Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz

prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

Nemáte v tuto chvíli žádný problém s pc a chcete se jen ujistit, že je vše v pořádku?
Vložte log z FRST nebo RSIT.

Moderátor: Moderátoři

Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]

Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.

!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Odpovědět
Zpráva
Autor
LTREVOR
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2006 22:37

prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#1 Příspěvek od LTREVOR »

Dobry vecer sem blbec potreboval sem vytvorit dokument stahl zamoreny program a ted mam pocitac rozhasenej a sam si nevim rady..prosim moc o pomoc.dekuji.

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by DELL (10-03-2021 21:08:41)
Running from C:\Users\DELL\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-06-24 14:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2880966242-396801791-3330362422-500 - Administrator - Disabled)
DELL (S-1-5-21-2880966242-396801791-3330362422-1000 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-2880966242-396801791-3330362422-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2880966242-396801791-3330362422-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.1 - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 20.013.20074 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9801.2260 - Avast Software)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CrystalDiskInfo 8.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.3.1 - Crystal Dew World)
Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version: 16.01.1000.0235 - Intel Corporation) Hidden
Electrum (HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Electrum) (Version: 3.3.8 - Electrum Technologies GmbH)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.11 - Sharpened Productions)
File Viewer Plus (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.2.1 - Sharpened Productions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2281 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.2 - Intel)
Ledger Live 1.15.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 1.15.0 - Ledger)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Firefox 84.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 84.0.2 (x86 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0 - Mozilla)
Neon 2.3.0 (only current user) (HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.3.0 - Ethan Fast)
Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
Spotify (HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Spotify) (Version: 1.1.36.734.g8731c306 - Spotify AB)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.2.7) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => -> No File
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => -> No File
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Security\shellExt.dll -> No File
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\DELL\Desktop\Kuro Chimenez - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\DELL\Desktop\První uživatel - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\SWOOOP.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=jblimahfbhdcengjfbdpdngcfcghladf
ShortcutWithArgument: C:\Users\DELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2021-03-10 20:58 - 2021-03-10 20:58 - 001009152 _____ () [File not signed] C:\Users\DELL\AppData\Local\Temp\is-21OGI.tmp\1ivh5k5izu5.tmp
2021-03-10 20:58 - 2008-10-15 16:44 - 000205312 _____ () [File not signed] C:\Users\DELL\AppData\Local\Temp\is-K92TT.tmp\itdownload.dll
2021-03-10 20:58 - 2016-04-17 19:16 - 000221184 _____ (Mitrich Software) [File not signed] C:\Users\DELL\AppData\Local\Temp\is-K92TT.tmp\idp.dll
2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll
2021-03-10 20:58 - 2017-05-03 11:31 - 000043520 _____ (Vincenzo Giordano) [File not signed] C:\Users\DELL\AppData\Local\Temp\is-K92TT.tmp\psvince.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-12 00:59 - 2021-03-10 20:21 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2880966242-396801791-3330362422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.16.1.250 - 172.16.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{61284855-C948-43D4-B35B-B2F54C7103B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DB6804B6-FF6B-4C7B-9D11-FE9A0AFB3A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{529CF40A-84AD-44F7-8CFA-CB0A0D979A83}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{E1EF2513-291F-4D4F-AC26-F306D99DDA51}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{3D919013-9BE0-4728-86A1-3D3E6280B366}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2F0F137F-DED5-46DA-B90C-503C3E2A605B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DDEA1629-5A03-4EA7-94B1-F80E530F468D}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{00BB02C4-5BF0-4870-9430-47C951450522}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8331D1B4-0790-4EA5-8E9F-A2969053DED1}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B318742A-67E0-4678-8058-51126EB44E86}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{344B8A67-D7FA-4BFE-A9DE-17D8DED71B1A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DE327FF2-9008-4842-A576-72EDFB7F3C46}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3642FA04-E83D-4C1B-B4C4-57696E9BDA85}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{0A290060-14ED-4B65-8BDF-3D83D505774D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{C55D35ED-A407-4DAC-9BE9-D89CD2EB5AC7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{E6940ADB-CB28-4B06-BCD4-0942DBFA4F3F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{D87BCF5C-D010-434F-9AEF-2AEF720F1F42}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{95A1C1BF-202A-4998-89CA-0710EE52C5EB}] => (Allow) LPort=1688
FirewallRules: [{C126FBEF-F8A2-440C-81E5-03170584DB52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)
FirewallRules: [{5EADA134-02FC-4F95-8E64-440F5797BCAC}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]
FirewallRules: [{DB8A1FDA-125D-43FF-B270-2FA3EECBEA7B}] => (Allow) C:\Windows\rss\csrss.exe () [File not signed]

==================== Restore Points =========================

10-03-2021 20:30:56 bod 1

==================== Faulty Device Manager Devices ============

Name: Adaptér miniportu Microsoft Virtual WiFi
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Intel(R) 82577LM Gigabit Network Connection
Description: Intel(R) 82577LM Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1kexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/10/2021 08:59:45 PM) (Source: Application Error) (EventID: 1000) (User: )
Description: Název chybující aplikace: wmpnetwk.exe, verze: 12.0.7601.17514, časové razítko: 0x4ce7ae7f
Název chybujícího modulu: ntdll.dll, verze: 6.1.7601.24545, časové razítko: 0x5e0eb67f
Kód výjimky: 0xc0000374
Posun chyby: 0x00000000000bf262
ID chybujícího procesu: 0x1794
Čas spuštění chybující aplikace: 0x01d715e7d4cca80c
Cesta k chybující aplikaci: C:\Program Files\Windows Media Player\wmpnetwk.exe
Cesta k chybujícímu modulu: C:\Windows\SYSTEM32\ntdll.dll
ID zprávy: 286e7076-81db-11eb-935a-be8bae6b9207

Error: (03/10/2021 08:58:34 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 08:58:34 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 08:58:34 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 08:55:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 08:55:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 08:55:54 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 08:52:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (03/10/2021 09:10:17 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/10/2021 09:10:17 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\DELL\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/10/2021 09:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/10/2021 09:10:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\DELL\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/10/2021 09:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/10/2021 09:10:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\DELL\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.

Error: (03/10/2021 09:10:16 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba eapihdrv neuspěla při spuštění v důsledku následující chyby:
Načtení tohoto ovladače je blokováno.

Error: (03/10/2021 09:10:16 PM) (Source: Application Popup) (EventID: 1060) (User: )
Description: Načtení \??\C:\Users\DELL\AppData\Local\Temp\ehdrv.sys bylo zablokováno kvůli nekompatibilitě s tímto systémem. Požádejte dodavatele softwaru
o kompatibilní verzi ovladače.


Windows Defender:
================
Date: 2015-06-25 23:38:42.836
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=166246
Název:Adware:Win32/EoRezo
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Users\DELL\AppData\Local\Temp\GG6AIQtVONklmYK.exe;process:pid:1996
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-06-25 23:40:19.525
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=166246
Uživatel:DELL-PC\DELL
Název:Adware:Win32/EoRezo
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:

==================== Memory info ===========================

BIOS: Dell Inc. A14 04/21/2013
Motherboard: Dell Inc. 04373Y
Processor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz
Percentage of memory in use: 89%
Total physical RAM: 3953.83 MB
Available physical RAM: 425.48 MB
Total Virtual: 7905.81 MB
Available Virtual: 3402.93 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:114.85 GB) NTFS

\\?\Volume{0831ed44-00d1-11ea-a46e-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (Size: 232.9 GB) (Disk ID: 69498354)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#2 Příspěvek od Conder »

Zdravim :)

Potrebujem ivdiet aj hlavny log FRST.txt. Ake problemy sa prejavuju?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

LTREVOR
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2006 22:37

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#3 Příspěvek od LTREVOR »

povedlo se mi nejakej balast odstranit pomoci mbam cca 50 ks po te sem nainstaloval kasperski skusebku ten nasel cca 130 kusu ,ale stale si neni schopen poradit s trojan win32 SEPEH.gen ...mbam mi neustale blokuje nejake stranky s trojany a phising.neco je spatne.v doplnkach google je neco co nejde smazat a neni to z jejich dilny atd.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 28-02-2021
Ran by DELL (administrator) on DELL-PC (Dell Inc. Latitude E6410) (11-03-2021 02:31:11)
Running from C:\Users\DELL\Downloads
Loaded Profiles: DELL
Platform: Windows 7 Professional Service Pack 1 (X64) Language: Čeština (Česká republika)
Default browser: Chrome
Boot Mode: Normal

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe
(Avast Software s.r.o. -> AVAST Software) C:\Program Files\Avast Software\Cleanup\TuneupUI.exe <3>
(Google LLC -> Google LLC) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe <14>
(Intel Corporation -> Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation -> Intel Corporation) C:\Windows\System32\igfxpers.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avpui.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\plugins_nms.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe
(Kaspersky Lab JSC -> AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksdeui.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbam.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
(Malwarebytes Inc -> Malwarebytes) C:\Program Files\Malwarebytes\Anti-Malware\MBAMWsc.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Program Files (x86)\Microsoft\EdgeUpdate\MicrosoftEdgeUpdate.exe
(Microsoft Corporation -> Microsoft Corporation) C:\Windows\WindowsMobile\wmdc.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\cmd.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Windows -> Microsoft Corporation) C:\Windows\SysWOW64\svchost.exe <2>
(Piriform Software Ltd -> Piriform Software Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE
(SEIKO EPSON CORPORATION -> Seiko Epson Corporation) C:\Windows\System32\escsvc64.exe
(SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\x64\3\E_YATIR4E.EXE <2>

