VIRY.CZ

Dobrý deň, chcel by so vás poprosiť o kontrolu logu.
Budem tu až pred polnocou tak poprosím o odpoveď.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2017-12-04 14:35:27
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 55 GB (44%) free of 125 GB
Total RAM: 2943 MB (65% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 14:35:36, on 4. 12. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskhost.exe
C:\Users\PC\Desktop\Qone8-omiga\RSIT.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [6GV26KRJGM1JV15] "C:\Program Files\D3YPVD9EHP\D3YPVD9EH.exe"
O4 - HKCU\..\Run: [RGV7N05J6YTG72B] "C:\Program Files\BHK09UCEVO\BHK09UCEV.exe"
O4 - HKCU\..\Run: [GQZ59N6N7OMF1PD] "C:\Program Files\LZIUQOXSJ4\LZIUQOXSJ.exe"
O4 - HKCU\..\Run: [RPLO6SUMEF0U9G7] "C:\Program Files\9YBHEM0FHQ\9YBHEM0FH.exe"
O4 - HKCU\..\Run: [7195067] "C:\Users\PC\AppData\Roaming\m05qxa5vept\tryl5gjhloe.exe" /VERYSILENT
O4 - HKCU\..\Run: [2843293] "C:\Users\PC\AppData\Roaming\rrzu0loczpv\las0tdcvh0f.exe" /VERYSILENT
O4 - HKCU\..\Run: [TROWANLIVE.exe] C:\Program Files\HandBrake\WPLRDLMAVE\TROWANLIVE.exe
O4 - HKCU\..\Run: [5446151] "C:\Users\PC\AppData\Roaming\05r25z5yoxo\m5wglmf3pu0.exe" /VERYSILENT
O4 - Startup: Browge.vbs
O8 - Extra context menu item: Download video on this page - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/301
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Download Video - {7B3787CA-BCE0-4526-8780-45616A826124} - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {7B3787CA-BCE0-4526-8780-45616A826124} - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - (no file)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe

--
End of file - 4794 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

"{30628BCD-632F-4698-8E83-0B6597E9100A}"=C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_FF.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08 434712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"6GV26KRJGM1JV15"=C:\Program Files\D3YPVD9EHP\D3YPVD9EH.exe []
"RGV7N05J6YTG72B"=C:\Program Files\BHK09UCEVO\BHK09UCEV.exe []
"GQZ59N6N7OMF1PD"=C:\Program Files\LZIUQOXSJ4\LZIUQOXSJ.exe []
"RPLO6SUMEF0U9G7"=C:\Program Files\9YBHEM0FHQ\9YBHEM0FH.exe []
"7195067"=C:\Users\PC\AppData\Roaming\m05qxa5vept\tryl5gjhloe.exe /VERYSILENT []
"2843293"=C:\Users\PC\AppData\Roaming\rrzu0loczpv\las0tdcvh0f.exe /VERYSILENT []
"TROWANLIVE.exe"=C:\Program Files\HandBrake\WPLRDLMAVE\TROWANLIVE.exe []
"5446151"=C:\Users\PC\AppData\Roaming\05r25z5yoxo\m5wglmf3pu0.exe /VERYSILENT []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi]
C:\Program Files\AVG\Framework\Common\avguirnx.exe [2016-04-22 186640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ptipbmf]
ptipbmf.dll,SetWriteCacheMode []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-03-09 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk]
C:\PROGRA~1\TP-LINK\TP-LIN~1\TWCU.exe [2014-05-23 847872]

C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Browge.vbs

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVDIdle Pro\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Tomabo\Facebook Video Downloader\FacebookVideoDownloader.exe"="C:\Program Files\Tomabo\Facebook Video Downloader\FacebookVideoDownloader.exe:*:Enabled:Facebook Video Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.x264"=x264vfw.dll
"vidc.lags"=lagarith.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2017-12-04 14:06:45 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-12-04 14:06:42 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-12-04 14:06:42 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-12-04 14:06:42 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-12-04 14:06:40 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-12-04 13:51:06 ----D---- C:\ProgramData\daggService
2017-12-04 13:31:34 ----D---- C:\Program Files\WondershareUpdate
2017-12-04 13:26:08 ----D---- C:\ProgramData\GraphicsType
2017-12-04 13:24:52 ----D---- C:\Users\PC\AppData\Roaming\Wondershare
2017-12-04 13:24:52 ----D---- C:\ProgramData\Wondershare
2017-12-04 13:24:52 ----D---- C:\Program Files\Wondershare
2017-12-04 12:50:35 ----D---- C:\ProgramData\MB3CoreBackup
2017-11-30 12:22:44 ----D---- C:\VSO ConvertXtoDVD v7.0.0.40
2017-11-30 12:17:15 ----D---- C:\VSO ConvertXtoVideo Ultimate 2.0.0.82
2017-11-27 16:13:16 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-11-27 16:13:09 ----D---- C:\Program Files\Malwarebytes
2017-11-27 02:42:23 ----SHD---- C:\$RECYCLE.BIN
2017-11-27 02:42:18 ----D---- C:\Windows\temp
2017-11-27 02:42:16 ----A---- C:\ComboFix.txt
2017-11-26 06:18:50 ----D---- C:\OutputFolder
2017-11-26 05:45:30 ----D---- C:\Users\PC\AppData\Roaming\GeoVid
2017-11-26 05:43:13 ----A---- C:\Windows\system32\msvcr71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\msvcp71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\mfc71u.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\mfc71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\atl71.dll
2017-11-26 05:43:12 ----D---- C:\Program Files\GeoVid
2017-11-26 05:43:12 ----A---- C:\Windows\system32\dsetup.dll
2017-11-26 05:38:56 ----D---- C:\Program Files\Free Video Cutter
2017-11-26 05:08:23 ----D---- C:\Program Files\AVISplitter
2017-11-22 05:42:10 ----D---- C:\Windows\system32\EventProviders
2017-11-22 04:52:20 ----A---- C:\Windows\ntbtlog.txt
2017-11-09 06:58:32 ----D---- C:\VEC
2017-11-07 02:24:16 ----D---- C:\Users\PC\AppData\Roaming\GHISLER
2017-11-07 02:15:46 ----N---- C:\Windows\system32\mfc100u.dll

