613BEB9C3
PUP.Optional.BundleInstaller, C:\USERS\VPER\DOWNLOADS\PICASA39-SETUP.EXE, Quarantined, 96, 1175903, 1.0.102275, , ame, , 1A4E5CCD35A56D84281A143F831563BE, 321502845D1C6BAE83ADDD564FF6DB1B92E9D5722865795DAF9CD66CD3A9D39F
PUP.Optional.Seznam, C:\USERS\VPER\DOWNLOADS\SPOTIFYFULLSETUP.EXE, Quarantined, 4257, 623984, 1.0.102275, , ame, , 08E9544C1FDCAA86A64F3ECBE8B28F28, 79F7CEF89A9EEDB5F23738BDCA6E9BFAE293F8583EF79BAA6F6DC33613BEB9C3
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 28, 454832, 1.0.102275, , ame, , D7F72398CF054D9835CD6DD538B7C383, 691010B7B960B09197D956ACA57B9B2AF4F0F67CC6AAFD449DDA87C99DD3F8F7
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\000005.ldb, Quarantined, 28, 454832, 1.0.102275, , ame, , 05C84CE3687BEDE5F78971A234B23078, 277D8E57A7B434B23145EE04D51C9AC251A9A736E3E8FA366A5D0EEED95A1226
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022921.ldb, Quarantined, 28, 454832, 1.0.102275, , ame, , DD7ECB01F3724CA1CD422C2E2A334BC8, 852081FA59EAC2ADAC5C8939A36DDE8940D058B64E366DA9699661493DB859AA
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022924.ldb, Quarantined, 28, 454832, 1.0.102275, , ame, , 21316DD7153D36FD2BBB53906320B3F9, C878BF5759AE2B314F75042A659CC68084259E59DE9B63EA47C334D2F6C91725
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022926.ldb, Quarantined, 28, 454832, 1.0.102275, , ame, , BDCD7C834DF402968259C2A53CED0C40, 72F61B81743B8C58067B3D18A0C3B93712836DDA18664F7F9330E1BDDBEA0B32
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022927.log, Quarantined, 28, 454832, 1.0.102275, , ame, , F393A5DC1C8145406910E3F0D4C4781D, 0D430E817826485727E47688D59F49C51229F263F7CBCFFDD6BD5B32C277E1CF
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\022928.ldb, Quarantined, 28, 454832, 1.0.102275, , ame, , 421589A23A99493B0A1D671354869E31, 0E0F5874CB67603366CB3A845EE6B1984B4BAD852DB3A375AE43E16F084C2714
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\CURRENT, Quarantined, 28, 454832, 1.0.102275, , ame, , 46295CAC801E5D4857D09837238A6394, 0F1BAD70C7BD1E0A69562853EC529355462FCD0423263A3D39D6D0D70B780443
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOCK, Quarantined, 28, 454832, 1.0.102275, , ame, , ,
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG, Quarantined, 28, 454832, 1.0.102275, , ame, , 40509C6053AB82FB9F78B185025DCFCE, 16A3936372B350246D9148260B21E1242375C826CBA30719138D27EA3EA2122D
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\LOG.old, Quarantined, 28, 454832, 1.0.102275, , ame, , 446EE4A2E9849AB7870D2F9C2A07980E, 9F7CE711C2594C128A1CB67F00F43D949277F2493D970FA571E522CD62964AEE
PUP.Optional.Conduit, C:\Users\vper\AppData\Local\Google\Chrome\User Data\Default\Sync Data\LevelDB\MANIFEST-000001, Quarantined, 28, 454832, 1.0.102275, , ame, , 08909253DD49A734465DE6031057CDA6, 4D1A335A67582C3408BC988EAC4EA5BFC43A9D1E3AF1FBA45743FF017BBAC030
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 1244, 455066, 1.0.102275, , ame, , D7F72398CF054D9835CD6DD538B7C383, 691010B7B960B09197D956ACA57B9B2AF4F0F67CC6AAFD449DDA87C99DD3F8F7
PUP.Optional.CertifiedTB, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 1244, 455066, 1.0.102275, , ame, , D7F72398CF054D9835CD6DD538B7C383, 691010B7B960B09197D956ACA57B9B2AF4F0F67CC6AAFD449DDA87C99DD3F8F7
PUP.Optional.Conduit, C:\USERS\VPER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\Default\Web Data, Replaced, 28, 454832, 1.0.102275, , ame, , D7F72398CF054D9835CD6DD538B7C383, 691010B7B960B09197D956ACA57B9B2AF4F0F67CC6AAFD449DDA87C99DD3F8F7

Physical Sector: 0
(No malicious items detected)

WMI: 0
(No malicious items detected)


(end)

[vašekp]

# -------------------------------
# Malwarebytes AdwCleaner 8.5.0.595
# -------------------------------
# Build: 03-05-2025
# Database: 2024-10-23.4 (Local)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 08-22-2025
# Duration: 00:00:02
# OS: Windows 11 (Build 26100.4946)
# Cleaned: 2
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

No malicious folders cleaned.

