Sekaní ntb a firefoxu

Zpráva

wilgefortz · #1 Příspěvek od **wilgefortz** » 13 lis 2017 23:52

Ahoj občas se mi nechutně sekne Firefox, mizely mi seznamy filtrů v Adblocku. Někdy po naběhnutí systému nejde procházet složky v průzkumníku.

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 12-11-2017 03
Ran by Ivčík (administrator) on IVČÍK-PC (13-11-2017 22:49:33)
Running from C:\Users\Ivčík\Desktop
Loaded Profiles: Ivčík (Available Profiles: Ivčík)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(Microsoft Corporation) C:\Windows\System32\UI0Detect.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7399968 2009-04-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824 2009-02-06] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [487424 2009-08-19] (Acer Incorporated)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-01] (NewTech Infosystems, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-12] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [186912 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Panda Security Toolbar Antiphishing] => C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe [449192 2010-10-24] (Visicom Media Inc.)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [] => [X]
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [645768 2017-10-30] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [430080 2009-04-03] (Acer)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-11-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2C331E71-5D29-4927-94D4-3273C87C1EF8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0510&m=aspire_5810t
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.centrum.cz/
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ378
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ378
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {BBAEC3F8-7F51-44D3-9BCD-472A42E97CBE} URL = hxxp://www.slovnik-cizich-slov.cz/?q={searchTerms}&typ=0
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-19] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll [2008-07-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ivčík\AppData\Roaming\TomTom\HOME\Profiles\l33sztk5.default [2016-10-26]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default [2017-11-13]
FF Homepage: Mozilla\Firefox\Profiles\yjp5y24n.default -> hxxp://www.centrum.cz/
FF Session Restore: Mozilla\Firefox\Profiles\yjp5y24n.default -> is enabled.
FF Extension: (I don't care about cookies) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2017-09-14]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-13]
FF Extension: (Adblock Plus) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-09]
FF Extension: (DownThemAll!) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-05-28]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-17] [not signed]
FF HKLM\...\Firefox\Extensions: [widgetruntime@surfsecret.com] - C:\Program Files\Panda Security\Panda ID Protect\Firefox
FF Extension: (Panda Identity Protect) - C:\Program Files\Panda Security\Panda ID Protect\Firefox [2010-11-04] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_183.dll [2017-10-25] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-07-28] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-08-10] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [688128 2009-08-19] (Acer Incorporated) [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-07-28] (WildTangent)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [54528 2009-04-01] (NewTech Infosystems, Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [125472 2009-09-04] (Acer Incorporated)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 PSI_SVC_2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2009-02-05] (Acer Incorporated) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [154760 2017-10-30] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [57344 2009-11-13] (Atheros Communications, Inc.)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [181384 2017-10-30] (Sandboxie Holdings, LLC)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-13 22:49 - 2017-11-13 22:51 - 000017502 _____ C:\Users\Ivčík\Desktop\FRST.txt
2017-11-08 13:28 - 2017-11-08 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2017-11-05 20:04 - 2017-11-05 20:04 - 000000000 ____D C:\Users\Ivčík\AppData\Local\CrashDumps
2017-10-29 23:31 - 2017-10-29 23:43 - 000000000 ____D C:\uklid brr
2017-10-19 16:23 - 2017-10-19 16:23 - 000000000 ____D C:\Program Files\Common Files\Java