======List of files/folders modified in the last 1 month======

2017-12-04 14:35:30 ----D---- C:\Program Files\trend micro
2017-12-04 14:34:47 ----RD---- C:\Program Files
2017-12-04 14:31:46 ----AD---- C:\ProgramData\TEMP
2017-12-04 14:24:51 ----D---- C:\ProgramData
2017-12-04 14:20:05 ----D---- C:\Windows\system32\drivers
2017-12-04 14:16:35 ----D---- C:\Windows\system32\catroot2
2017-12-04 14:14:39 ----D---- C:\AdwCleaner
2017-12-04 14:11:16 ----D---- C:\Program Files\Mozilla Firefox
2017-12-04 14:05:50 ----SHD---- C:\System Volume Information
2017-12-04 13:54:05 ----D---- C:\Windows\system32\NDF
2017-12-04 13:52:12 ----D---- C:\Windows\Prefetch
2017-12-04 13:50:55 ----D---- C:\Program Files\HandBrake
2017-12-04 13:45:41 ----D---- C:\Users\PC\AppData\Roaming\DMCache
2017-12-04 13:26:07 ----D---- C:\Windows
2017-12-04 13:24:54 ----RSD---- C:\Windows\Fonts
2017-12-04 13:05:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-12-04 05:56:37 ----D---- C:\Users\PC\AppData\Roaming\vlc
2017-12-02 04:38:29 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2017-12-02 04:19:08 ----D---- C:\Windows\System32
2017-12-02 04:19:08 ----D---- C:\Windows\inf
2017-12-02 04:19:08 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-11-30 13:53:05 ----D---- C:\DVD
2017-11-30 12:19:23 ----D---- C:\Users\PC\AppData\Roaming\Vso
2017-11-30 12:19:23 ----A---- C:\Users\PC\AppData\Roaming\inst.exe
2017-11-27 17:59:31 ----D---- C:\Windows\system32\Tasks
2017-11-27 16:13:09 ----D---- C:\ProgramData\Malwarebytes
2017-11-27 15:38:13 ----D---- C:\Windows\Minidump
2017-11-27 13:32:00 ----D---- C:\Windows\system32\drivers\etc
2017-11-27 02:42:19 ----D---- C:\Qoobox
2017-11-27 02:39:39 ----A---- C:\Windows\system.ini
2017-11-27 02:36:04 ----D---- C:\Windows\AppPatch
2017-11-27 02:36:01 ----D---- C:\Program Files\Common Files
2017-11-27 01:51:53 ----D---- C:\ProgramData\DVD Shrink
2017-11-26 06:13:13 ----D---- C:\Program Files\Ultra Video Splitter
2017-11-26 05:45:24 ----SHD---- C:\Windows\Installer
2017-11-26 01:30:02 ----D---- C:\Windows\system32\Macromed
2017-11-26 00:29:00 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-11-20 21:32:20 ----N---- C:\Windows\system32\MpSigStub.exe
2017-11-15 02:11:41 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2017-11-09 11:53:56 ----A---- C:\Windows\IfoEdit.INI
2017-11-09 11:35:18 ----D---- C:\Users\PC\AppData\Roaming\dvdcss
2017-11-09 10:13:46 ----D---- C:\Demux
2017-11-09 08:38:22 ----D---- C:\Users\PC\AppData\Roaming\MPC-HC
2017-11-09 08:31:07 ----D---- C:\Video
2017-11-08 23:29:49 ----D---- C:\Audio
2017-11-07 21:52:00 ----D---- C:\Program Files\Ulozto File Manager
2017-11-07 02:22:03 ----D---- C:\Program Files\Mozilla Thunderbird
2017-11-07 02:17:13 ----D---- C:\Users\PC\AppData\Roaming\Skype
2017-11-07 02:15:59 ----D---- C:\Program Files\Common Files\microsoft shared
2017-11-07 02:15:47 ----A---- C:\Windows\system32\msvcr100.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fasttx2k;fasttx2k; C:\Windows\system32\DRIVERS\fasttx2k.sys [2003-08-06 159744]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 PxHelp20;PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [2005-04-25 20640]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Si3132r5;SiI-3132 SoftRaid 5 Controller; C:\Windows\system32\DRIVERS\Si3132r5.sys [2008-10-09 217128]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-10-09 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2008-10-09 12200]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2015-11-21 170752]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2015-12-21 33408]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-11-01 59896]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2016-01-28 134248]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-12-04 167352]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-12-04 91576]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-12-04 40376]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-12-04 221112]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-12-04 65824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2014-05-23 1445888]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\PC\AppData\Local\Temp\catchme.sys []
S3 cpuz134;cpuz134; \??\C:\Users\PC\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 mvdM23;mvdM23; \??\C:\Users\PC\AppData\Local\Temp\mvdM23.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-03-10 119952]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 daggService;daggService; C:\ProgramData\daggService\daggService.exe [2017-12-04 598016]
R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-06-19 104120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-03 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-03 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 102912]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WsDrvInst;Wondershare Driver Install Service; C:\Program Files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [2017-11-15 89088]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-26 272384]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-06-19 45232]
S4 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2016-04-22 889104]
S4 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe []
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-12-04 175568]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]

-----------------EOF-----------------

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

# AdwCleaner 7.0.5.0 - Logfile created on Tue Dec 05 04:55:17 2017
# Updated on 2017/29/11 by Malwarebytes
# Running on Windows 7 Home Premium (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

No malicious folders deleted.

***** [ Files ] *****

Deleted: C:\Users\PC\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\Browge.vbs


***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0



*************************

C:/AdwCleaner/AdwCleaner[C1].txt - [1241 B] - [2017/11/26 11:49:41]
C:/AdwCleaner/AdwCleaner[C2].txt - [2785 B] - [2017/10/13 17:12:22]
C:/AdwCleaner/AdwCleaner[S0].txt - [1113 B] - [2017/11/26 11:49:5]
C:/AdwCleaner/AdwCleaner[S1].txt - [1205 B] - [2017/11/29 0:44:0]
C:/AdwCleaner/AdwCleaner[S2].txt - [3018 B] - [2017/12/4 13:14:39]
C:/AdwCleaner/AdwCleaner[S3].txt - [1372 B] - [2017/12/5 4:54:40]


########## EOF - C:\AdwCleaner\AdwCleaner[C2].txt ##########


Keď chcem spustiť program vyhodí mi najprv hlášku či to chcem povoliť. Na Opere a Chrome mi nejde Google prehliadač. Vypíše mi že mám nezabezpečené spojenie. Aj vašu stránku musím otvárať na 2x. Nechápem to. Dík za pomoc.