==================== Registry (Whitelisted) ===================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [IntelPROSet] => C:\Program Files\Common Files\Intel\WirelessCommon\iFrmewrk.exe [4791024 2013-07-17] (Intel Corporation-Mobile Wireless Group -> Intel(R) Corporation)
HKLM\...\Run: [Windows Mobile Device Center] => C:\Windows\WindowsMobile\wmdc.exe [660360 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
HKLM\...\Run: [TuneupUI.exe] => C:\Program Files\Avast Software\Cleanup\TuneupUI.exe [2429664 2021-03-10] (Avast Software s.r.o. -> AVAST Software)
HKLM\...\Run: [EPPCCMON] => C:\Program Files (x86)\EPSON Software\Epson Printer Connection Checker\EPPCCMON.EXE [442936 2020-10-22] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKLM-x32\...\Run: [EEventManager] => C:\Program Files (x86)\Epson Software\Event Manager\EEventManager.exe [1151872 2016-11-18] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKLM\SOFTWARE\Policies\Microsoft\Windows Defender: Restriction <==== ATTENTION
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Run: [EPLTarget\P0000000000000000] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIR4E.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Run: [EPLTarget\P0000000000000001] => C:\Windows\system32\spool\DRIVERS\x64\3\E_YATIR4E.EXE [417776 2014-11-14] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Run: [EPSDNMON] => C:\Program Files (x86)\Epson Software\Download Navigator\EPSDNMON.EXE [346712 2020-07-27] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Run: [CCleaner Smart Cleaning] => C:\Program Files\CCleaner\CCleaner64.exe [32726088 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\MountPoints2: {5261c6e6-44ef-11e8-a558-5c260a5b04ce} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\MountPoints2: {99d5b609-145b-11ea-9f32-5c260a5b04ce} - E:\Lenovo_Suite.exe
HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\MountPoints2: {dc8732b1-4c2a-11e6-abde-5c260a5b04ce} - E:\HiSuiteDownLoader.exe
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [301568 2017-06-30] (Microsoft Windows -> Microsoft Corporation)
HKLM\...\Windows x64\Print Processors\hpzpplhn: C:\Windows\System32\spool\prtprocs\x64\hpzpplhn.dll [99840 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Corporation)
HKLM\...\Print\Monitors\EPSON L3050 Series 64MonitorBE: C:\Windows\system32\E_YLMBR4E.DLL [183296 2016-12-21] (Microsoft Windows Hardware Compatibility Publisher -> SEIKO EPSON CORPORATION)
HKLM\...\Print\Monitors\EpsonNet Print Port: C:\Windows\system32\enppmon.dll [500736 2016-09-14] (SEIKO EPSON CORPORATION) [File not signed]
HKLM\...\Print\Monitors\PCL hpz3llhn: C:\Windows\system32\hpz3llhn.dll [34816 2008-05-07] (Microsoft Windows Hardware Compatibility Publisher -> Hewlett-Packard Company)
HKLM\Software\Microsoft\Active Setup\Installed Components: [{8A69D345-D564-463c-AFF1-A69D9E530F96}] -> C:\Program Files (x86)\Google\Chrome\Application\89.0.4389.82\Installer\chrmstp.exe [2021-03-10] (Google LLC -> Google LLC)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\TREZOR Bridge.lnk [2020-08-16]
ShortcutTarget: TREZOR Bridge.lnk -> C:\Program Files (x86)\TREZOR Bridge\trezord.exe (SatoshiLabs, s.r.o. -> )
BootExecute: autocheck autochk * icarus_rvrt.exe
GroupPolicy: Restriction - Chrome <==== ATTENTION
Policies: C:\ProgramData\NTUSER.pol: Restriction <==== ATTENTION
Policies: C:\Users\DELL\NTUSER.pol: Restriction <==== ATTENTION
HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Scheduled Tasks (Whitelisted) ============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {0817945A-0DFB-4FF1-8C69-E65AAB5999BF} - System32\Tasks\Firefox Default Browser Agent 63891B0D6777AB95 => C:\Users\DELL\AppData\Roaming\brdgbbv.exe <==== ATTENTION
Task: {0A09B25B-E7C0-411A-B537-2973BCE319E2} - System32\Tasks\Avast Software\Avast Cleanup BugReport => C:\Program Files\Avast Software\Cleanup\AvBugReport.exe [4665568 2021-03-10] (Avast Software s.r.o. -> AVAST Software) -> --send "dumps|report" --silent --product 62 --programpath "C:\Program Files\Avast Software\Cleanup\Setup\.." --configpath "C:\Program Files\Avast Software\Cleanup\Setup" --path "C:\ProgramData\Avast Software\Cleanup\log" --path "C:\ProgramData\Avast Software\Icarus\Logs" --guid a24520ba-5337-46e6-8fbc-7a11f5ca02df
Task: {15A397E8-C660-412A-9369-6BFFAF779077} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
Task: {16B16DCC-4566-4BB9-8D1D-A685F42C2F7F} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_pepper.exe [1499704 2020-12-08] (Adobe Inc. -> Adobe)
Task: {181DC8DB-CD41-4CD8-ACE8-4F28C9DB08F0} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-03] (Google Inc -> Google Inc.)
Task: {20F87A4F-7680-486E-AB75-8D3BAC3A5AF3} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1557200 2021-01-26] (Adobe Inc. -> Adobe Inc.)
Task: {26382605-C4BA-4888-9D37-D0D697426137} - System32\Tasks\Firefox Default Browser Agent 27A5AB6087AB5E32 => C:\Users\DELL\AppData\Roaming\rgdgbbv.exe <==== ATTENTION
Task: {2F9809DF-608A-4BA7-8DD4-FCE2C78DC6CD} - System32\Tasks\Avast Software\Avast Cleanup Update => C:\Program Files\Common Files\Avast Software\Icarus\avast-tu\icarus.exe [5493472 2021-03-08] (Avast Software s.r.o. -> Avast Software)
Task: {316EC531-AA7A-41C1-A7F1-3EFF4A3C9ACA} - System32\Tasks\Services\Diagnostic => C:\Users\DELL\AppData\Local\Disk\AutoIt3\AutoIt3_x64.exe -> "C:\Users\DELL\AppData\Local\Disk\AutoIt3\Settings.au3"
Task: {54B71DA1-110F-42C9-9796-7D8BB0A12C2D} - System32\Tasks\EPSON L3050 Series Update {F2960919-36E8-4BC8-BD58-3C84B9565AF2} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
Task: {66435BD0-E549-445C-B80F-E6027B48B4AA} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [153752 2017-02-03] (Google Inc -> Google Inc.)
Task: {8642AC89-A61E-4CF3-A34C-9A95ABA000A0} - System32\Tasks\CCleaner Update => C:\Program Files\CCleaner\CCUpdate.exe [684976 2021-03-05] (Piriform Software Ltd -> Piriform)
Task: {8AA9F0C9-F60E-46E2-86E0-E6250CA66A7C} - System32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901} => C:\Program Files\Common Files\AV\Kaspersky Lab\upgrade_launcher.exe [791232 2021-03-10] (Kaspersky Lab -> AO Kaspersky Lab)
Task: {A26F4A8A-4D52-431E-8C5E-37ED72A573B8} - System32\Tasks\{564718FB-04CE-40D6-A95D-C9F33FE3E501} => C:\Windows\system32\pcalua.exe -a D:\setup.exe -d D:\
Task: {A51D0132-75CA-4148-A2A2-DD48071CB784} - System32\Tasks\{9E5D9B96-D6A9-4003-A43E-371A941AF545} => C:\Windows\system32\pcalua.exe -a C:\Users\DELL\Downloads\clear_flash(1).exe -d C:\Users\DELL\Downloads
Task: {AD16FA4A-74C2-424A-9DF0-CD85B87E9ABD} - System32\Tasks\NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544} => C:\Users\DELL\AppData\Roaming\ggdgbbv.exe <==== ATTENTION
Task: {B8271A2F-5F77-4AA5-B581-EF277252443B} - System32\Tasks\Adobe Flash Player NPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_32_0_0_465_Plugin.exe [1504312 2020-12-08] (Adobe Inc. -> Adobe)
Task: {CA3FA461-37CD-426D-940F-3007C5B22EC6} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [27168840 2021-03-05] (Piriform Software Ltd -> Piriform Software Ltd)
Task: {CB23AEF7-6AC9-4FEC-BC8F-6DCA413A53A1} - System32\Tasks\EPSON L3050 Series Update {F8F45C97-4E9E-4643-9B5E-CCF6D2BC2BD8} => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE [690536 2013-11-22] (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\Windows\Tasks\EPSON L3050 Series Update {F2960919-36E8-4BC8-BD58-3C84B9565AF2}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE:/EXE:{F2960919-36E8-4BC8-BD58-3C84B9565AF2} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi
Task: C:\Windows\Tasks\EPSON L3050 Series Update {F8F45C97-4E9E-4643-9B5E-CCF6D2BC2BD8}.job => C:\Windows\system32\spool\DRIVERS\x64\3\E_YTSR4E.EXE:/EXE:{F8F45C97-4E9E-4643-9B5E-CCF6D2BC2BD8} /F:UpdateSYSTEMĊSearches for EPSON software updates, and notifies you when updates are available.If this task is disabled or stopped, your EPSON software will not be automatically kept up to date.Thi

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 172.16.1.250 172.16.1.1
Tcpip\..\Interfaces\{D16AFF20-AA58-45DF-AC93-FF1377168B58}: [DhcpNameServer] 172.16.1.250 172.16.1.1

Edge:
=======
Edge DefaultProfile: Default
Edge Profile: C:\Users\DELL\AppData\Local\Microsoft\Edge\User Data\Default [2021-03-10]
Edge HKU\S-1-5-21-2880966242-396801791-3330362422-1000\SOFTWARE\Microsoft\Edge\Extensions\...\Edge\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm]
Edge HKLM-x32\...\Edge\Extension: [eofogjfkadmolbbmnlbohhbkhbodcjjm]
Edge HKLM-x32\...\Edge\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

FireFox:
========
FF DefaultProfile: tcxovtg8.default-1435276659704-1569525656373
FF ProfilePath: C:\Users\DELL\AppData\Roaming\TomTom\HOME\Profiles\94imo54n.default [2021-03-07]
FF Extension: (No Name) - C:\Program Files (x86)\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\DELL\AppData\Roaming\Mozilla\Firefox\Profiles\tcxovtg8.default-1435276659704-1569525656373 [2021-03-11]
FF Notifications: Mozilla\Firefox\Profiles\tcxovtg8.default-1435276659704-1569525656373 -> hxxps://mail-notification.info
FF Extension: (No Name) - C:\Program Files (x86)\Mozilla Firefox\browser\features\{0EF33DD9-B9E5-41F8-BB50-D60BDA2914E6}.xpi [2021-03-10] [not signed]
FF HKLM\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF HKLM-x32\...\Firefox\Extensions: [light_plugin_7571494CE0B94E11BB762B659A4AD71F@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\FFExt\light_plugin_firefox\addon.xpi => not found
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @videolan.org/vlc,version=3.0.10 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.11 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.12 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin: @videolan.org/vlc,version=3.0.7 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2021-01-04] (VideoLAN -> VideoLAN)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_32_0_0_465.dll [2020-12-08] (Adobe Inc. -> )
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2021-02-02] (Adobe Inc. -> Adobe Systems Inc.)
FF ExtraCheck: C:\Program Files\mozilla firefox\defaults\pref\kl_prefs_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.js [2021-03-11] <==== ATTENTION (Points to *.cfg file)
FF ExtraCheck: C:\Program Files\mozilla firefox\kl_config_62fbb8f7_c917_4cf7_957a_aad2b8fa768c.cfg [2021-03-11] <==== ATTENTION