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-13 22:50 - 2010-05-17 20:59 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-13 22:50 - 2010-05-17 20:59 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-13 22:49 - 2016-11-19 23:59 - 000000000 ____D C:\Users\Ivčík\AppData\LocalLow\Mozilla
2017-11-13 22:49 - 2016-10-27 20:35 - 000000000 ____D C:\FRST
2017-11-13 22:45 - 2016-10-28 23:09 - 001788928 _____ (Farbar) C:\Users\Ivčík\Desktop\FRST.exe
2017-11-13 09:25 - 2010-05-17 21:36 - 001591910 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-13 09:25 - 2009-07-14 09:44 - 000672084 _____ C:\Windows\system32\perfh005.dat
2017-11-13 09:25 - 2009-07-14 09:44 - 000142648 _____ C:\Windows\system32\perfc005.dat
2017-11-13 09:25 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-11-13 09:21 - 2010-11-04 19:19 - 000000000 ____D C:\ProgramData\Panda Security Toolbar Antiphishing
2017-11-13 09:20 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-08 12:27 - 2017-02-05 00:49 - 000001764 _____ C:\Windows\Sandboxie.ini
2017-11-05 20:10 - 2017-07-07 12:19 - 000000000 ____D C:\Users\Ivčík\AppData\Local\Zoner
2017-11-04 08:46 - 2017-02-20 09:29 - 000000000 ____D C:\Program Files\TeamViewer
2017-11-03 23:55 - 2017-05-27 01:57 - 000000000 ____D C:\Users\Ivčík\AppData\Roaming\vlc
2017-11-03 22:09 - 2016-02-01 15:04 - 000000000 ____D C:\Users\Ivčík\Desktop\Blanik
2017-10-30 22:50 - 2016-09-18 20:52 - 000000000 ____D C:\JUPIK
2017-10-28 17:53 - 2017-06-14 13:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-28 17:53 - 2013-04-04 21:31 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-10-25 13:38 - 2010-05-08 16:24 - 000000000 ____D C:\Users\Ivčík\AppData\Local\VirtualStore
2017-10-25 11:39 - 2012-05-07 09:26 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-10-25 11:39 - 2012-05-07 09:26 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-10-25 11:39 - 2009-04-01 01:01 - 000000000 ____D C:\Windows\system32\Macromed
2017-10-25 11:35 - 2017-02-05 12:05 - 000000000 ____D C:\2016_01_16 BRR
2017-10-22 09:52 - 2010-11-04 17:08 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-20 18:31 - 2017-02-20 09:29 - 000000000 ____D C:\Users\Ivčík\AppData\Roaming\TeamViewer
2017-10-20 16:17 - 2014-03-11 20:21 - 000000000 ____D C:\FOTO
2017-10-20 10:04 - 2016-02-17 22:51 - 000000000 ____D C:\FILM
2017-10-19 16:24 - 2015-01-17 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-19 16:24 - 2014-08-13 19:53 - 000000000 ____D C:\Program Files\Java
2017-10-19 16:24 - 2013-10-05 10:07 - 000000000 ____D C:\ProgramData\Oracle
2017-10-19 16:22 - 2015-04-21 07:55 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-10-17 12:14 - 2017-01-07 21:18 - 000000000 ____D C:\navody manual

==================== Files in the root of some directories =======

2010-11-04 18:13 - 2010-11-04 18:14 - 000005251 _____ () C:\Users\Ivčík\AppData\Local\MyWinLockerInstaller.txt-20101104.log
2017-04-06 13:55 - 2017-04-06 13:55 - 000002596 _____ () C:\Users\Ivčík\AppData\Local\recently-used.xbel
2017-02-13 23:42 - 2017-02-13 23:42 - 000148736 _____ (Avanquest Software) C:\ProgramData\hpeAAA5.dll

Files to move or delete:
====================
C:\ProgramData\hpeAAA5.dll

Some files in TEMP:
====================
2017-11-08 12:27 - 2017-11-08 12:28 - 008980104 _____ (Sandboxie Holdings, LLC) C:\Users\Ivčík\AppData\Local\Temp\SandboxieInstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-09 14:21

==================== End of FRST.txt ============================

#2 Příspěvek od **Rudy** » 14 lis 2017 18:43

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan<(hledání) a pak na >Clean< (mazání).
Proběhne skenováni a pak se objeví log, který sem vložte.

wilgefortz · #3 Příspěvek od **wilgefortz** » 14 lis 2017 23:23

# AdwCleaner 7.0.4.0 - Logfile created on Tue Nov 14 22:19:05 2017
# Updated on 2017/27/10 by Malwarebytes
# Running on Windows 7 Home Premium (X86)
# Mode: clean
# Support: https://www.malwarebytes.com/support

***** [ Services ] *****

No malicious services deleted.