Dejte nový log RSIT.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2017-12-07 00:59:10
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 54 GB (43%) free of 125 GB
Total RAM: 2943 MB (41% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 0:59:20, on 7. 12. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Users\PC\AppData\Local\Vivaldi\Application\update_notifier.exe
C:\Windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Users\PC\Desktop\Qone8-omiga\RSIT.exe
C:\Program Files\trend micro\PC.exe
C:\Windows\system32\SearchFilterHost.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: (no name) - {067DF9EC-26B7-40DC-8DB8-CD8BE85AE367} - (no file)
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [6GV26KRJGM1JV15] "C:\Program Files\D3YPVD9EHP\D3YPVD9EH.exe"
O4 - HKCU\..\Run: [RGV7N05J6YTG72B] "C:\Program Files\BHK09UCEVO\BHK09UCEV.exe"
O4 - HKCU\..\Run: [GQZ59N6N7OMF1PD] "C:\Program Files\LZIUQOXSJ4\LZIUQOXSJ.exe"
O4 - HKCU\..\Run: [RPLO6SUMEF0U9G7] "C:\Program Files\9YBHEM0FHQ\9YBHEM0FH.exe"
O4 - HKCU\..\Run: [7195067] "C:\Users\PC\AppData\Roaming\m05qxa5vept\tryl5gjhloe.exe" /VERYSILENT
O4 - HKCU\..\Run: [2843293] "C:\Users\PC\AppData\Roaming\rrzu0loczpv\las0tdcvh0f.exe" /VERYSILENT
O4 - HKCU\..\Run: [TROWANLIVE.exe] C:\Program Files\HandBrake\WPLRDLMAVE\TROWANLIVE.exe
O4 - HKCU\..\Run: [5446151] "C:\Users\PC\AppData\Roaming\05r25z5yoxo\m5wglmf3pu0.exe" /VERYSILENT
O4 - HKCU\..\Run: [Vivaldi Update Notifier] "C:\Users\PC\AppData\Local\Vivaldi\Application\update_notifier.exe"
O8 - Extra context menu item: Download video on this page - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/301
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Download Video - {7B3787CA-BCE0-4526-8780-45616A826124} - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {7B3787CA-BCE0-4526-8780-45616A826124} - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - (no file)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe

--
End of file - 5145 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

"{30628BCD-632F-4698-8E83-0B6597E9100A}"=C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_FF.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08 434712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"6GV26KRJGM1JV15"=C:\Program Files\D3YPVD9EHP\D3YPVD9EH.exe []
"RGV7N05J6YTG72B"=C:\Program Files\BHK09UCEVO\BHK09UCEV.exe []
"GQZ59N6N7OMF1PD"=C:\Program Files\LZIUQOXSJ4\LZIUQOXSJ.exe []
"RPLO6SUMEF0U9G7"=C:\Program Files\9YBHEM0FHQ\9YBHEM0FH.exe []
"7195067"=C:\Users\PC\AppData\Roaming\m05qxa5vept\tryl5gjhloe.exe /VERYSILENT []
"2843293"=C:\Users\PC\AppData\Roaming\rrzu0loczpv\las0tdcvh0f.exe /VERYSILENT []
"TROWANLIVE.exe"=C:\Program Files\HandBrake\WPLRDLMAVE\TROWANLIVE.exe []
"5446151"=C:\Users\PC\AppData\Roaming\05r25z5yoxo\m5wglmf3pu0.exe /VERYSILENT []
"Vivaldi Update Notifier"=C:\Users\PC\AppData\Local\Vivaldi\Application\update_notifier.exe [2017-11-30 3613768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi]
C:\Program Files\AVG\Framework\Common\avguirnx.exe [2016-04-22 186640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ptipbmf]
ptipbmf.dll,SetWriteCacheMode []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-03-09 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk]
C:\PROGRA~1\TP-LINK\TP-LIN~1\TWCU.exe [2014-05-23 847872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVDIdle Pro\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Tomabo\Facebook Video Downloader\FacebookVideoDownloader.exe"="C:\Program Files\Tomabo\Facebook Video Downloader\FacebookVideoDownloader.exe:*:Enabled:Facebook Video Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.x264"=x264vfw.dll
"vidc.lags"=lagarith.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2017-12-05 05:11:47 ----D---- C:\Users\PC\AppData\Roaming\Avant Downloader
2017-12-05 05:11:25 ----D---- C:\Program Files\Avant Browser
2017-12-04 13:51:06 ----D---- C:\ProgramData\daggService
2017-12-04 13:26:08 ----D---- C:\ProgramData\GraphicsType
2017-12-04 13:24:52 ----D---- C:\Users\PC\AppData\Roaming\Wondershare
2017-12-04 13:24:52 ----D---- C:\ProgramData\Wondershare
2017-12-04 13:24:52 ----D---- C:\Program Files\Wondershare
2017-12-04 12:50:35 ----D---- C:\ProgramData\MB3CoreBackup
2017-11-30 12:22:44 ----D---- C:\VSO ConvertXtoDVD v7.0.0.40
2017-11-30 12:17:15 ----D---- C:\VSO ConvertXtoVideo Ultimate 2.0.0.82
2017-11-27 16:13:16 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-11-27 16:13:09 ----D---- C:\Program Files\Malwarebytes
2017-11-27 02:42:23 ----SHD---- C:\$RECYCLE.BIN
2017-11-27 02:42:18 ----D---- C:\Windows\temp
2017-11-27 02:42:16 ----A---- C:\ComboFix.txt
2017-11-26 06:18:50 ----D---- C:\OutputFolder
2017-11-26 05:45:30 ----D---- C:\Users\PC\AppData\Roaming\GeoVid
2017-11-26 05:43:13 ----A---- C:\Windows\system32\msvcr71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\msvcp71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\mfc71u.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\mfc71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\atl71.dll
2017-11-26 05:43:12 ----D---- C:\Program Files\GeoVid
2017-11-26 05:43:12 ----A---- C:\Windows\system32\dsetup.dll
2017-11-26 05:38:56 ----D---- C:\Program Files\Free Video Cutter
2017-11-26 05:08:23 ----D---- C:\Program Files\AVISplitter
2017-11-22 05:42:10 ----D---- C:\Windows\system32\EventProviders
2017-11-22 04:52:20 ----A---- C:\Windows\ntbtlog.txt
2017-11-09 06:58:32 ----D---- C:\VEC