Chrome:
=======
CHR DefaultProfile: Profile 1
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default [2021-03-10]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxps://www.google.cz/","hxxp://www.seznam.cz/" ... clid=22668"
CHR Extension: (Floorplanner) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\abopacaefhbognnmeigicfpgnmpideag [2017-01-23]
CHR Extension: (Dokumenty Google) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-01-23]
CHR Extension: (Disk Google) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2017-01-23]
CHR Extension: (Seznam Lištička - Email) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2017-02-03]
CHR Extension: (Seznam Lištička - Slovník) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2017-02-03]
CHR Extension: (YouTube) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-01-23]
CHR Extension: (Adblocker for Youtube™) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\bonldmoococpeifadcfjjlegijfadghh [2021-01-18] [UpdateUrl:hxxps://clients58.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (Little Alchemy light) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\dlinaifoeodggjcfoonifcjppkklkdkd [2017-01-23]
CHR Extension: (Sumo Paint) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod [2017-01-23]
CHR Extension: (Adobe Acrobat) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\efaidnbmnnnibpcajpcglclefindmkaj [2017-02-03]
CHR Extension: (Kalendář Google) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ejjicmeblgpmajnghnpcppodonldlgfn [2017-01-23]
CHR Extension: (Tonematrix) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\enpfehkomaakbncdddjkoffacajcglha [2017-01-23]
CHR Extension: (Google Translate) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fiogdnnnljjlfjgkifccooilblmjflkm [2021-03-10]
CHR Extension: (Core 2) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\fkgipafedkfiijlnmghhendlnidhcene [2017-01-23]
CHR Extension: (Dokumenty Google offline) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2017-01-23]
CHR Extension: (Note Board) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\goficmpcgcnombioohjcgdhbaloknabb [2017-01-23]
CHR Extension: (SWOOOP) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jblimahfbhdcengjfbdpdngcfcghladf [2017-01-23]
CHR Extension: (Joxi Full Page Screen Capture) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\jhcdlkgjiehgpnpolkbnmpffjodigbkb [2017-01-23]
CHR Extension: (Color Sphere!) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\knomilfbnhpkmibhmleppnkmcempglag [2017-01-23]
CHR Extension: (Harmony) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn [2017-01-23]
CHR Extension: (Poznámka Aplikace Easy) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mfdpakabndfaaggapcljpikbjgbmebff [2017-01-23]
CHR Extension: (Twoo Notifications) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mggafhpkgkfebnjfbiefbbbicikgchlf [2017-01-23]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2017-01-23]
CHR Extension: (Photo Paint Instant) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\mnphkaomgkbegpgndpmjfoljlkipenli [2017-01-23]
CHR Extension: (deviantART muro) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\namljbfbglehfnlonjmebceimaalofei [2017-01-23]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2017-01-23]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2017-01-23]
CHR Extension: (Floor Styler) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\oipcbdlimblfnfnaaalbojchepclafba [2017-01-23]
CHR Extension: (Seznam Lištička - Rychlá volba) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2017-02-03]
CHR Extension: (Picasa) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2017-01-23]
CHR Extension: (Stylist) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pabfempgigicdjjlccdgnbmeggkbjdhd [2017-01-23]
CHR Extension: (Bubble Shooter Classic) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pcibeclmeegnbhfpfggeihlehnkdciln [2017-01-23]
CHR Extension: (Gmail) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2017-01-23]
CHR Extension: (Chrome Media Router) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2017-02-03]
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Guest Profile [2021-03-11]
CHR Notifications: Guest Profile -> hxxps://mail-notification.info
CHR Extension: (Adblocker pro Youtube™) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Guest Profile\Extensions\bonldmoococpeifadcfjjlegijfadghh [2021-01-18] [UpdateUrl:hxxps://clients65.google.com/service/update2/crx] <==== ATTENTION
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1 [2021-03-11]
CHR Notifications: Profile 1 -> hxxps://cz.pinterest.com; hxxps://drive.google.com; hxxps://m.facebook.com; hxxps://mail-notification.info; hxxps://mail.google.com; hxxps://mail.protonmail.com; hxxps://web.telegram.org; hxxps://www.facebook.com; hxxps://www.filmstocks.com; hxxps://www.netflix.com; hxxps://www.plnapenezenka.cz; hxxps://www.reddit.com; hxxps://www.tipsport.cz; hxxps://www.youtube.com
CHR Extension: (Prezentace) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-12]
CHR Extension: (Ochrana Kaspersky) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ahkjpbeeocnddjkakilopmfdlnjdpcdm [2021-03-10]
CHR Extension: (Dokumenty) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Disk Google) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-10-21]
CHR Extension: (DuckDuckGo) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bkdgflcldnnnapblkhphbgpggdiikppg [2021-03-07]
CHR Extension: (YouTube) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-02-03]
CHR Extension: (Adblocker for Youtube™) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\bonldmoococpeifadcfjjlegijfadghh [2021-01-18] [UpdateUrl:hxxps://clients39.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (uBlock Origin) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\cjpalhdlnbpafiamejdnhcphjbkeiagm [2021-02-10]
CHR Extension: (Tabulky) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-12]
CHR Extension: (SystemMonitor) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\focdcjmgbkflegglldccphpndkljjnbc [2021-03-10]
CHR Extension: (Dokumenty Google offline) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-10]
CHR Extension: (Waves Keeper) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lpilbniiabackdjcionkobglmddfbcjo [2020-12-19]
CHR Extension: (MetaMask) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nkbihfbeogaeaoehlefnkodbefgpgknn [2021-03-07]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-01-30]
CHR Extension: (Gmail) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-10-31]
CHR Extension: (Chrome Media Router) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-10]
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2 [2021-03-10]
CHR HomePage: Profile 2 -> hxxp://www.google.com/
CHR StartupUrls: Profile 2 -> "hxxps://www.google.cz/","hxxp://www.seznam.cz/" ... oogle.com/"
CHR NewTab: Profile 2 -> "active": true,
"entry": "chrome-extension://blmojkbhnkkphngknkmgccmlenfaelkd/speeddial/newTab.html"

CHR Extension: (Prezentace) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2017-10-15]
CHR Extension: (Floorplanner) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\abopacaefhbognnmeigicfpgnmpideag [2018-04-03]
CHR Extension: (Dokumenty) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-15]
CHR Extension: (Disk Google) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\apdfllckaahabafndbhieahigkjlhalf [2020-11-24]
CHR Extension: (Seznam doplněk - Email) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bgjpfhpjcgdppjbgnpnjllokbmcdllig [2020-04-06]
CHR Extension: (Seznam pro Chrome - Esko-) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blmojkbhnkkphngknkmgccmlenfaelkd [2018-04-03]
CHR Extension: (YouTube) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2017-10-15]
CHR Extension: (Adblocker pro Youtube™) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\bonldmoococpeifadcfjjlegijfadghh [2021-01-18] [UpdateUrl:hxxps://clients69.google.com/service/update2/crx] <==== ATTENTION
CHR Extension: (No Name) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ccjleegmemocfpghkhpjmiccjcacackp [2021-01-31]
CHR Extension: (Little Alchemy light) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dlinaifoeodggjcfoonifcjppkklkdkd [2018-04-03]
CHR Extension: (Sumopaint - Online Image Editor) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\dpgjihldbpodlmnjolekemlfbcajnmod [2021-01-31]
CHR Extension: (Tonematrix) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\enpfehkomaakbncdddjkoffacajcglha [2018-04-03]
CHR Extension: (Tabulky) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2017-10-15]
CHR Extension: (Core 2) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\fkgipafedkfiijlnmghhendlnidhcene [2018-04-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2021-03-10]
CHR Extension: (Note Board - Sticky Notes App) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\goficmpcgcnombioohjcgdhbaloknabb [2021-03-10]
CHR Extension: (Pinterest) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\hdihkofamofdkgdlibcogkkogdhlakop [2021-01-31]
CHR Extension: (Malwarebytes Browser Guard) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\ihcjicgdanjaechkgeegckofjjedodee [2021-03-11]
CHR Extension: (SWOOOP) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jblimahfbhdcengjfbdpdngcfcghladf [2018-04-03]
CHR Extension: (Joxi - free screenshot app) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\jhcdlkgjiehgpnpolkbnmpffjodigbkb [2020-11-24]
CHR Extension: (Notifier for WhatsApp Web) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kaoholkoedbpjiangnchpfchhmageifp [2018-04-03]
CHR Extension: (Grammarly for Chrome) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbfnbcaeplbcioakkpcpgfkobkghlhen [2021-03-10]
CHR Extension: (WhatsChrome Extension) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\kbhfoiaobflocffnclkigpkeoagheimn [2018-04-03]
CHR Extension: (Color Sphere!) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\knomilfbnhpkmibhmleppnkmcempglag [2018-04-03]
CHR Extension: (Harmony) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mbbibdblnnlapclckbdennhlbcnkkgcn [2018-04-03]
CHR Extension: (Poznámka Aplikace Easy) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mfdpakabndfaaggapcljpikbjgbmebff [2018-04-03]
CHR Extension: (Twoo Notifications) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mggafhpkgkfebnjfbiefbbbicikgchlf [2018-04-03]
CHR Extension: (Google Dictionary (by Google)) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mgijmajocgfcbeboacabfgobmjgjcoja [2020-04-17]
CHR Extension: (Photo Paint Instant) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\mnphkaomgkbegpgndpmjfoljlkipenli [2018-04-03]
CHR Extension: (deviantART muro) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\namljbfbglehfnlonjmebceimaalofei [2018-04-03]
CHR Extension: (InspirARTion - Sketch & Draw!) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nhbmpilemgmpbdaniehhmodkkppkelec [2018-04-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2021-02-04]
CHR Extension: (Floor Styler) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\oipcbdlimblfnfnaaalbojchepclafba [2018-04-03]
CHR Extension: (Seznam doplněk - Esko) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\olfeabkoenfaoljndfecamgilllcpiak [2020-04-06]
CHR Extension: (Picasa) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\onlgmecjpnejhfeofkgbfgnmdlipdejb [2018-04-03]
CHR Extension: (Válcování Pandy) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pcibeclmeegnbhfpfggeihlehnkdciln [2019-12-23]
CHR Extension: (Bloxorz blok puzzle) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\phiaicokjaoaobiobphcfkmbeiejdang [2018-04-03]
CHR Extension: (Gmail) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2020-11-24]
CHR Extension: (Chrome Media Router) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\Profile 2\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2021-03-10]
CHR Profile: C:\Users\DELL\AppData\Local\Google\Chrome\User Data\System Profile [2021-03-10]
CHR Extension: (Adblocker for Youtube™) - C:\Users\DELL\AppData\Local\Google\Chrome\User Data\System Profile\Extensions\bonldmoococpeifadcfjjlegijfadghh [2021-01-18] [UpdateUrl:hxxps://clients98.google.com/service/update2/crx] <==== ATTENTION
CHR HKLM\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM\...\Chrome\Extension: [focdcjmgbkflegglldccphpndkljjnbc] - C:/Users/DELL/AppData/Local/Temp/RarSFX0\plugins-chrome.crx [2021-03-10]
CHR HKLM-x32\...\Chrome\Extension: [ahkjpbeeocnddjkakilopmfdlnjdpcdm] - hxxps://chrome.google.com/webstore/detail/kaspersky-protection/ahkjpbeeocnddjkakilopmfdlnjdpcdm
CHR HKLM-x32\...\Chrome\Extension: [focdcjmgbkflegglldccphpndkljjnbc] - C:/Users/DELL/AppData/Local/Temp/RarSFX0\plugins-chrome.crx [2021-03-10]
CHR HKLM-x32\...\Chrome\Extension: [ihcjicgdanjaechkgeegckofjjedodee]