***** [ Folders ] *****

Deleted: C:\ProgramData\ICQ\ICQNewTab
Deleted: C:\ProgramData\Application Data\ICQ\ICQNewTab
Deleted: C:\Users\All Users\ICQ\ICQNewTab

***** [ Files ] *****

No malicious files deleted.

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks deleted.

***** [ Registry ] *****

No malicious registry entries deleted.

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries deleted.

***** [ Chromium (and derivatives) ] *****

No malicious Chromium entries deleted.

*************************

::Tracing keys deleted
::Winsock settings cleared
::Additional Actions: 0

*************************

C:/AdwCleaner/AdwCleaner[C0].txt - [5796 B] - [2016/10/28 10:21:37]
C:/AdwCleaner/AdwCleaner[S0].txt - [6098 B] - [2016/10/28 10:19:59]
C:/AdwCleaner/AdwCleaner[S1].txt - [1237 B] - [2017/11/14 22:18:17]

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt ##########

#4 Příspěvek od **Rudy** » 15 lis 2017 19:07

Dejte nový log FRST.

wilgefortz · #5 Příspěvek od **wilgefortz** » 16 lis 2017 16:51

Ahoj,
Přikládám nový log + addition.zip :

Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version: 15-11-2017
Ran by Ivčík (administrator) on IVČÍK-PC (16-11-2017 16:23:10)
Running from C:\Users\Ivčík\Desktop
Loaded Profiles: Ivčík (Available Profiles: Ivčík)
Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: FF)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieSvc.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\dsiwmis.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe
(Intel(R) Corporation) C:\Program Files\Intel\WiFi\bin\EvtEng.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe
() C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
(arvato digital services llc) C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe
(Intel(R) Corporation) C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe
(Acer Incorporated) C:\Program Files\Acer\Acer VCM\RS_Service.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTmon.exe
(Microsoft Corporation) C:\Windows\System32\wlanext.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer.exe
(TeamViewer GmbH) C:\Program Files\TeamViewer\tv_w32.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(NewTech Infosystems, Inc.) C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe
(Intel Corporation) C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
() C:\Windows\PLFSetI.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
(Intel Corporation) C:\Windows\System32\igfxsrvc.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Dritek System Inc.) C:\Program Files\Launch Manager\LManager.exe
(Acer Incorporated) C:\Program Files\Acer\Optical Drive Power Management\ODDPWR.exe
(Visicom Media Inc.) C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe
(Elaborate Bytes AG) C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe
(Oracle Corporation) C:\Program Files\Common Files\Java\Java Update\jusched.exe
(Sandboxie Holdings, LLC) C:\Program Files\Sandboxie\SbieCtrl.exe
(ZONER software) C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTray.exe
(Microsoft Corporation) C:\Windows\System32\wbem\unsecapp.exe
(Broadcom Corporation.) C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe
(Microsoft Corporation) C:\Windows\ehome\ehmsas.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTray.exe
(Intel Corporation) C:\Windows\System32\igfxext.exe
(Acer Incorporated) C:\Program Files\Acer\Acer PowerSmart Manager\ePowerEvent.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe
(Mozilla Corporation) C:\Program Files\Mozilla Firefox\firefox.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [7399968 2009-04-11] (Realtek Semiconductor)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [1430824 2009-02-06] (Synaptics Incorporated)
HKLM\...\Run: [Acer ePower Management] => C:\Program Files\Acer\Acer PowerSmart Manager\ePowerTrayLauncher.exe [487424 2009-08-19] (Acer Incorporated)
HKLM\...\Run: [BackupManagerTray] => C:\Program Files\NewTech Infosystems\Acer Backup Manager\BackupManagerTray.exe [249600 2009-04-01] (NewTech Infosystems, Inc.)
HKLM\...\Run: [IAAnotif] => C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [186904 2009-02-12] (Intel Corporation)
HKLM\...\Run: [PLFSetI] => C:\Windows\PLFSetI.exe [200704 2008-07-29] ()
HKLM\...\Run: [GrooveMonitor] => C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-26] (Microsoft Corporation)
HKLM\...\Run: [LManager] => C:\Program Files\Launch Manager\LManager.exe [1194504 2009-08-27] (Dritek System Inc.)
HKLM\...\Run: [ODDPwr] => C:\Program Files\Acer\Optical Drive Power Management\ODDPwr.exe [186912 2009-09-04] (Acer Incorporated)
HKLM\...\Run: [Panda Security Toolbar Antiphishing] => C:\ProgramData\Panda Security Toolbar Antiphishing\panda2_0dn.exe [449192 2010-10-24] (Visicom Media Inc.)
HKLM\...\Run: [VirtualCloneDrive] => C:\Program Files\Elaborate Bytes\VirtualCloneDrive\VCDDaemon.exe [88984 2013-03-10] (Elaborate Bytes AG)
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [ehTray.exe] => C:\Windows\ehome\ehTray.exe [144384 2010-11-20] (Microsoft Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [] => [X]
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [TomTomHOME.exe] => "C:\Program Files\TomTom HOME 2\TomTomHOMERunner.exe" -s
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [645768 2017-10-30] (Sandboxie Holdings, LLC)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [Zoner Photo Studio Autoupdate] => C:\Program Files\Zoner\Photo Studio 17\Program32\ZPSTRAY.EXE [563416 2015-07-12] (ZONER software)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Control Panel\Desktop\\SCRNSAVE.EXE -> C:\Windows\System32\Acer.scr [430080 2009-04-03] (Acer)
HKU\S-1-5-18\...\RunOnce: [SPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2013-05-19] (Microsoft Corporation)
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Bluetooth.lnk [2010-11-04]
ShortcutTarget: Bluetooth.lnk -> C:\Program Files\WIDCOMM\Bluetooth Software\BTTray.exe (Broadcom Corporation.)
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{10FAFB6D-C08D-4BF5-AC21-787996885DD4}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{2C331E71-5D29-4927-94D4-3273C87C1EF8}: [DhcpNameServer] 10.0.0.138