======List of files/folders modified in the last 1 month======

2017-12-07 00:59:20 ----D---- C:\Windows\Prefetch
2017-12-07 00:59:12 ----D---- C:\Program Files\trend micro
2017-12-07 00:46:58 ----D---- C:\Windows\system32\drivers
2017-12-05 14:47:10 ----SHD---- C:\System Volume Information
2017-12-05 14:46:33 ----D---- C:\Users\PC\AppData\Roaming\DMCache
2017-12-05 06:10:11 ----RD---- C:\Program Files
2017-12-05 05:54:40 ----D---- C:\AdwCleaner
2017-12-05 05:43:30 ----AD---- C:\ProgramData\TEMP
2017-12-04 15:49:58 ----D---- C:\Windows\System32
2017-12-04 15:49:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-04 15:49:57 ----D---- C:\Windows\inf
2017-12-04 14:24:51 ----D---- C:\ProgramData
2017-12-04 14:16:35 ----D---- C:\Windows\system32\catroot2
2017-12-04 14:11:16 ----D---- C:\Program Files\Mozilla Firefox
2017-12-04 13:54:05 ----D---- C:\Windows\system32\NDF
2017-12-04 13:50:55 ----D---- C:\Program Files\HandBrake
2017-12-04 13:26:07 ----D---- C:\Windows
2017-12-04 13:24:54 ----RSD---- C:\Windows\Fonts
2017-12-04 13:05:57 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-12-04 05:56:37 ----D---- C:\Users\PC\AppData\Roaming\vlc
2017-12-02 04:38:29 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2017-11-30 13:53:05 ----D---- C:\DVD
2017-11-30 12:19:23 ----D---- C:\Users\PC\AppData\Roaming\Vso
2017-11-30 12:19:23 ----A---- C:\Users\PC\AppData\Roaming\inst.exe
2017-11-27 17:59:31 ----D---- C:\Windows\system32\Tasks
2017-11-27 16:13:09 ----D---- C:\ProgramData\Malwarebytes
2017-11-27 15:38:13 ----D---- C:\Windows\Minidump
2017-11-27 13:32:00 ----D---- C:\Windows\system32\drivers\etc
2017-11-27 02:42:19 ----D---- C:\Qoobox
2017-11-27 02:39:39 ----A---- C:\Windows\system.ini
2017-11-27 02:36:04 ----D---- C:\Windows\AppPatch
2017-11-27 02:36:01 ----D---- C:\Program Files\Common Files
2017-11-27 01:51:53 ----D---- C:\ProgramData\DVD Shrink
2017-11-26 06:13:13 ----D---- C:\Program Files\Ultra Video Splitter
2017-11-26 05:45:24 ----SHD---- C:\Windows\Installer
2017-11-26 01:30:02 ----D---- C:\Windows\system32\Macromed
2017-11-26 00:29:00 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-11-20 21:32:20 ----N---- C:\Windows\system32\MpSigStub.exe
2017-11-15 02:11:41 ----D---- C:\Users\PC\AppData\Roaming\Mozilla
2017-11-09 11:53:56 ----A---- C:\Windows\IfoEdit.INI
2017-11-09 11:35:18 ----D---- C:\Users\PC\AppData\Roaming\dvdcss
2017-11-09 10:13:46 ----D---- C:\Demux
2017-11-09 08:38:22 ----D---- C:\Users\PC\AppData\Roaming\MPC-HC
2017-11-09 08:31:07 ----D---- C:\Video
2017-11-08 23:29:49 ----D---- C:\Audio

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fasttx2k;fasttx2k; C:\Windows\system32\DRIVERS\fasttx2k.sys [2003-08-06 159744]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 PxHelp20;PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [2005-04-25 20640]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Si3132r5;SiI-3132 SoftRaid 5 Controller; C:\Windows\system32\DRIVERS\Si3132r5.sys [2008-10-09 217128]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-10-09 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2008-10-09 12200]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2015-11-21 170752]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2015-12-21 33408]
R1 MpKslf6950a57;MpKslf6950a57; \??\C:\ProgramData\Microsoft\Microsoft Antimalware\Definition Updates\{88DD018C-3E9D-45A8-B4CE-A5E243C715BE}\MpKslf6950a57.sys [2017-12-07 49504]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2016-01-28 134248]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2014-05-23 1445888]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\PC\AppData\Local\Temp\catchme.sys []
S3 cpuz134;cpuz134; \??\C:\Users\PC\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 mvdM23;mvdM23; \??\C:\Users\PC\AppData\Local\Temp\mvdM23.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-03-10 119952]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-06-19 104120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-03 154440]
S2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-03 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 102912]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WsDrvInst;Wondershare Driver Install Service; C:\Program Files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [2017-11-15 89088]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-26 272384]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-06-19 45232]
S4 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2016-04-22 889104]
S4 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe []
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-12-04 175568]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]

-----------------EOF-----------------

Stáhněte OTM: http://oldtimer.geekstogo.com/OTM.exe a uložte na plochu. Spusťte a do levého okna zkopírujte:

:files
C:\Program Files\D3YPVD9EHP
C:\Program Files\BHK09UCEVO
C:\Program Files\LZIUQOXSJ4
C:\Program Files\9YBHEM0FHQ
C:\Users\PC\AppData\Roaming\m05qxa5vept
C:\Users\PC\AppData\Roaming\rrzu0loczpv
C:\Users\PC\AppData\Roaming\05r25z5yoxo

:reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{067DF9EC-26B7-40DC-8DB8-CD8BE85AE367}]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"6GV26KRJGM1JV15"=--
"RGV7N05J6YTG72B"=-
"GQZ59N6N7OMF1PD"=-
"RPLO6SUMEF0U9G7"=-
"7195067"=-
"2843293"=-
"TROWANLIVE.exe"=-
"5446151"=-

:commands
[Purity]
[Emptytemp]
[Emptyflash]

a klikněte na >MoveIt!<. Po skenu restartujte PC a dejte nový log RSIT.

Zdravím Vás.

Logfile of random's system information tool 1.10 (written by random/random)
Run by PC at 2017-12-09 23:27:08
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 55 GB (44%) free of 125 GB
Total RAM: 2943 MB (64% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 23:27:17, on 9. 12. 2017
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.18057)
Boot mode: Normal

Running processes:
C:\Windows\system32\taskhost.exe
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Program Files\Malwarebytes\Anti-Malware\mbamtray.exe
C:\Windows\notepad.exe
C:\Program Files\Microsoft Security Client\msseces.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Windows\system32\wuauclt.exe
C:\Users\PC\Desktop\Qone8-omiga\RSIT.exe
C:\Program Files\trend micro\PC.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.facebook.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: IDM Helper - {0055C089-8582-441B-A0BF-17B458C2A3A8} - C:\Program Files\Internet Download Manager\IDMIECC.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll
O4 - HKLM\..\Run: [MSC] "C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
O4 - HKLM\..\Run: [Wondershare Helper Compact.exe] C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe
O4 - HKCU\..\Run: [6GV26KRJGM1JV15] --
O4 - HKCU\..\Run: [Vivaldi Update Notifier] "C:\Users\PC\AppData\Local\Vivaldi\Application\update_notifier.exe"
O8 - Extra context menu item: Download video on this page - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300
O8 - Extra context menu item: Download video this links to - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/301
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Download Video - {7B3787CA-BCE0-4526-8780-45616A826124} - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300 (file missing)
O9 - Extra 'Tools' menuitem: Download video on this page - {7B3787CA-BCE0-4526-8780-45616A826124} - res://C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_IE.dll/300 (file missing)
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: WSAllMyTubechrome - {0A0C95CF-A116-4C74 - (no file)
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Malwarebytes Service (MBAMService) - Malwarebytes - C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\servicing\TrustedInstaller.exe,-100 (TrustedInstaller) - Unknown owner - C:\Windows\servicing\TrustedInstaller.exe (file missing)
O23 - Service: Wondershare Driver Install Service (WsDrvInst) - Wondershare - C:\Program Files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe

--
End of file - 4126 bytes

=========Mozilla firefox=========

ProfilePath - C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default

prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "https://www.facebook.com/"

"{30628BCD-632F-4698-8E83-0B6597E9100A}"=C:\Program Files\Tomabo\Facebook Video Downloader\FBVD_FF.xpi