***** [ Files ] *****

No malicious files cleaned.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

No malicious registry entries cleaned.

***** [ Chromium (and derivatives) ] *****

Deleted Seznam Doplněk – Email - bgjpfhpjcgdppjbgnpnjllokbmcdllig
Deleted Seznam Doplněk – Esko - olfeabkoenfaoljndfecamgilllcpiak

***** [ Chromium URLs ] *****

No malicious Chromium URLs cleaned.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.

***** [ Hosts File Entries ] *****

No malicious hosts file entries cleaned.

***** [ Preinstalled Software ] *****

No Preinstalled Software cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [5736 octets] - [22/08/2025 00:09:41]
AdwCleaner[S01].txt - [5630 octets] - [22/08/2025 19:14:06]
AdwCleaner[S02].txt - [1693 octets] - [22/08/2025 19:15:23]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C02].txt ##########

[jaro3]

Stáhni si Junkware Removal Tool by Thisisu
http://www.bleepingcomputer.com/downloa ... oval-tool/
https://downloads.malwarebytes.com/file/JRT-EOL
na svojí plochu.

Deaktivuj si svůj antivirový program. Pravým tl. myši klikni na JRT.exe a vyber „spustit jako správce“. Pro pokračování budeš vyzván ke stisknutí jakékoliv klávesy. Na nějakou klikni.
Začne skenování programu. Skenování může trvat dlouho , podle množství nákaz. Po ukončení skenu se objeví log (JRT.txt) , který se uloží na ploše.
Zkopíruj sem prosím celý jeho obsah.


Stáhni si RogueKiller by Adlice Software
http://www.adlice.com/download/roguekiller/
http://www.bleepingcomputer.com/download/roguekiller/
tutorial:
https://www.adlice.com/docs/roguekiller ... /tutorial/
na svojí plochu.
- Zavři všechny ostatní programy a prohlížeče.
- - klikni na „Scan“. V novém okně nic neměň a klikni dole na „Start“ ve sloupci „Quick Scan“
- Program skenuje procesy PC. Po proskenování klikni na „Results “ , v dalším okně pak levým t. na „Report“ a vyber : „Text File“ , log nazvi třeba RK a ulož do dokumentů nebo na plochu. Otevři soubor a celý obsah logu sem zkopíruj.
Pokud je program blokován , zkus ho spustit několikrát. Pokud dále program nepůjde spustit a pracovat, přejmenuj ho na winlogon.exe.
-pokud bude mít log více než 60.000 znaků , rozděl ho a vlož do více příspěvků
Pokud nepůjde uložit log, vyfoť si nákazy z obrazovky a vlož sem.

[vašekp]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 10 Enterprise x64
Ran by vper (Administrator) on 22.08.2025 at 19:40:49,50
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 0




Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 22.08.2025 at 19:45:24,77
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[vašekp]

Program : RogueKillerSVC
Version : 3.2.4.0
x64 : Yes
Program Date : Aug 11 2025
Location : C:\Program Files\RogueKiller\RogueKillerSvc.exe
Premium : No
Company : Adlice Software
Website : https://www.adlice.com/
Operating System : Windows 11 (10.0.26100) 64-bit
64-bit OS : Yes
Startup : 0
WindowsPE : No
User : vper
User is Admin : Yes
Date : 2025/08/22 18:09:42
Type : Scan
Aborted : No
Scan Mode : Quick
Duration : 21
Found items : 0
Total scanned : 1045
removed_count : 0
Signatures Version : 20250818_083535
Truesight Driver : Yes
Updates Count : 0
Custom Locations : N/A

************************* Warnings *************************

************************* Updates *************************

************************* Processes *************************

************************* Modules *************************

************************* Services *************************

************************* Scheduled Tasks *************************

************************* Registry *************************

************************* WMI *************************

************************* Hosts File *************************
is_too_big : No
hosts_file_path : N/A


************************* Filesystem *************************

************************* Web Browsers *************************

************************* Antirootkit *************************

[jaro3]

Jsou nějaké problémy?