Internet Explorer:
==================
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://homepage.acer.com/rdr.aspx?b=ACAW&l=0405&s=2&o=vp32&d=0510&m=aspire_5810t
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.centrum.cz/
SearchScopes: HKLM -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKLM -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... lz=1I7ACAW
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ378
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL = hxxp://www.google.com/search?sourceid=ie7&q={s ... AW_csCZ378
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {BBAEC3F8-7F51-44D3-9BCD-472A42E97CBE} URL = hxxp://www.slovnik-cizich-slov.cz/?q={searchTerms}&typ=0
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-26] (Microsoft Corporation)
BHO: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files\Java\jre1.8.0_151\bin\ssv.dll [2017-10-19] (Oracle Corporation)
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
BHO: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files\Java\jre1.8.0_151\bin\jp2ssv.dll [2017-10-19] (Oracle Corporation)
BHO: Adblock Plus for IE Browser Helper Object -> {FFCB3198-32F3-4E8B-9539-4324694ED664} -> C:\Program Files\Adblock Plus for IE\AdblockPlus32.dll [2017-01-03] (Eyeo GmbH)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
DPF: {C345E174-3E87-4F41-A01C-B066A90A49B4} hxxp://trial.trymicrosoftoffice.com/trialoaa/buymsoffice_assets/framework/microsoft/wrc32.ocx
DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
DPF: {E2883E8F-472F-4FB0-9522-AC9BF37916A7} hxxp://platformdl.adobe.com/NOS/getPlusPlus/1.6/gp.cab
DPF: {F680B28A-3AEE-4C88-93ED-45AE9215C128} hxxps://adisepo.mfcr.cz/adistc/adis/idpr_pub/xspa/bin/cryptsignx.cab
Handler: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\Program Files\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-26] (Microsoft Corporation)
Handler: ms-itss - {0A9007C0-4076-11D3-8789-0000F8105754} - c:\Program Files\Common Files\Microsoft Shared\Information Retrieval\msitss.dll [2007-06-09] (Microsoft Corporation)
Handler: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files\Acer\Acer VCM\Skype4COM.dll [2008-07-02] (Skype Technologies)