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 27.0.0.187 Plugin
"Path"=C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/DTPlugin,version=11.91.2]
"Description"=Java™ Deployment Toolkit
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npDeployJava1.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@java.com/JavaPlugin,version=11.91.2]
"Description"=Oracle® Next Generation Java™ Plug-In
"Path"=C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.5.1]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.2.6]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll


======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0055C089-8582-441B-A0BF-17B458C2A3A8}]
IDM integration (IDMIEHlprObj Class) - C:\Program Files\Internet Download Manager\IDMIECC.dll [2015-12-08 434712]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{761497BB-D6F0-462C-B6EB-D4DAF1D92D43}]
Java(tm) Plug-In SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\ssv.dll [2016-04-26 462400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre1.8.0_91\bin\jp2ssv.dll [2016-04-26 173120]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"MSC"=C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]
"Wondershare Helper Compact.exe"=C:\Program Files\Common Files\Wondershare\Wondershare Helper Compact\WSHelper.exe []

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"6GV26KRJGM1JV15"=-- []
"Vivaldi Update Notifier"=C:\Users\PC\AppData\Local\Vivaldi\Application\update_notifier.exe [2017-11-30 3613768]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\AvgUi]
C:\Program Files\AVG\Framework\Common\avguirnx.exe [2016-04-22 186640]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\MSC]
C:\Program Files\Microsoft Security Client\msseces.exe [2016-11-14 1002984]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\NeroFilterCheck]
C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2007-03-01 153136]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Ptipbmf]
ptipbmf.dll,SetWriteCacheMode []

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\RtHDVCpl]
C:\Windows\RtHDVCpl.exe [2007-03-09 4390912]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Skytel]
C:\Windows\Skytel.exe [2007-03-09 1822720]

[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^TP-LINK Wireless Configuration Utility.lnk]
C:\PROGRA~1\TP-LINK\TP-LIN~1\TWCU.exe [2014-05-23 847872]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\Windows\system32\wpdshserviceobj.dll [2010-11-20 105984]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{93994DE8-8239-4655-B1D1-5F4E91300429}"=C:\Program Files\DVDIdle Pro\DVDShell.dll [2004-10-09 49152]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MBAMService]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"PromptOnSecureDesktop"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"SynchronousMachineGroupPolicy"=1
"SynchronousUserGroupPolicy"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=149
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"C:\Program Files\Tomabo\Facebook Video Downloader\FacebookVideoDownloader.exe"="C:\Program Files\Tomabo\Facebook Video Downloader\FacebookVideoDownloader.exe:*:Enabled:Facebook Video Downloader"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvyu"=msyuv.dll
"vidc.iyuv"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"vidc.yvu9"=tsbyuv.dll
"msacm.l3acm"=l3codeca.acm
"vidc.cvid"=iccvid.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"vidc.x264"=x264vfw.dll
"vidc.lags"=lagarith.dll
"msacm.divxa32"=DivXa32.acm
"VIDC.FFDS"=ff_vfw.dll
"vidc.XVID"=xvidvfw.dll

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1

======List of files/folders created in the last 1 month======

2017-12-09 23:26:34 ----A---- C:\Windows\system32\drivers\mwac.sys
2017-12-09 23:01:16 ----D---- C:\_OTM
2017-12-09 17:40:14 ----A---- C:\Windows\system32\drivers\mbam.sys
2017-12-09 17:40:09 ----A---- C:\Windows\system32\drivers\MbamChameleon.sys
2017-12-09 17:40:04 ----A---- C:\Windows\system32\drivers\farflt.sys
2017-12-09 17:40:02 ----A---- C:\Windows\system32\drivers\mbamswissarmy.sys
2017-12-05 05:11:47 ----D---- C:\Users\PC\AppData\Roaming\Avant Downloader
2017-12-05 05:11:25 ----D---- C:\Program Files\Avant Browser
2017-12-04 13:51:06 ----D---- C:\ProgramData\daggService
2017-12-04 13:26:08 ----D---- C:\ProgramData\GraphicsType
2017-12-04 13:24:52 ----D---- C:\Users\PC\AppData\Roaming\Wondershare
2017-12-04 13:24:52 ----D---- C:\ProgramData\Wondershare
2017-12-04 13:24:52 ----D---- C:\Program Files\Wondershare
2017-12-04 12:50:35 ----D---- C:\ProgramData\MB3CoreBackup
2017-11-30 12:22:44 ----D---- C:\VSO ConvertXtoDVD v7.0.0.40
2017-11-30 12:17:15 ----D---- C:\VSO ConvertXtoVideo Ultimate 2.0.0.82
2017-11-27 16:13:16 ----A---- C:\Windows\system32\drivers\mbae.sys
2017-11-27 16:13:09 ----D---- C:\Program Files\Malwarebytes
2017-11-27 02:42:23 ----SHD---- C:\$RECYCLE.BIN
2017-11-27 02:42:18 ----D---- C:\Windows\temp
2017-11-27 02:42:16 ----A---- C:\ComboFix.txt
2017-11-26 06:18:50 ----D---- C:\OutputFolder
2017-11-26 05:45:30 ----D---- C:\Users\PC\AppData\Roaming\GeoVid
2017-11-26 05:43:13 ----A---- C:\Windows\system32\msvcr71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\msvcp71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\mfc71u.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\mfc71.dll
2017-11-26 05:43:13 ----A---- C:\Windows\system32\atl71.dll
2017-11-26 05:43:12 ----D---- C:\Program Files\GeoVid
2017-11-26 05:43:12 ----A---- C:\Windows\system32\dsetup.dll
2017-11-26 05:38:56 ----D---- C:\Program Files\Free Video Cutter
2017-11-26 05:08:23 ----D---- C:\Program Files\AVISplitter
2017-11-22 05:42:10 ----D---- C:\Windows\system32\EventProviders
2017-11-22 04:52:20 ----A---- C:\Windows\ntbtlog.txt