==================== Services (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S4 AdobeARMservice; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [169672 2021-01-26] (Adobe Inc. -> Adobe Inc.)
S3 AdobeFlashPlayerUpdateSvc; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [335416 2020-12-08] (Adobe Inc. -> Adobe)
R2 AVP21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\avp.exe [381928 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 CleanupPSvc; C:\Program Files\Avast Software\Cleanup\TuneupSvc.exe [12414176 2021-03-10] (Avast Software s.r.o. -> AVAST Software)
R2 EpsonScanSvc; C:\Windows\system32\EscSvc64.exe [145224 2017-03-10] (SEIKO EPSON CORPORATION -> Seiko Epson Corporation)
R2 EPSON_PM_RPCV4_06; C:\Program Files\Common Files\EPSON\EPW!3 SSRP\E_S60RPB.EXE [152640 2013-04-15] (SEIKO EPSON Corporation -> SEIKO EPSON CORPORATION)
S3 fsulhoster; C:\Program Files\F-Secure\Ultralight\ulcore\1614594353\fshoster64.exe [623744 2021-03-10] (F-Secure Corporation -> F-Secure Corporation)
S3 fsulnethoster; C:\Program Files\F-Secure\Ultralight\ulcore\1614594353\fshoster64.exe [623744 2021-03-10] (F-Secure Corporation -> F-Secure Corporation)
S3 fsulorsp; C:\Program Files\F-Secure\Ultralight\ulcore\1614594353\fsorsp64.exe [101248 2021-03-10] (F-Secure Corporation -> F-Secure Corporation)
S3 klvssbridge64_21.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\vssbridge64.exe [467352 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 KSDE5.2; C:\Program Files (x86)\Kaspersky Lab\Kaspersky VPN 5.2\ksde.exe [644264 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMService; C:\Program Files\Malwarebytes\Anti-Malware\MBAMService.exe [7456464 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R2 RapiMgr; C:\Windows\WindowsMobile\rapimgr.dll [225672 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)
R2 WcesComm; C:\Windows\WindowsMobile\wcescomm.dll [443784 2007-05-31] (Microsoft Corporation -> Microsoft Corporation)

===================== Drivers (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [251608 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 ESProtectionDriver; C:\Windows\system32\drivers\mbae64.sys [153312 2021-03-11] (Malwarebytes Corporation -> Malwarebytes)
R0 fsbts; C:\Windows\System32\drivers\fsbts.sys [58752 2021-03-10] (F-Secure Corporation -> F-Secure Corporation)
R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [660280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [110392 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [212280 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [127288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klflt; C:\Windows\System32\DRIVERS\klflt.sys [523576 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klgse; C:\Windows\System32\DRIVERS\klgse.sys [657176 2021-01-27] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [1400600 2021-01-27] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1025336 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klim6; C:\Windows\System32\DRIVERS\klim6.sys [95544 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [113464 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [85288 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R3 kltap; C:\Windows\System32\DRIVERS\kltap.sys [55592 2020-10-21] (AnchorFree Inc -> The OpenVPN Project)
R1 klwfp; C:\Windows\System32\DRIVERS\klwfp.sys [153400 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [250168 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [300856 2020-10-21] (Kaspersky Lab JSC -> AO Kaspersky Lab)
R2 MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [220616 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMFarflt; C:\Windows\System32\DRIVERS\farflt.sys [198248 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [77496 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [248992 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
R3 MBAMWebProtection; C:\Windows\System32\DRIVERS\mwac.sys [130592 2021-03-11] (Malwarebytes Inc -> Malwarebytes)
S3 wdm_usb; C:\Windows\System32\DRIVERS\usb2ser.sys [159936 2016-08-16] (NGO -> MBB)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One month (created) (Whitelisted) =========

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 02:31 - 2021-03-11 02:32 - 000037618 _____ C:\Users\DELL\Downloads\FRST.txt
2021-03-11 02:29 - 2021-03-11 02:29 - 002301440 _____ (Farbar) C:\Users\DELL\Downloads\FRST64.exe
2021-03-11 01:56 - 2021-03-11 02:31 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\IGDump
2021-03-11 01:56 - 2021-03-11 01:56 - 000198248 _____ (Malwarebytes) C:\Windows\system32\Drivers\farflt.sys
2021-03-11 01:56 - 2021-03-11 01:56 - 000130592 _____ (Malwarebytes) C:\Windows\system32\Drivers\mwac.sys
2021-03-11 01:56 - 2021-03-11 01:56 - 000077496 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbam.sys
2021-03-11 01:56 - 2021-03-11 01:56 - 000001960 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes.lnk
2021-03-11 01:56 - 2021-03-11 01:56 - 000001948 _____ C:\ProgramData\Desktop\Malwarebytes.lnk
2021-03-11 01:55 - 2021-03-11 01:55 - 000248992 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbamswissarmy.sys
2021-03-11 01:55 - 2021-03-11 01:55 - 000220616 _____ (Malwarebytes) C:\Windows\system32\Drivers\MbamChameleon.sys
2021-03-11 01:55 - 2021-03-11 01:55 - 000153312 _____ (Malwarebytes) C:\Windows\system32\Drivers\mbae64.sys
2021-03-11 01:55 - 2021-03-11 01:55 - 000000000 ____D C:\Program Files\Malwarebytes
2021-03-11 00:21 - 2021-03-11 00:21 - 000001658 _____ C:\ProgramData\Desktop\Recuva.lnk
2021-03-10 22:53 - 2021-03-10 23:31 - 000000000 ____D C:\AdwCleaner
2021-03-10 22:52 - 2021-03-10 22:52 - 008463216 _____ (Malwarebytes) C:\Users\DELL\Downloads\adwcleaner_8.1.exe
2021-03-10 22:52 - 2021-03-10 22:52 - 008463216 _____ (Malwarebytes) C:\Users\DELL\Downloads\adwcleaner_8.1 (1).exe
2021-03-10 22:15 - 2021-03-11 00:08 - 000000000 ____D C:\Program Files\CCleaner
2021-03-10 22:15 - 2021-03-10 22:15 - 000003870 _____ C:\Windows\system32\Tasks\CCleaner Update
2021-03-10 22:15 - 2021-03-10 22:15 - 000002804 _____ C:\Windows\system32\Tasks\CCleanerSkipUAC
2021-03-10 22:15 - 2021-03-10 22:15 - 000000822 _____ C:\ProgramData\Desktop\CCleaner.lnk