FireFox:
========
FF ProfilePath: C:\Users\Ivčík\AppData\Roaming\TomTom\HOME\Profiles\l33sztk5.default [2016-10-26]
FF Extension: (No Name) - C:\Program Files\TomTom HOME 2\xul\extensions\MapShare-status@tomtom.com [not found]
FF ProfilePath: C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default [2017-11-16]
FF Homepage: Mozilla\Firefox\Profiles\yjp5y24n.default -> hxxp://www.centrum.cz/
FF Session Restore: Mozilla\Firefox\Profiles\yjp5y24n.default -> is enabled.
FF Extension: (I don't care about cookies) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\jid1-KKzOGWgsW3Ao4Q@jetpack.xpi [2017-09-14]
FF Extension: (Safe Browsing Version 4 (temporary add-on)) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\sbv4-gradual-rollout@mozilla.com.xpi [2017-10-13] [Legacy]
FF Extension: (Adblock Plus) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2017-11-09]
FF Extension: (DownThemAll!) - C:\Users\Ivčík\AppData\Roaming\Mozilla\Firefox\Profiles\yjp5y24n.default\Extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}.xpi [2017-05-28] [Legacy]
FF HKLM\...\Firefox\Extensions: [{20a82645-c095-46ed-80e3-08825760534b}] - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension
FF Extension: (Microsoft .NET Framework Assistant) - c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension [2010-05-17] [Legacy] [not signed]
FF HKLM\...\Firefox\Extensions: [widgetruntime@surfsecret.com] - C:\Program Files\Panda Security\Panda ID Protect\Firefox
FF Extension: (Panda Identity Protect) - C:\Program Files\Panda Security\Panda ID Protect\Firefox [2010-11-04] [Legacy] [not signed]
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_27_0_0_187.dll [2017-11-14] ()
FF Plugin: @java.com/DTPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\dtplugin\npDeployJava1.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @java.com/JavaPlugin,version=11.151.2 -> C:\Program Files\Java\jre1.8.0_151\bin\plugin2\npjp2.dll [2017-10-19] (Oracle Corporation)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin: @microsoft.com/WPF,version=3.5 -> c:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll [2008-07-29] (Microsoft Corporation)
FF Plugin: @nokia.com/EnablerPlugin -> C:\Program Files\Nokia\Nokia Suite\npNokiaSuiteEnabler.dll [2013-10-02] ( )
FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.33.7\npGoogleUpdate3.dll [2017-11-13] (Google Inc.)
FF Plugin: @videolan.org/vlc,version=2.0.5 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.1.3 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.1 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.4 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @videolan.org/vlc,version=2.2.6 -> C:\Program Files\VideoLAN\VLC\npvlc.dll [2017-05-24] (VideoLAN)
FF Plugin: @WildTangent.com/GamesAppPresenceDetector,Version=1.0 -> C:\Program Files\WildTangent Games\App\BrowserIntegration\Registered\1\NP_wtapp.dll [2016-07-28] ()
FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2017-11-04] (Adobe Systems Inc.)