======List of files/folders modified in the last 1 month======

2017-12-09 23:27:14 ----D---- C:\Program Files\trend micro
2017-12-09 23:26:35 ----D---- C:\Windows\system32\drivers
2017-12-09 23:24:26 ----D---- C:\Windows\Prefetch
2017-12-09 23:24:19 ----D---- C:\Program Files\Mozilla Firefox
2017-12-09 23:24:17 ----D---- C:\Program Files\Mozilla Maintenance Service
2017-12-09 19:21:56 ----SHD---- C:\System Volume Information
2017-12-07 10:36:10 ----D---- C:\Windows\system32\wdi
2017-12-07 02:11:22 ----D---- C:\Users\PC\AppData\Roaming\vlc
2017-12-05 14:46:33 ----D---- C:\Users\PC\AppData\Roaming\DMCache
2017-12-05 06:10:11 ----RD---- C:\Program Files
2017-12-05 05:54:40 ----D---- C:\AdwCleaner
2017-12-05 05:43:30 ----AD---- C:\ProgramData\TEMP
2017-12-04 15:49:58 ----D---- C:\Windows\System32
2017-12-04 15:49:58 ----A---- C:\Windows\system32\PerfStringBackup.INI
2017-12-04 15:49:57 ----D---- C:\Windows\inf
2017-12-04 14:24:51 ----D---- C:\ProgramData
2017-12-04 14:16:35 ----D---- C:\Windows\system32\catroot2
2017-12-04 13:54:05 ----D---- C:\Windows\system32\NDF
2017-12-04 13:50:55 ----D---- C:\Program Files\HandBrake
2017-12-04 13:26:07 ----D---- C:\Windows
2017-12-04 13:24:54 ----RSD---- C:\Windows\Fonts
2017-12-02 04:38:29 ----D---- C:\Users\PC\AppData\Roaming\uTorrent
2017-11-30 13:53:05 ----D---- C:\DVD
2017-11-30 12:19:23 ----D---- C:\Users\PC\AppData\Roaming\Vso
2017-11-30 12:19:23 ----A---- C:\Users\PC\AppData\Roaming\inst.exe
2017-11-27 17:59:31 ----D---- C:\Windows\system32\Tasks
2017-11-27 16:13:09 ----D---- C:\ProgramData\Malwarebytes
2017-11-27 15:38:13 ----D---- C:\Windows\Minidump
2017-11-27 13:32:00 ----D---- C:\Windows\system32\drivers\etc
2017-11-27 02:42:19 ----D---- C:\Qoobox
2017-11-27 02:39:39 ----A---- C:\Windows\system.ini
2017-11-27 02:36:04 ----D---- C:\Windows\AppPatch
2017-11-27 02:36:01 ----D---- C:\Program Files\Common Files
2017-11-27 01:51:53 ----D---- C:\ProgramData\DVD Shrink
2017-11-26 06:13:13 ----D---- C:\Program Files\Ultra Video Splitter
2017-11-26 05:45:24 ----SHD---- C:\Windows\Installer
2017-11-26 01:30:02 ----D---- C:\Windows\system32\Macromed
2017-11-26 00:29:00 ----A---- C:\Windows\system32\FlashPlayerApp.exe
2017-11-20 21:32:20 ----N---- C:\Windows\system32\MpSigStub.exe
2017-11-15 02:11:41 ----D---- C:\Users\PC\AppData\Roaming\Mozilla

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 fasttx2k;fasttx2k; C:\Windows\system32\DRIVERS\fasttx2k.sys [2003-08-06 159744]
R0 MpFilter;Microsoft Malware Protection Driver; C:\Windows\system32\DRIVERS\MpFilter.sys [2016-08-25 252808]
R0 PxHelp20;PxHelp20; C:\Windows\System32\drivers\PxHelp20.sys [2005-04-25 20640]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R0 Si3132r5;SiI-3132 SoftRaid 5 Controller; C:\Windows\system32\DRIVERS\Si3132r5.sys [2008-10-09 217128]
R0 SiFilter;SATALink driver accelerator; C:\Windows\system32\DRIVERS\SiWinAcc.sys [2008-10-09 17064]
R0 SiRemFil;SATALink External Device Filter; C:\Windows\system32\DRIVERS\SiRemFil.sys [2008-10-09 12200]
R0 snapman;Acronis Snapshots Manager; C:\Windows\system32\DRIVERS\snapman.sys [2015-11-21 170752]
R1 cdrbsdrv;cdrbsdrv; C:\Windows\system32\drivers\cdrbsdrv.sys [2015-12-21 33408]
R1 ESProtectionDriver;Malwarebytes Anti-Exploit; \??\C:\Windows\system32\drivers\mbae.sys [2017-12-05 59896]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 IDMWFP;IDMWFP; C:\Windows\system32\DRIVERS\idmwfp.sys [2016-01-28 134248]
R2 MBAMChameleon;MBAMChameleon; C:\Windows\System32\Drivers\MbamChameleon.sys [2017-12-09 168376]
R2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2007-03-12 1747936]
R3 MBAMFarflt;MBAMFarflt; C:\Windows\system32\DRIVERS\farflt.sys [2017-12-09 91576]
R3 MBAMProtection;MBAMProtection; C:\Windows\system32\DRIVERS\mbam.sys [2017-12-09 40376]
R3 MBAMSwissArmy;MBAMSwissArmy; C:\Windows\System32\Drivers\mbamswissarmy.sys [2017-12-09 221112]
R3 MBAMWebProtection;MBAMWebProtection; C:\Windows\system32\DRIVERS\mwac.sys [2017-12-09 65824]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\Windows\system32\DRIVERS\ASACPI.sys [2004-08-13 5810]
R3 NisDrv;Microsoft Network Inspection System; C:\Windows\system32\DRIVERS\NisDrvWFP.sys [2016-08-25 105696]
R3 NVNET;NVIDIA nForce 10/100 Mbps Ethernet ; C:\Windows\system32\DRIVERS\nvmf6232.sys [2010-08-12 298216]
S3 aic78xx;aic78xx; C:\Windows\system32\drivers\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 athur;Wireless Network Adapter Service; C:\Windows\system32\DRIVERS\athur.sys [2014-05-23 1445888]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-13 229888]
S3 BridgeMP;@%SystemRoot%\system32\bridgeres.dll,-1; C:\Windows\system32\DRIVERS\bridge.sys [2009-07-14 78336]
S3 BthEnum;Bluetooth Enumerator Service; C:\Windows\system32\DRIVERS\BthEnum.sys [2009-07-14 34816]
S3 BthPan;Bluetooth Device (Personal Area Network); C:\Windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
S3 BTHPORT;Bluetooth Port Driver; C:\Windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 BTHUSB;Bluetooth Radio USB Driver; C:\Windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
S3 catchme;catchme; \??\C:\Users\PC\AppData\Local\Temp\catchme.sys []
S3 cpuz134;cpuz134; \??\C:\Users\PC\AppData\Local\Temp\cpuz134\cpuz134_x32.sys []
S3 dg_ssudbus;SAMSUNG Mobile USB Composite Device Driver (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudbus.sys [2014-01-22 88576]
S3 mvdM23;mvdM23; \??\C:\Users\PC\AppData\Local\Temp\mvdM23.sys []
S3 NVENETFD;NVIDIA nForce Networking Controller Driver; C:\Windows\system32\DRIVERS\nvm62x32.sys [2009-07-13 347264]
S3 pciide;pciide; C:\Windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RdpVideoMiniport;Remote Desktop Video Miniport Driver; C:\Windows\System32\drivers\rdpvideominiport.sys [2012-08-23 14848]
S3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\Windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 ssudmdm;SAMSUNG Mobile USB Modem Drivers (DEVGURU Ver.); C:\Windows\system32\DRIVERS\ssudmdm.sys [2014-01-22 184192]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\Windows\System32\drivers\tsusbflt.sys [2013-10-02 49152]
S3 TsUsbGD;Remote Desktop Generic USB Device; C:\Windows\system32\drivers\TsUsbGD.sys [2010-11-20 27264]
S3 usb_rndisx;USB RNDIS Adapter; C:\Windows\system32\DRIVERS\usb8023x.sys [2013-02-12 15872]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\drivers\viac7.sys [2009-07-14 52736]
S3 wdm_usb;wdm_usb; C:\Windows\system32\DRIVERS\usb2ser.sys [2016-03-10 119952]
S3 WinUsb;WinUsb; C:\Windows\system32\DRIVERS\WinUsb.sys [2010-11-20 35968]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 DiagTrack;@%SystemRoot%\system32\UtcResources.dll,-3001; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;Malwarebytes Service; C:\Program Files\Malwarebytes\Anti-Malware\mbamservice.exe [2017-11-01 4563920]
R2 MsMpSvc;Microsoft Antimalware Service; C:\Program Files\Microsoft Security Client\MsMpEng.exe [2016-11-14 103696]
R3 NisSrv;@C:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; C:\Program Files\Microsoft Security Client\NisSrv.exe [2016-11-14 280864]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2015-06-19 104120]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-03 154440]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2017-01-16 317400]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2016-05-03 154440]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\Windows\system32\IEEtwCollector.exe [2015-09-16 102912]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-06-29 800040]
S3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-06-27 279848]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WsDrvInst;Wondershare Driver Install Service; C:\Program Files\Wondershare\Wondershare Video Converter Ultimate\Transfer\DriverInstall.exe [2017-11-15 89088]
S4 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2015-09-14 82128]
S4 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2017-11-26 272384]
S4 aspnet_state;ASP.NET State Service; C:\Windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2015-06-19 45232]
S4 avgsvc;AVG Service; C:\Program Files\AVG\Framework\Common\avgsvcx.exe [2016-04-22 889104]
S4 DigitalWave.Update.Service;Digital Wave Update Service; C:\Program Files\Common Files\DVDVideoSoft\lib\app_updater.exe []
S4 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2017-12-09 175568]
S4 NetMsmqActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetPipeActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]
S4 NetTcpActivator;@C:\Windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\Windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2015-06-19 135848]