2021-03-10 22:15 - 2021-03-10 22:15 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CCleaner
2021-03-10 22:08 - 2021-03-10 22:09 - 030972600 _____ (Piriform Software Ltd) C:\Users\DELL\Downloads\ccsetup577.exe
2021-03-10 21:59 - 2021-03-10 21:59 - 000262144 _____ C:\Windows\system32\config\elam
2021-03-10 21:56 - 2021-03-10 21:56 - 000001050 _____ C:\ProgramData\Desktop\Kaspersky VPN.lnk
2021-03-10 21:56 - 2021-03-10 21:56 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky VPN
2021-03-10 21:55 - 2021-03-10 21:55 - 000003032 _____ C:\Windows\system32\Tasks\Kaspersky_Upgrade_Launcher_{278ADC42-419D-4547-A6CA-5B74BE0AD901}
2021-03-10 21:55 - 2021-03-10 21:55 - 000000000 ____D C:\Program Files\Common Files\AV
2021-03-10 21:54 - 2021-03-10 21:55 - 000000000 ____D C:\ProgramData\Kaspersky Lab
2021-03-10 21:54 - 2021-03-10 21:55 - 000000000 ____D C:\Program Files (x86)\Kaspersky Lab
2021-03-10 21:54 - 2021-03-10 21:54 - 000002102 _____ C:\ProgramData\Desktop\Kaspersky Internet Security.lnk
2021-03-10 21:54 - 2021-03-10 21:54 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Kaspersky Internet Security
2021-03-10 21:54 - 2020-10-21 23:12 - 000110176 _____ (Kaspersky Lab ZAO) C:\Windows\system32\klfphc.dll
2021-03-10 21:54 - 2020-10-21 23:11 - 001025336 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
2021-03-10 21:54 - 2020-10-21 23:11 - 000523576 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klflt.sys
2021-03-10 21:50 - 2021-03-10 21:50 - 000000000 ____D C:\ProgramData\Kaspersky Lab Setup Files
2021-03-10 21:27 - 2021-03-10 21:27 - 002778600 _____ (Kaspersky) C:\Users\DELL\Downloads\kis21.2.16.590cs_25709.exe
2021-03-10 21:25 - 2021-03-10 21:25 - 010618960 _____ (F-Secure Corporation) C:\Users\DELL\Downloads\F-SecureOnlineScanner.exe
2021-03-10 21:25 - 2021-03-10 21:25 - 000058752 _____ (F-Secure Corporation) C:\Windows\system32\Drivers\fsbts.sys
2021-03-10 21:25 - 2021-03-10 21:25 - 000000000 ____D C:\Users\DELL\AppData\Local\FSDART
2021-03-10 21:25 - 2021-03-10 21:25 - 000000000 ____D C:\Program Files\F-Secure
2021-03-10 21:10 - 2021-03-11 02:04 - 000000000 ____D C:\Windows\system32\Tasks\Updates
2021-03-10 21:08 - 2021-03-10 21:14 - 000024643 _____ C:\Users\DELL\Downloads\Addition.txt.cadq
2021-03-10 21:06 - 2021-03-11 02:31 - 000000000 ____D C:\FRST
2021-03-10 21:06 - 2021-03-10 21:14 - 002301774 _____ C:\Users\DELL\Downloads\FRST.exe.cadq
2021-03-10 21:06 - 2021-03-10 21:14 - 000052221 _____ C:\Users\DELL\Downloads\FRST.txt.cadq
2021-03-10 21:02 - 2021-03-10 21:02 - 002084016 _____ (Malwarebytes) C:\Users\DELL\Downloads\MBSetup.exe
2021-03-10 20:52 - 2021-03-10 20:52 - 000428008 _____ C:\Windows\system32\FNTCACHE.DAT
2021-03-10 20:47 - 2021-03-10 20:47 - 000000764 _____ C:\Users\DELL\Desktop\ESET Online Scanner.lnk
2021-03-10 20:45 - 2021-03-10 20:45 - 000000000 ____D C:\ProgramData\ESET
2021-03-10 20:45 - 2021-03-10 20:45 - 000000000 ____D C:\Program Files\ESET
2021-03-10 20:25 - 2021-03-10 20:25 - 005553888 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlmp.exe
2021-03-10 20:25 - 2021-03-10 20:25 - 000629984 _____ (Microsoft Corporation) C:\Windows\system32\osloader.exe
2021-03-10 20:24 - 2021-03-10 20:24 - 000001105 _____ C:\Users\DELL\_readme.txt
2021-03-10 20:24 - 2021-03-10 20:24 - 000000558 _____ C:\Users\DELL\AppData\Local\bowsakkdestx.txt
2021-03-10 20:24 - 2021-03-10 20:24 - 000000000 ____D C:\SystemID
2021-03-10 20:23 - 2021-03-11 01:57 - 000000000 ____D C:\Windows\SysWOW64\inhpzdtd
2021-03-10 20:23 - 2021-03-10 21:27 - 000000000 ____D C:\Users\DELL\AppData\Local\da70b378-7da6-455a-ad5b-343d1a1776f3
2021-03-10 20:23 - 2021-03-10 20:23 - 000000000 ____D C:\ProgramData\vcftqxriqdye
2021-03-10 20:23 - 2021-03-10 20:23 - 000000000 ____D C:\ProgramData\Riate
2021-03-10 20:22 - 2021-03-10 22:00 - 000000000 ____D C:\Users\DELL\AppData\Roaming\heqdyyoh2lg
2021-03-10 20:22 - 2021-03-10 21:30 - 000003576 _____ C:\Windows\system32\Tasks\Firefox Default Browser Agent 27A5AB6087AB5E32
2021-03-10 20:22 - 2021-03-10 20:22 - 000000000 ____D C:\ProgramData\S8M2MM0L98FC67MGC52ONLOF8
2021-03-10 20:22 - 2021-03-10 20:22 - 000000000 ____D C:\Program Files\CC24QGO67W
2021-03-10 20:21 - 2021-03-10 20:23 - 000000000 ____D C:\ProgramData\9BFDBQHK3MYS4HBKBQBO0PCMH
2021-03-10 20:21 - 2021-03-10 20:21 - 000000000 ____D C:\Windows\system32\Tasks\Services
2021-03-10 20:21 - 2021-03-10 20:21 - 000000000 ____D C:\Users\DELL\AppData\Roaming\QiPkKfYwUiBdsdzql
2021-03-10 20:21 - 2021-03-10 20:21 - 000000000 ____D C:\Users\DELL\AppData\Roaming\jovJvMmPRzskxL
2021-03-10 20:20 - 2021-03-10 20:20 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Burito
2021-03-10 20:19 - 2021-03-10 20:19 - 000000270 __RSH C:\Users\DELL\ntuser.pol
2021-03-10 20:18 - 2021-03-10 21:30 - 000003576 _____ C:\Windows\system32\Tasks\Firefox Default Browser Agent 63891B0D6777AB95
2021-03-10 20:18 - 2021-03-10 20:25 - 000003576 _____ C:\Windows\system32\Tasks\NvNgxUpdateCheckDaily_{78821544-1544-1544-1544-788215441544}
2021-03-10 20:18 - 2021-03-10 20:25 - 000000000 ____D C:\Users\DELL\Documents\VlcpVideoV1.0.1
2021-03-10 20:18 - 2021-03-10 20:21 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2021-03-10 20:18 - 2021-03-10 20:21 - 000000000 ____D C:\Users\DELL\AppData\Roaming\ZNIQXHFHgzP
2021-03-10 20:18 - 2021-03-10 20:21 - 000000000 ____D C:\Users\DELL\AppData\Local\FBoxingConv
2021-03-10 20:18 - 2021-03-10 20:18 - 000000013 _____ C:\ProgramData\kaosdma.txt
2021-03-10 20:18 - 2021-03-10 20:18 - 000000000 ____D C:\Users\DELL\AppData\Local\ResolveMethod
2021-03-10 20:18 - 2021-03-10 20:18 - 000000000 ____D C:\ProgramData\TDMSA8B39U021FNIIWLXKWWB8
2021-03-10 20:18 - 2021-03-10 20:18 - 000000000 ____D C:\ProgramData\A5NJGMWBKTWTJYRLQRK4TZ6N4
2021-03-10 20:18 - 2021-03-10 20:18 - 000000000 ____D C:\ProgramData\596835877507505
2021-03-10 19:28 - 2021-03-10 20:24 - 000277466 _____ C:\Users\DELL\Downloads\vypoved_ze_smlouvy_o_poskytovani_sluzeb_elektronickych_komunikaci.pdf.cadq
2021-03-10 19:26 - 2021-03-10 20:24 - 000040855 _____ C:\Users\DELL\Downloads\vzor_vypovedi_cps.pdf.cadq
2021-02-19 21:57 - 2021-02-19 21:57 - 000000000 _____ C:\Users\DELL\AppData\Local\{444D40C7-7F67-4814-9653-E9AB7C63FD32}