-----------------EOF-----------------

Keď zapnem nejaký program tak mi vyskočí táto hláška.

Mně to dělá také. To je v sedmičkách a vyšších normální. Systém se ubezpečuje, že jste to byl vy, kdo ten program spustil. Je to jeho defaultní nastavení.

Ale pre asi dvomi týždňami mi to nerobilo. Niečo sa mi do PC dostalo a odvtedy mi vyskakujú tie hlášky.
A ešte sa chcem spýtať v Opere a Chrome mi nejde Google vyskočí mi že spojenie nie súkromné. nechápem.

Ďakujem za pomoc.

Zkusíme prohlížeče vyčistit. Spusťte postupně tyto utility:

1. Stahnete Zoek.exe http://download.bleepingcomputer.com/smeenk/zoek.exe a ulozte jej na plochu

Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
Do okna vlozte skript nize

autoclean;
resethosts;
emptyclsid;
IEdefaults;
FFdefaults;
CHRdefaults;
emptyIEcache;
emptyFFcache;
emptyCHRcache;
emptyalltemp;
emptyflash;
emptyjava;
emptyrecycle.bin;

Nasledne kliknete na Run Script
PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem.

a

2. Junkware removal tool: http://www.stahuj.centrum.cz/utility_a_ ... oval-tool/
•Ulozte nejlepe na plochu
•Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
•Probehne vytvoreni zalohy a nasledne prohledavani
•Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte.

Tu je log zo Zoek


Zoek.exe v5.0.0.1 Updated 24-October-2017
Tool run by PC on pi 15. 12. 2017 at 23:48:58,92.
Microsoft Windows 7 Home Premium 6.1.7601 Service Pack 1 x86
Running in: Normal Mode No Internet Access Detected
Launched: C:\Users\PC\Downloads\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

15. 12. 2017 23:52:54 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Deleting CLSID Registry Keys ======================


==== Deleting CLSID Registry Values ======================

HKEY_LOCAL_MACHINE\software\mozilla\Firefox\extensions\{30628BCD-632F-4698-8E83-0B6597E9100A} deleted successfully

==== FireFox Fix ======================

Deleted from C:\Users\PC\AppData\Roaming\Profiles\Thaqageckawock.default\prefs.js:

Added to C:\Users\PC\AppData\Roaming\Profiles\Thaqageckawock.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\prefs.js:
user_pref("browser.startup.homepage", "https://www.facebook.com/");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\md4z14j8.default\prefs.js:
user_pref("browser.startup.homepage", "www.facebook.com");

Added to C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\md4z14j8.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\mghvy1ul.default\prefs.js:

Added to C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\mghvy1ul.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\tbq0q0r4.default\prefs.js:

Added to C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\tbq0q0r4.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

Deleted from C:\Users\PC\AppData\Local\QupZilla\profiles\default\prefs.js:

Added to C:\Users\PC\AppData\Local\QupZilla\profiles\default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Profiles\Thaqageckawock.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\md4z14j8.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\mghvy1ul.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Roaming\Thunderbird\Profiles\tbq0q0r4.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

ProfilePath: C:\Users\PC\AppData\Local\QupZilla\profiles\default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_CURRENT_USER\Software\Mozilla\Firefox\Extensions]
"mozilla_cc2@internetdownloadmanager.com"="C:\Program Files\Internet Download Manager\idmmzcc2.xpi" [27. 01. 2016 13:26]

==== Firefox Extensions ======================

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default
- Undetermined - %ProfilePath%\extensions\enhancerforyoutube@maximerf.addons.mozilla.org.xpi
- Undetermined - %ProfilePath%\extensions\sko-extension@firma.seznam.cz.xpi
- Undetermined - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi
- Undetermined - %ProfilePath%\extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}.xpi

ProfilePath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\md4z14j8.default
- Hola Better Internet - %ProfilePath%\extensions\jid1-4P0kohSJxU1qGg@jetpack
- Adblock Plus - %ProfilePath%\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi

AppDir: C:\Program Files\Mozilla Firefox
- Undetermined - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}.xpi

==== Firefox Plugins ======================

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default
26CE103515C71F535C74EBF87EE99A64 - C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll - Shockwave Flash
BEAF98A3FFC5D4044CF196438EF3AE96 - C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.910.14
02C26C61FB7527DFAFABD4E7BD72F475 - C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U91
B7CA365E7F1BECCE849FF6D390F16DCE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
6745B601D1F1FAB82C7AF08B20250D85 - C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll - Google Update

Profilepath: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\md4z14j8.default
B7CA365E7F1BECCE849FF6D390F16DCE - C:\Program Files\VideoLAN\VLC\npvlc.dll - VLC Web Plugin
02C26C61FB7527DFAFABD4E7BD72F475 - C:\Program Files\Java\jre1.8.0_91\bin\plugin2\npjp2.dll - Java(TM) Platform SE 8 U91
BEAF98A3FFC5D4044CF196438EF3AE96 - C:\Program Files\Java\jre1.8.0_91\bin\dtplugin\npdeployJava1.dll - Java Deployment Toolkit 8.0.910.14