==================== One month (modified) ==================

(If an entry is included in the fixlist, the file/folder will be moved.)

2021-03-11 02:28 - 2019-10-23 21:28 - 000000911 _____ C:\Windows\Tasks\EPSON L3050 Series Update {F8F45C97-4E9E-4643-9B5E-CCF6D2BC2BD8}.job
2021-03-11 02:19 - 2019-10-23 21:19 - 000000911 _____ C:\Windows\Tasks\EPSON L3050 Series Update {F2960919-36E8-4BC8-BD58-3C84B9565AF2}.job
2021-03-11 02:03 - 2016-11-23 00:05 - 000000000 ____D C:\Users\DELL\AppData\LocalLow\Mozilla
2021-03-11 01:56 - 2019-12-16 19:46 - 000000000 ____D C:\Program Files\Mozilla Firefox
2021-03-11 01:49 - 2009-07-14 05:45 - 000028960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2021-03-11 01:49 - 2009-07-14 05:45 - 000028960 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2021-03-11 00:50 - 2020-06-14 19:26 - 000000000 ____D C:\ProgramData\AVAST Software
2021-03-11 00:21 - 2017-07-16 23:17 - 000000997 _____ C:\Users\DELL\Desktop\Electrum.lnk
2021-03-11 00:21 - 2017-07-16 23:17 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Electrum
2021-03-11 00:21 - 2017-07-16 23:16 - 000000000 ____D C:\Program Files (x86)\Electrum
2021-03-11 00:21 - 2016-01-17 23:04 - 000000000 ____D C:\Program Files\Recuva
2021-03-10 23:56 - 2009-07-14 16:18 - 000668792 _____ C:\Windows\system32\perfh005.dat
2021-03-10 23:56 - 2009-07-14 16:18 - 000141420 _____ C:\Windows\system32\perfc005.dat
2021-03-10 23:56 - 2009-07-14 06:13 - 001583226 _____ C:\Windows\system32\PerfStringBackup.INI
2021-03-10 23:56 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\inf
2021-03-10 23:51 - 2016-11-15 20:17 - 000000000 ____D C:\Program Files (x86)\Mozilla Firefox
2021-03-10 23:50 - 2019-10-01 21:20 - 000065536 _____ C:\Windows\system32\Ikeext.etl
2021-03-10 23:50 - 2009-07-14 06:08 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2021-03-10 23:41 - 2016-03-02 21:59 - 000004478 _____ C:\Windows\system32\Tasks\Adobe Acrobat Update Task
2021-03-10 23:34 - 2016-03-02 21:58 - 000002019 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2021-03-10 23:07 - 2009-07-14 04:20 - 000000000 ____D C:\Windows\tracing
2021-03-10 22:31 - 2015-06-25 22:28 - 000000000 ____D C:\Users\DELL\AppData\Roaming\uTorrent
2021-03-10 21:59 - 2019-10-23 20:20 - 000000000 ____D C:\Program Files (x86)\epson
2021-03-10 21:30 - 2015-06-26 00:01 - 000000000 ____D C:\ProgramData\Malwarebytes
2021-03-10 21:25 - 2019-10-23 22:08 - 000000000 ____D C:\ProgramData\F-Secure
2021-03-10 20:52 - 2009-07-14 06:08 - 000032554 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2021-03-10 20:36 - 2019-11-15 21:06 - 000000000 ____D C:\Users\DELL\AppData\Local\CrashDumps
2021-03-10 20:25 - 2019-11-24 22:02 - 000000000 ____D C:\Users\DELL\Documents\Wondershare Filmora 9
2021-03-10 20:25 - 2019-11-12 17:11 - 000000000 ____D C:\Users\DELL\Documents\The Best And Most Expensive Fonts 1500 Font Collection
2021-03-10 20:25 - 2019-10-05 19:45 - 000000000 ____D C:\Users\DELL\Documents\Vykon trestu
2021-03-10 20:24 - 2021-02-04 19:44 - 000623528 _____ C:\Users\DELL\Downloads\InspirARTion (1).png.cadq
2021-03-10 20:24 - 2021-02-04 19:43 - 000748591 _____ C:\Users\DELL\Downloads\InspirARTion.png.cadq
2021-03-10 20:24 - 2021-01-20 16:35 - 000058761 _____ C:\Users\DELL\Downloads\LP-bazar-e1530113823589.jpg.cadq
2021-03-10 20:24 - 2021-01-18 22:33 - 000005384 __RSH C:\ProgramData\ntuser.pol
2021-03-10 20:24 - 2020-12-09 00:19 - 000003880 _____ C:\Users\DELL\Documents\DESKY seznam AKTUAL 08.12 2020.txt.cadq
2021-03-10 20:24 - 2020-07-30 21:34 - 000000000 ____D C:\Users\DELL\Desktop\Bazos vystaveno
2021-03-10 20:24 - 2020-07-22 00:17 - 000002359 _____ C:\Users\DELL\Documents\DESKY seznam AKTUAL 20.7.txt.cadq
2021-03-10 20:24 - 2020-07-22 00:15 - 000004383 _____ C:\Users\DELL\Documents\DESKY seznam SP singls.txt.cadq
2021-03-10 20:24 - 2020-02-20 22:08 - 000000000 ___RD C:\Users\DELL\Documents\Scanned Documents
2021-03-10 20:24 - 2019-12-23 19:31 - 000123214 ___SH C:\Users\DELL\Desktop\Thumbs.db.cadq
2021-03-10 20:24 - 2019-12-23 10:49 - 000000547 _____ C:\Users\DELL\Documents\poland.txt.cadq
2021-03-10 20:24 - 2019-12-21 19:40 - 000000000 ____D C:\Users\DELL\Desktop\police buletin
2021-03-10 20:24 - 2019-12-10 23:35 - 000000000 ____D C:\Users\DELL\Desktop\el stato puro lento
2021-03-10 20:24 - 2019-12-01 18:30 - 000000000 ____D C:\Users\DELL\Desktop\Zeman work
2021-03-10 20:24 - 2019-11-15 17:24 - 000000000 ____D C:\Users\DELL\Desktop\work video
2021-03-10 20:24 - 2019-11-14 21:06 - 009866176 _____ C:\Users\DELL\Documents\RX-V683_Manual CZ internet.pdf.cadq
2021-03-10 20:24 - 2019-11-05 19:07 - 000004402 _____ C:\Users\DELL\Documents\KREKY update.txt.cadq
2021-03-10 20:24 - 2019-11-05 17:32 - 000000000 ____D C:\Users\DELL\Documents\scan od Jirky
2021-03-10 20:24 - 2019-11-05 17:25 - 000001624 _____ C:\Users\DELL\Documents\account #1_ltc.csv.cadq
2021-03-10 20:24 - 2019-11-05 15:07 - 000172899 _____ C:\Users\DELL\Documents\alza disk.xps.cadq
2021-03-10 20:24 - 2019-10-22 13:40 - 000019397 _____ C:\Users\DELL\Documents\BRIF.rtf.cadq
2021-03-10 20:24 - 2019-10-20 18:49 - 000002080 _____ C:\Users\DELL\Documents\pravidla.txt.cadq
2021-03-10 20:24 - 2019-10-05 01:38 - 000008526 ___SH C:\Users\DELL\Documents\Thumbs.db.cadq
2021-03-10 20:24 - 2018-02-24 20:16 - 000000376 _____ C:\Users\DELL\Documents\Adresa ETH for ICO.txt.cadq
2021-03-10 20:24 - 2018-01-28 03:31 - 000112824 _____ C:\Users\DELL\Documents\CebiaReportPdf dvojka.pdf.cadq
2021-03-10 20:24 - 2018-01-28 03:13 - 000112824 _____ C:\Users\DELL\Documents\CebiaReportPdf.pdf.cadq
2021-03-10 20:24 - 2017-12-25 12:58 - 000000000 ____D C:\Users\DELL\Desktop\ID
2021-03-10 20:24 - 2017-12-25 12:53 - 000000000 ____D C:\Users\DELL\Desktop\phon
2021-03-10 20:24 - 2017-12-07 23:45 - 000000414 _____ C:\Users\DELL\Documents\maximilian1.txt.cadq
2021-03-10 20:24 - 2017-11-25 00:20 - 000005155 _____ C:\Users\DELL\Documents\kreky 3.txt.cadq
2021-03-10 20:24 - 2017-11-25 00:08 - 000007925 _____ C:\Users\DELL\Documents\kreky 2.txt.cadq
2021-03-10 20:24 - 2017-11-23 01:11 - 000017013 _____ C:\Users\DELL\Documents\sgnl.PNG.cadq
2021-03-10 20:24 - 2017-11-23 00:29 - 000000385 _____ C:\Users\DELL\Documents\signals ico.txt.cadq
2021-03-10 20:24 - 2017-10-15 11:29 - 000002771 _____ C:\Users\DELL\Documents\IP VANISH.txt.cadq
2021-03-10 20:24 - 2017-10-05 19:40 - 000000573 _____ C:\Users\DELL\Documents\NETFLIX.txt.cadq
2021-03-10 20:24 - 2017-08-24 17:00 - 000000453 _____ C:\Users\DELL\Documents\xcodes.txt.cadq
2021-03-10 20:24 - 2017-06-26 20:25 - 000000000 ____D C:\Users\DELL\Documents\návody
2021-03-10 20:24 - 2017-03-29 20:51 - 000000000 ____D C:\Users\DELL\Documents\HACK FACEBOOK [USED THIS MYSELF] [VERY FAST WAY] [VERY RELIABLE]
2021-03-10 20:24 - 2016-05-21 20:11 - 000000000 ____D C:\Users\DELL\Desktop\FOTOS jARO 2016
2021-03-10 20:24 - 2016-04-01 13:59 - 000000000 ____D C:\Users\DELL\Desktop\sales
2021-03-10 20:24 - 2016-03-25 18:37 - 000000000 ____D C:\Users\DELL\Documents\peugot 206
2021-03-10 20:24 - 2016-03-12 20:50 - 000023891 _____ C:\Users\DELL\Documents\ltrevorian seznam vinyls 2016.zip.cadq
2021-03-10 20:24 - 2015-10-14 18:12 - 002546510 _____ C:\Users\DELL\Documents\Poradani oslav[2].doc.cadq
2021-03-10 20:24 - 2015-10-14 18:12 - 000041806 _____ C:\Users\DELL\Documents\Zákony_řádu_SS-4.doc.cadq
2021-03-10 20:24 - 2015-10-14 17:19 - 000000000 ____D C:\Users\DELL\Desktop\fotos grow
2021-03-10 20:24 - 2015-08-12 17:34 - 000000000 ____D C:\Users\DELL\Desktop\foto oblečení
2021-03-10 20:24 - 2015-07-23 09:04 - 000000000 ____D C:\Users\DELL\Desktop\for sale
2021-03-10 20:24 - 2015-06-26 01:43 - 000000000 ____D C:\Tor Browser
2021-03-10 20:24 - 2015-06-25 23:34 - 000000000 ____D C:\KMPlayer
2021-03-10 20:24 - 2015-06-25 08:02 - 000000000 ____D C:\drvrtmp
2021-03-10 20:24 - 2015-06-24 15:54 - 000000000 ____D C:\Users\DELL\AppData\Local\VirtualStore
2021-03-10 20:24 - 2015-06-24 15:54 - 000000000 ____D C:\Users\DELL
2021-03-10 20:24 - 2014-10-26 14:14 - 197261284 _____ C:\Users\DELL\Documents\Vzpoura mozků.pdf.cadq
2021-03-10 20:24 - 2014-09-18 19:32 - 000015356 _____ C:\Users\DELL\Documents\kauf.docx.cadq
2021-03-10 20:24 - 2014-06-05 12:46 - 000013363 _____ C:\Users\DELL\Documents\Koupím jakékoliv staré a původní Německé věci z období 2.docx.cadq
2021-03-10 19:29 - 2018-02-14 00:33 - 000000000 ____D C:\Users\DELL\AppData\Local\File Viewer Plus
2021-03-10 18:57 - 2017-02-03 00:50 - 000002184 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2021-03-07 02:11 - 2019-11-15 21:03 - 000000000 ____D C:\ProgramData\Malwarebytes Anti-Exploit
2021-03-07 00:18 - 2015-06-25 23:09 - 000000000 ____D C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-07 00:18 - 2015-06-25 23:09 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinRAR
2021-03-07 00:18 - 2015-06-25 23:09 - 000000000 ____D C:\Program Files\WinRAR
2021-03-07 00:17 - 2020-02-14 18:35 - 000000871 _____ C:\ProgramData\Desktop\VLC media player.lnk
2021-03-07 00:16 - 2020-06-24 15:48 - 000000000 ____D C:\Windows\system32\Tasks\Avast Software
2021-02-12 15:54 - 2020-06-24 15:47 - 000081632 _____ (Avast Software) C:\Windows\system32\icarus_rvrt.exe
2021-02-10 15:32 - 2017-06-27 21:36 - 000000000 ____D C:\Windows\system32\MRT
2021-02-10 15:29 - 2017-06-27 21:36 - 130141752 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe

==================== Files in the root of some directories ========

2021-03-10 20:18 - 2021-03-10 20:21 - 000137168 _____ (Mozilla Foundation) C:\ProgramData\mozglue.dll
2020-01-17 02:00 - 2020-01-03 04:33 - 000320202 ___SH () C:\Users\DELL\AppData\Roaming\edajguv
2020-01-17 02:00 - 2020-01-03 04:33 - 000348811 ___SH () C:\Users\DELL\AppData\Roaming\gdijbsa
2021-01-24 00:14 - 2021-01-24 00:14 - 000375844 _____ () C:\Users\DELL\AppData\Local\ars.cache
2021-03-10 20:24 - 2021-03-10 20:24 - 000000558 _____ () C:\Users\DELL\AppData\Local\bowsakkdestx.txt
2021-01-24 00:14 - 2021-01-24 00:14 - 000717142 _____ () C:\Users\DELL\AppData\Local\census.cache
2021-01-24 00:01 - 2021-01-24 00:01 - 000000036 _____ () C:\Users\DELL\AppData\Local\housecall.guid.cache
2018-01-13 17:26 - 2018-01-13 17:26 - 000000702 _____ () C:\Users\DELL\AppData\Local\recently-used.xbel
2021-02-19 21:57 - 2021-02-19 21:57 - 000000000 _____ () C:\Users\DELL\AppData\Local\{444D40C7-7F67-4814-9653-E9AB7C63FD32}
2020-08-03 13:55 - 2020-08-03 13:55 - 000000000 _____ () C:\Users\DELL\AppData\Local\{5E736967-0D1E-4691-A6E5-4996EFA8D86F}

==================== SigCheck ============================

(There is no automatic fix for files that do not pass verification.)


LastRegBack: 2021-01-31 17:29
==================== End of FRST.txt ========================
...............................................................................................
Additional scan result of Farbar Recovery Scan Tool (x64) Version: 28-02-2021
Ran by DELL (11-03-2021 02:33:34)
Running from C:\Users\DELL\Downloads
Windows 7 Professional Service Pack 1 (X64) (2015-06-24 14:53:30)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-2880966242-396801791-3330362422-500 - Administrator - Disabled)
DELL (S-1-5-21-2880966242-396801791-3330362422-1000 - Administrator - Enabled) => C:\Users\DELL
Guest (S-1-5-21-2880966242-396801791-3330362422-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-2880966242-396801791-3330362422-1002 - Limited - Enabled)

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKLM-x32\...\uTorrent) (Version: 2.0.1 - )
Adobe Acrobat Reader DC - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AC0F074E4100}) (Version: 21.001.20135 - Adobe Systems Incorporated)
Adobe Flash Player 32 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 32.0.0.465 - Adobe)
Adobe Flash Player 32 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 32.0.0.465 - Adobe)
Aplikace Intel® PROSet/Wireless (HKLM-x32\...\{b6b417a3-1f40-4618-aadd-49628bda7836}) (Version: 16.1.1 - Intel Corporation)
Avast Cleanup Premium (HKLM\...\Avast Cleanup) (Version: 21.1.9940.2746 - Avast Software)
CCleaner (HKLM\...\CCleaner) (Version: 5.77 - Piriform)
Centrum zařízení Windows Mobile (HKLM\...\{626672CD-BFCF-49A9-AEFE-AB0FED3BFC5B}) (Version: 6.1.6965.0 - Microsoft Corporation)
CrystalDiskInfo 8.3.1 (HKLM-x32\...\CrystalDiskInfo_is1) (Version: 8.3.1 - Crystal Dew World)
Dell Custom Help (HKLM\...\{BE1CF6CA-3182-45D8-9535-A18055B73607}) (Version: 16.01.1000.0235 - Intel Corporation) Hidden
Electrum (HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Electrum) (Version: 4.0.9 - Electrum Technologies GmbH)
Epson Easy Photo Print 2 (HKLM-x32\...\{7E0261C4-8495-4365-BE48-647701D8B9BD}) (Version: 2.8.3.0 - Seiko Epson Corporation)
Epson Event Manager (HKLM-x32\...\{AB8BE3EA-01D3-44B7-8E77-A9601CBDEBDE}) (Version: 3.10.0085 - Seiko Epson Corporation)
EPSON L3050 Series Printer Uninstall (HKLM\...\EPSON L3050 Series) (Version: - Seiko Epson Corporation)
Epson Printer Connection Checker (HKLM-x32\...\{189DE071-E0BC-4BA5-8E34-83D5ED12600B}) (Version: 3.2.0.0 - Seiko Epson Corporation)
Epson Scan 2 (HKLM-x32\...\Epson Scan 2) (Version: - Seiko Epson Corporation)
EPSON Scan OCR Component (HKLM-x32\...\{563B99D8-8895-4E3E-AE8D-15BE8C05F1C1}) (Version: 3.00.04 - SEIKO EPSON Corp.)
Epson Software Updater (HKLM-x32\...\{28C66F35-69BF-4376-BC80-4D5F4808FF3C}) (Version: 4.6.1 - Seiko Epson Corporation)
EpsonNet Print (HKLM\...\{96ED1D58-440C-4345-8FEE-C4781366C67F}) (Version: 3.1.4.0 - SEIKO EPSON Corporation)
File Identifier (HKLM-x32\...\{C257E434-E8F1-4E06-A616-598E4933553E}_is1) (Version: 1.0.11 - Sharpened Productions)
File Viewer Plus (HKLM-x32\...\{C8B24B83-920A-446E-B027-38F72C9D8898}_is1) (Version: 2.2.1 - Sharpened Productions)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 89.0.4389.82 - Google LLC)
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
Intel(R) Graphics Media Accelerator Driver (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2281 - Intel Corporation)
Intel(R) Network Connections Drivers (HKLM\...\PROSet) (Version: 15.2 - Intel)
Kaspersky Internet Security (HKLM-x32\...\{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{63129F5E-8EC5-41BA-A4CF-47966CE84953}) (Version: 21.2.16.590 - Kaspersky)
Kaspersky VPN (HKLM-x32\...\{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky) Hidden
Kaspersky VPN (HKLM-x32\...\InstallWIX_{221FA56C-0A92-4E58-98FD-CAF82237540C}) (Version: 21.2.16.590 - Kaspersky)
Ledger Live 1.15.0 (HKLM\...\c62032b2-0bca-5abc-b458-fd67cfc9e49b) (Version: 1.15.0 - Ledger)
Malwarebytes version 4.3.0.98 (HKLM\...\{35065F43-4BB2-439A-BFF7-0F1014F2E0CD}_is1) (Version: 4.3.0.98 - Malwarebytes)
Microsoft .NET Framework 4.8 (čeština) (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1029) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft .NET Framework 4.8 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.8.03761 - Microsoft Corporation)
Microsoft Edge (HKLM-x32\...\Microsoft Edge) (Version: 83.0.478.50 - Microsoft Corporation)
Microsoft Edge Update (HKLM-x32\...\Microsoft Edge Update) (Version: 1.3.129.37 - )
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23026 (HKLM-x32\...\{e46eca4f-393b-40df-9f49-076faf788d83}) (Version: 14.0.23026.0 - Microsoft Corporation)
Mozilla Firefox 71.0 (x64 en-US) (HKLM\...\Mozilla Firefox 71.0 (x64 en-US)) (Version: 71.0 - Mozilla)
Mozilla Firefox 84.0.2 (x86 cs) (HKLM-x32\...\Mozilla Firefox 84.0.2 (x86 cs)) (Version: 84.0.2 - Mozilla)
Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 59.0 - Mozilla)
Neon 2.3.0 (only current user) (HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\211a501f-25dd-501b-8c98-509ac17aedfa) (Version: 2.3.0 - Ethan Fast)
Recuva (HKLM\...\Recuva) (Version: 1.53 - Piriform)
Samsung Data Migration (HKLM-x32\...\{3B304604-0BF5-488E-AB95-F2F2E31206F3}) (Version: 3.1 - Samsung)
Samsung Magician (HKLM-x32\...\{29AE3F9F-7158-4ca7-B1ED-28A73ECDB215}_is1) (Version: 6.0.0.100 - Samsung Electronics)
Spotify (HKU\S-1-5-21-2880966242-396801791-3330362422-1000\...\Spotify) (Version: 1.1.36.734.g8731c306 - Spotify AB)
VEGAS Pro 14.0 (64-bit) (HKLM\...\{B926966E-0517-11E7-9D65-C2A106E0D44C}) (Version: 14.0.244 - VEGAS)
Visual Studio C++ 10.0 Runtime (HKLM-x32\...\{4412F224-3849-4461-A3E9-DEEF8D252790}) (Version: 10.0.0 - TomTom International B.V.)
VLC media player (HKLM\...\VLC media player) (Version: 3.0.12 - VideoLAN)
WinRAR 6.00 (64-bit) (HKLM\...\WinRAR archiver) (Version: 6.00.0 - win.rar GmbH)
Wondershare Filmora9(Build 9.2.7) (HKLM\...\Wondershare Filmora9_is1) (Version: - Wondershare Software)

==================== Custom CLSID (Whitelisted): ==============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

ContextMenuHandlers1: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers1: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => -> No File
ContextMenuHandlers1: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2021-03-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers1: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers1-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers2: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers2: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2021-03-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers3: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers4: [GpgEX] -> {CCD955E4-5C16-4A33-AFDA-A8947A94946B} => -> No File
ContextMenuHandlers4: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2021-03-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers4: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\Windows\system32\igfxpph.dll [2011-01-12] (Microsoft Windows Hardware Compatibility Publisher -> Intel Corporation)
ContextMenuHandlers6: [ESET Security Shell] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => -> No File
ContextMenuHandlers6: [Kaspersky Anti-Virus 21.2] -> {9B9F6E01-A5CF-4269-B245-CFF66A7DAEBD} => C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 21.2\x64\shellex.dll [2021-03-10] (Kaspersky Lab JSC -> AO Kaspersky Lab)
ContextMenuHandlers6: [MBAMShlExt] -> {57CE581A-0CB6-4266-9CA0-19364C90A0B3} => C:\Program Files\Malwarebytes\Anti-Malware\mbshlext.dll [2021-03-11] (Malwarebytes Corporation -> Malwarebytes)
ContextMenuHandlers6: [RecuvaShellExt] -> {435E5DF5-2510-463C-B223-BDA47006D002} => C:\Program Files\Recuva\RecuvaShell64.dll [2020-08-03] (Piriform Software Ltd -> Piriform Software Ltd)
ContextMenuHandlers6: [WinRAR] -> {B41DB860-64E4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)
ContextMenuHandlers6-x32: [WinRAR32] -> {B41DB860-8EE4-11D2-9906-E49FADC173CA} => C:\Program Files\WinRAR\rarext32.dll [2020-12-01] (win.rar GmbH -> Alexander Roshal)

==================== Codecs (Whitelisted) ====================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Drivers32-x32: [vidc.XVID] => xvidvfw.dll
HKLM\...\Drivers32-x32: [VIDC.VP80] => vp8vfw.dll

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)

ShortcutWithArgument: C:\Users\DELL\Desktop\Kuro Chimenez - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"
ShortcutWithArgument: C:\Users\DELL\Desktop\První uživatel - Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2"
ShortcutWithArgument: C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Aplikace Chrome\SWOOOP.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 2" --app-id=jblimahfbhdcengjfbdpdngcfcghladf
ShortcutWithArgument: C:\Users\DELL\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\ImplicitAppShortcuts\69639df789022856\Google Chrome.lnk -> C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC) -> --profile-directory="Profile 1"

==================== Loaded Modules (Whitelisted) =============

2016-09-14 13:31 - 2016-09-14 13:31 - 000500736 ____S (SEIKO EPSON CORPORATION) [File not signed] C:\Windows\System32\enppmon.dll

==================== Alternate Data Streams (Whitelisted) ========

==================== Safe Mode (Whitelisted) ==================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService => ""="Service"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\MBAMService => ""="Service"

==================== Association (Whitelisted) =================

==================== Internet Explorer (Version 11) (Whitelisted) ==========

HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com

==================== Hosts content: =========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2019-12-12 00:59 - 2021-03-10 20:21 - 000000000 _____ C:\Windows\system32\drivers\etc\hosts

==================== Other Areas ===========================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-2880966242-396801791-3330362422-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\DELL\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
DNS Servers: 172.16.1.250 - 172.16.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

==================== FirewallRules (Whitelisted) ================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [SPPSVC-In-TCP] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) C:\Windows\system32\sppsvc.exe (Microsoft Windows -> Microsoft Corporation)
FirewallRules: [{61284855-C948-43D4-B35B-B2F54C7103B6}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DB6804B6-FF6B-4C7B-9D11-FE9A0AFB3A4A}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{529CF40A-84AD-44F7-8CFA-CB0A0D979A83}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{E1EF2513-291F-4D4F-AC26-F306D99DDA51}] => (Allow) C:\Program Files (x86)\uTorrent\uTorrent.exe (BitTorrent Inc -> BitTorrent, Inc.)
FirewallRules: [{3D919013-9BE0-4728-86A1-3D3E6280B366}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{2F0F137F-DED5-46DA-B90C-503C3E2A605B}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{DDEA1629-5A03-4EA7-94B1-F80E530F468D}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{00BB02C4-5BF0-4870-9430-47C951450522}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [TCP Query User{8331D1B4-0790-4EA5-8E9F-A2969053DED1}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [UDP Query User{B318742A-67E0-4678-8058-51126EB44E86}C:\users\dell\appdata\roaming\spotify\spotify.exe] => (Allow) C:\users\dell\appdata\roaming\spotify\spotify.exe (Spotify AB -> Spotify Ltd)
FirewallRules: [{344B8A67-D7FA-4BFE-A9DE-17D8DED71B1A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [{DE327FF2-9008-4842-A576-72EDFB7F3C46}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation -> Mozilla Corporation)
FirewallRules: [TCP Query User{3642FA04-E83D-4C1B-B4C4-57696E9BDA85}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{0A290060-14ED-4B65-8BDF-3D83D505774D}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [TCP Query User{C55D35ED-A407-4DAC-9BE9-D89CD2EB5AC7}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [UDP Query User{E6940ADB-CB28-4B06-BCD4-0942DBFA4F3F}C:\program files (x86)\epson software\event manager\eeventmanager.exe] => (Block) C:\program files (x86)\epson software\event manager\eeventmanager.exe (SEIKO EPSON CORPORATION -> SEIKO EPSON CORPORATION)
FirewallRules: [{D87BCF5C-D010-434F-9AEF-2AEF720F1F42}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe (Intel Corporation-Mobile Wireless Group -> )
FirewallRules: [{95A1C1BF-202A-4998-89CA-0710EE52C5EB}] => (Allow) LPort=1688
FirewallRules: [{C126FBEF-F8A2-440C-81E5-03170584DB52}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe (Google LLC -> Google LLC)

==================== Restore Points =========================


==================== Faulty Device Manager Devices ============

Name:
Description:
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Intel(R) 82577LM Gigabit Network Connection
Description: Intel(R) 82577LM Gigabit Network Connection
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Intel
Service: e1kexpress
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: Broadcom USH
Description: Broadcom USH
Class Guid:
Manufacturer:
Service:
Problem: : The drivers for this device are not installed. (Code 28)
Resolution: To install the drivers for this device, click "Update Driver", which starts the Hardware Update wizard.