==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.facebook.com/"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}] not found

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes]
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"

==== All HKLM and HKCU SearchScopes ======================

HKLM\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKLM\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
HKCU\SearchScopes "DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
HKCU\SearchScopes\{03FD1743-24B3-48F4-8BC7-A1AE3E7DC849} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A} - http://www.bing.com/search?q={searchTer ... ORM=IE8SRC
HKCU\SearchScopes\{11273F80-8252-4067-BD0C-154B121C0BD3} - http://encyklopedie.seznam.cz/search?q= ... arch_12454
HKCU\SearchScopes\{13A68EF7-5F40-4081-9C47-77B2A35EDCED} - http://www.zbozi.cz/?q={searchTerms}&r= ... arch_12454
HKCU\SearchScopes\{27D6BE9C-C20D-46AA-8A8C-927CF3D4182E} - http://slovnik.seznam.cz/?q={searchTerm ... arch_12454
HKCU\SearchScopes\{5650A616-1D21-4BC5-935A-69B1FA2AACBD} - http://www.novinky.cz/hledej?w={searchT ... arch_12454
HKCU\SearchScopes\{5DCB6A9A-4A6E-48FB-9F48-86C070911D1F} - http://www.mapy.cz/?query={searchTerms} ... arch_12454
HKCU\SearchScopes\{66090E0D-0EE8-4F98-80D2-E642A073B220} - http://www.bing.com/search?q={searchTer ... DF&pc=MSSE
HKCU\SearchScopes\{6D4492C6-1A6C-4FC6-8264-FDA294859670} - http://tv.seznam.cz/hledej?w={searchTer ... arch_12454
HKCU\SearchScopes\{C8497349-0A6E-47E6-966D-6FA5259E2E23} - http://www.firmy.cz/?q={searchTerms}&so ... arch_12454

==== Reset Google Chrome ======================

C:\Users\PC\AppData\Local\Chromium\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Chromium\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Preferences was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Secure Preferences was reset successfully
C:\Users\PC\AppData\Local\Vivaldi\User Data\Default\Preferences was reset successfully
C:\Users\PC\AppData\Local\Vivaldi\User Data\Default\Secure Preferences was reset successfully
C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Preferences was reset successfully
C:\Users\PC\AppData\Local\Chromium\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Chromium\User Data\Default\Web Data-journal was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Web Data-journal was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data was reset successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Web Data-journal was reset successfully
C:\Users\PC\AppData\Local\Vivaldi\User Data\Default\Web Data was reset successfully
C:\Users\PC\AppData\Local\Vivaldi\User Data\Default\Web Data-journal was reset successfully
C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Web Data was reset successfully
C:\Users\PC\AppData\Roaming\Opera Software\Opera Stable\Web Data-journal was reset successfully

==== Empty IE Cache ======================

C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully

==== Empty FireFox Cache ======================

C:\Users\PC\AppData\Local\Mozilla\Firefox\Profiles\cwaj6mfm.default\cache2 emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++1xdpv.xyz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++1xkgo.xyz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++application-77my.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++asset.easydmp.net\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++digitalnagaraz.withgoogle.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++focus.ua\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++fr.tennistemple.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++hqcollect.tv\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++mpc-hc.org\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++openload.co\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++parlamentnelisty.pushcrew.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++plus.google.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++prosvet.cz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++psych.interez.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++rompilsy.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++rutube.ru\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++shiltirs.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++sk.pinterest.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++sk.pixiz.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++skladovky.cz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++skrz.cz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++spisiakoviny.eu\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++spravy.aktuality.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++steamgifts.co\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++topwar.ru\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++twitter.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++vz.ru\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.acunn.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.aktuality.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.argumentor.cz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.auto-rental.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.cas.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.krizovkarskyslovnik.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.leovegas.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.letemsvetemapplem.eu\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.ntv.com.tr\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.online-earning.co\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.pinterest.co.uk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.pinterest.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.porndig.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.startv.com.tr\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.svetandroida.cz\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.theguardian.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.thehollywoodgossip.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.webnoviny.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++www.youtube.com\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++zdravie.aktuality.sk\cache emptied successfully
C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\storage\default\https+++zoajetose.com\cache will be emptied at reboot

==== Empty Chrome Cache ======================

C:\Users\PC\AppData\Local\Opera Software\Opera Stable\Cache emptied successfully
C:\Users\PC\AppData\Local\Chromium\User Data\Default\Cache emptied successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
C:\Users\PC\AppData\Local\Google\Chrome\User Data\Profile 2\Cache emptied successfully
C:\Users\PC\AppData\Local\Vivaldi\User Data\Default\Cache emptied successfully

==== Empty All Flash Cache ======================

Flash Cache is not empty, a reboot is needed

==== Empty All Java Cache ======================

No Java Cache Found

==== C:\zoek_backup content ======================

C:\zoek_backup (files=0 folders=0 0 bytes)

==== Empty Temp Folders ======================

C:\Users\Default\AppData\Local\temp emptied successfully
C:\Users\Default User\AppData\Local\temp emptied successfully
C:\Users\PC\AppData\Local\temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot

==== After Reboot ======================

==== Empty Temp Folders ======================

C:\Windows\Temp successfully emptied
C:\Users\PC\AppData\Local\Temp successfully emptied

==== Empty Recycle Bin ======================

C:\$RECYCLE.BIN successfully emptied

==== Deleting Files / Folders ======================

"C:\Users\PC\AppData\Roaming\Macromedia\Flash Player\#SharedObjects\SYPYL6M7\www.nudezz.com" not found

==== EOF on so 16. 12. 2017 at 0:00:34,31 ======================

Zoek něco smazal. A Junkware?

Zdravím, sorry ale nemál som čas.

Tu je log z Junkware

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Malwarebytes
Version: 8.1.4 (07.09.2017)
Operating System: Windows 7 Home Premium x86
Ran by PC (Administrator) on so 30. 12. 2017 at 5:09:43,60
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




File System: 10

Failed to delete: C:\Windows\System32\wscm32.dll (File)
Successfully deleted: C:\Users\PC\AppData\Roaming\Mozilla\Firefox\Profiles\cwaj6mfm.default\extensions\artur.dubovoy@gmail.com.xpi (File)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AJ6I563 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q4YWWXMF (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S545A0A1 (Temporary Internet Files Folder)
Successfully deleted: C:\Users\PC\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VD0X4FU5 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\9AJ6I563 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\Q4YWWXMF (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\S545A0A1 (Temporary Internet Files Folder)
Successfully deleted: C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\VD0X4FU5 (Temporary Internet Files Folder)



Registry: 0





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on so 30. 12. 2017 at 5:13:42,80
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

OK. Oba něco smazaly. Změnilo se něco k lepšímu?