Name: Adaptér miniportu Microsoft Virtual WiFi
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

Name: WinmonProcessMonitor
Description: WinmonProcessMonitor
Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
Manufacturer:
Service: WinmonProcessMonitor
Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
Devices stay in this state if they have been prepared for removal.
After you remove the device, this error disappears.Remove the device, and this error should be resolved.

Name: Microsoft Virtual WiFi Miniport Adapter #2
Description: Adaptér miniportu Microsoft Virtual WiFi
Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
Manufacturer: Microsoft
Service: vwifimp
Problem: : This device is disabled. (Code 22)
Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


==================== Event log errors: ========================

Application errors:
==================
Error: (03/10/2021 11:50:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:50:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:50:12 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:41:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:41:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:41:24 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=17, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:24:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=43, ID autora=9, ID dodavatele=0, typ dodavatele=0

Error: (03/10/2021 11:24:47 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
Description: Přeskočení: Ověření Eap method DLL path name se nezdařilo. Chyba: ID typu=25, ID autora=9, ID dodavatele=0, typ dodavatele=0


System errors:
=============
Error: (03/10/2021 11:40:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/10/2021 11:40:37 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/10/2021 11:40:36 PM) (Source: Microsoft-Windows-WLAN-AutoConfig) (EventID: 10003) (User: NT AUTHORITY)
Description: Rozšiřující modul sítě WLAN byl neočekávaně ukončen.

Cesta k modulu: C:\Windows\System32\IWMSSvc.dll

Error: (03/10/2021 11:40:29 PM) (Source: DCOM) (EventID: 10000) (User: )
Description: Nelze spustit server DCOM: {AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}. Došlo k chybě:
%%5 = Přístup byl odepřen.
při provádění příkazu:
C:\Windows\system32\DllHost.exe /Processid:{AB8902B4-09CA-4BB6-B78D-A8F59079A8D5}

Error: (03/10/2021 11:38:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou:
Byl překročen maximální počet tajných údajů, které lze uložit v jednom systému.

Error: (03/10/2021 11:38:10 PM) (Source: Service Control Manager) (EventID: 7006) (User: )
Description: Volání ScRegSetValueExW skončilo neúspěšné pro Start s touto chybou:
Byl překročen maximální počet tajných údajů, které lze uložit v jednom systému.

Error: (03/10/2021 11:31:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Ochrana softwaru byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 120000 milisekund: Restartovat službu.

Error: (03/10/2021 11:31:18 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba Windows Media Player Network Sharing byla nečekaně ukončena. Stalo se to 1 krát. Následující opravná akce bude spuštěna za 30000 milisekund: Restartovat službu.


Windows Defender:
================
Date: 2015-06-25 23:38:42.836
Description:
Prohledávání Windows Defender rozpoznalo spyware nebo jiný potenciálně nežádoucí software.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=166246
Název:Adware:Win32/EoRezo
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Nalezeno v cestě:file:C:\Users\DELL\AppData\Local\Temp\GG6AIQtVONklmYK.exe;process:pid:1996
Typ zjišťování:Konkrétní
Zdroj zjišťování:Ochrana v reálném čase
Stav:Neznámý
Uživatel:\
Název procesu:

Date: 2015-06-25 23:40:19.525
Description:
Prohledávání Windows Defender zjistilo chybu při provádění akce u spywaru nebo jiného potenciálně nežádoucího softwaru.
Další informace:
http://go.microsoft.com/fwlink/?linkid= ... tid=166246
Uživatel:DELL-PC\DELL
Název:Adware:Win32/EoRezo
Závažnost:Vysoké
Kategorie:Software placený zobrazováním reklamy
Cesta:
Akce:Odebrat
Kód chyby:0x80508023
Popis chyby:Programu se nepodařilo najít spyware ani jiný potenciálně nežádoucí software v tomto počítači.
Stav:

==================== Memory info ===========================

BIOS: Dell Inc. A14 04/21/2013
Motherboard: Dell Inc. 04373Y
Processor: Intel(R) Core(TM) i5 CPU M 560 @ 2.67GHz
Percentage of memory in use: 90%
Total physical RAM: 3953.83 MB
Available physical RAM: 393.64 MB
Total Virtual: 7905.81 MB
Available Virtual: 3596.44 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:232.79 GB) (Free:121.33 GB) NTFS

\\?\Volume{0831ed44-00d1-11ea-a46e-806e6f6e6963}\ () (Fixed) (Total:0.1 GB) (Free:0.07 GB) NTFS

==================== MBR & Partition Table ====================

==========================================================
Disk: 0 (MBR Code: Windows 7/8/10) (Size: 232.9 GB) (Disk ID: 69498354)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=232.8 GB) - (Type=07 NTFS)

==================== End of Addition.txt =======================

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15193
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#4 Příspěvek od JaRon »

len pripominam, ze ide o ransomware >> https://howtofix.guide/cadq-virus/ :(
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

LTREVOR
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2006 22:37

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#5 Příspěvek od LTREVOR »

Aexistuje nejaky spusob jak dat notbook do pořadku ? v ramci svych znalosti jsem udelal vse....pak uz jedine preinstalovat system. :(

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15193
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#6 Příspěvek od JaRon »

Pockaj na vyjadrenie kolegu Conder
PC sa da odvirit, je otazne, ci pojdu odkodovat zasifrovane subory :???:
Bude treba zvazit odvirovanie alebo nova instalacia
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

LTREVOR
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2006 22:37

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#7 Příspěvek od LTREVOR »

Zdravim jiz pracuji na reinstal ,zalohu mam ..tohle je pruser to sem fakt nežral :D ASPON sem vyskolenej utorent atd.již nikdy vice.Nastesti tento notas pouzivam jen sporadicky,ale i tak nesnesu pomysleni,ze nekdo ovlada muj stroj..kazdopadne i tak dekuji za vas cas.

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#8 Příspěvek od Conder »

PC mozeme odvirit/vycistit, ale ak si uz spravil reinstall systemu, tak to je tiez riesenie. Kedze pises, ze mas aj zalohu dat, tak netrebujes obnovovat zasifrovane subory?
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

LTREVOR
Návštěvník
Návštěvník
Příspěvky: 25
Registrován: 23 pro 2006 22:37

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#9 Příspěvek od LTREVOR »

Reinstal sem udelal ale zjistil sem že se mi nafaral i do google účtu dle historie prohlížení chtěl se mi nafaratvdo peněženek s kryptem ...aevidentne se mnou neskončil...dnes mi přišel mejl od google s děkováním aktivac google ads...změnil sem heslo aktivoval 2 fa ověření.ale objevil sem mezi doplňky v google jedno rozšíření které není od google a nelze smazat....jestli tam nevlezl tudy.sem s toho hotovej...hromadu fotek sem obětoval diky reinstalu.a teď ještě google.

Uživatelský avatar
JaRon
Moderátor
Moderátor
Příspěvky: 15193
Registrován: 29 bře 2005 13:39
Bydliště: BB-SK

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#10 Příspěvek od JaRon »

pokial sa objavi kolega prescanuj PC s AVPTool a vloz aktualne logy FRST
FRST |ADWCleaner |MBAM |CCleaner |AVPTool

V prípade spokojnosti je možné podporiť fórum
https://platba.viry.cz/payment/

Conder
VIP
VIP
Příspěvky: 4399
Registrován: 30 pro 2013 22:29
Bydliště: Bratislava

Re: prosim o kontrolu napadeno pc ..nezvladam sam si pomoci

#11 Příspěvek od Conder »

Ako pise kolega, preskenuj PC cez AVPTool - Kaspersky Virus Removal Tool (KVRT), prikladam aj podrobnejsi navod pre aktualnu verziu:
Sken cez KVRT: https://www.kaspersky.com/downloads/tha ... moval-tool
Stiahni cez cervene tlacitko "Download Now" a stiahnuty program spusti ako spravca
Odsuhlas licencne podmienky zaskrtnutim obidvoch policok a kliknutim na Accept
Klikni na "Change Parameters", oznac moznost "System Drive" a klikni na OK
Klikin na "Start Scan" a pockaj na dokoncenie skenu
V pripade nalezov urob screenshot/snimku obrazovky - stlac klavesu Print Screen, otvor program Malovani / Skicar, stlac Ctrl+V a uloz obrazok na plochu (KVRT momentalne neumoznuje vytvorit skopirovatelny log)
Nalezy nechaj zmazat - klikni na "Neutralize all" a nasledne na "Continue" (moze byt tiez nutne restartovat PC)
Vytvoreny obrazok posli ako prilohu k dalsiemu prispevku alebo ho nahraj na nejake webove ulozisko a posli odkaz
Absolvent skoly pre novacikov :)
E-mail: conder (zavinac) forum.viry.cz

Ak nieco nie je jasne, pytaj sa. Odporucam mat vzdy zalohovat dolezite data (dokumenty, fotky a ine).

Fixlisty a ine scripty su pisane len pre konkretny PC. Nepouzivajte ich na inych zariadeniach, inak hrozi poskodenie systemu alebo strata dat.
Ak mate podobny problem ako iny uzivatel, prosim, zalozte si vlastnu temu.

V pripade spokojnosti je mozne podporit forum. Dakujeme!

Odpovědět