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 ePowerSvc; C:\Program Files\Acer\Acer PowerSmart Manager\ePowerSvc.exe [688128 2009-08-19] (Acer Incorporated) [File not signed]
R2 EvtEng; C:\Program Files\Intel\WiFi\bin\EvtEng.exe [860160 2008-10-16] (Intel(R) Corporation) [File not signed]
S3 GamesAppIntegrationService; C:\Program Files\WildTangent Games\App\GamesAppIntegrationService.exe [350064 2016-07-28] (WildTangent)
R2 NTI IScheduleSvc; C:\Program Files\NewTech Infosystems\Acer Backup Manager\IScheduleSvc.exe [54528 2009-04-01] (NewTech Infosystems, Inc.)
R2 ODDPwrSvc; C:\Program Files\Acer\Optical Drive Power Management\ODDPWRSvc.exe [125472 2009-09-04] (Acer Incorporated)
R2 OMSI download service; C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe [90112 2009-04-30] () [File not signed]
R2 PSI_SVC_2; C:\Program Files\Common Files\Protexis\License Service\PsiService_2.exe [277360 2014-04-30] (arvato digital services llc)
R2 RegSrvc; C:\Program Files\Common Files\Intel\WirelessCommon\RegSrvc.exe [466944 2008-10-16] (Intel(R) Corporation) [File not signed]
R2 RS_Service; C:\Program Files\Acer\Acer VCM\RS_Service.exe [237568 2009-02-05] (Acer Incorporated) [File not signed]
R2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [154760 2017-10-30] (Sandboxie Holdings, LLC)
R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [10803440 2017-08-29] (TeamViewer GmbH)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-27] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dg_ssudbus; C:\Windows\System32\DRIVERS\ssudbus.sys [109184 2016-09-05] (Samsung Electronics Co., Ltd.)
R1 ElbyCDIO; C:\Windows\System32\Drivers\ElbyCDIO.sys [30616 2014-12-20] (Elaborate Bytes AG)
R3 L1C; C:\Windows\System32\DRIVERS\L1C60x86.sys [57344 2009-11-13] (Atheros Communications, Inc.)
S3 s1039mdm; C:\Windows\System32\DRIVERS\s1039mdm.sys [124016 2009-11-19] (MCCI Corporation)
R3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [181384 2017-10-30] (Sandboxie Holdings, LLC)
S3 ssudmdm; C:\Windows\System32\DRIVERS\ssudmdm.sys [147072 2016-09-05] (Samsung Electronics Co., Ltd.)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-16 16:23 - 2017-11-16 16:23 - 000000000 ____D C:\Users\Ivčík\Desktop\FRST-OlderVersion
2017-11-14 22:57 - 2017-11-14 22:57 - 008261584 _____ (Malwarebytes) C:\Users\Ivčík\Desktop\adwcleaner_7.0.4.0.exe
2017-11-14 21:39 - 2017-10-18 07:45 - 000347336 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
2017-11-14 21:39 - 2017-10-18 02:55 - 000285696 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbport.sys
2017-11-14 21:39 - 2017-10-18 02:55 - 000259584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbhub.sys
2017-11-14 21:39 - 2017-10-18 02:55 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbccgp.sys
2017-11-14 21:39 - 2017-10-18 02:55 - 000046592 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbehci.sys
2017-11-14 21:39 - 2017-10-18 02:55 - 000024576 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbuhci.sys
2017-11-14 21:39 - 2017-10-18 02:55 - 000020480 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbohci.sys
2017-11-14 21:39 - 2017-10-18 02:55 - 000006016 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\usbd.sys
2017-11-14 21:39 - 2017-10-16 23:49 - 001213672 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ntfs.sys
2017-11-14 21:39 - 2017-10-16 23:25 - 002402816 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
2017-11-14 21:39 - 2017-10-16 22:55 - 000339968 _____ (Microsoft Corporation) C:\Windows\system32\msexcl40.dll
2017-11-14 21:39 - 2017-10-14 08:14 - 020269056 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2017-11-14 21:39 - 2017-10-14 08:03 - 002724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
2017-11-14 21:39 - 2017-10-14 08:03 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
2017-11-14 21:39 - 2017-10-14 07:53 - 000499200 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2017-11-14 21:39 - 2017-10-14 07:53 - 000062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
2017-11-14 21:39 - 2017-10-14 07:52 - 000341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
2017-11-14 21:39 - 2017-10-14 07:52 - 000047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
2017-11-14 21:39 - 2017-10-14 07:51 - 000064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
2017-11-14 21:39 - 2017-10-14 07:50 - 002293760 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2017-11-14 21:39 - 2017-10-14 07:47 - 000047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
2017-11-14 21:39 - 2017-10-14 07:47 - 000030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
2017-11-14 21:39 - 2017-10-14 07:46 - 000476160 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
2017-11-14 21:39 - 2017-10-14 07:45 - 000662016 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2017-11-14 21:39 - 2017-10-14 07:45 - 000620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
2017-11-14 21:39 - 2017-10-14 07:45 - 000115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
2017-11-14 21:39 - 2017-10-14 07:45 - 000104960 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
2017-11-14 21:39 - 2017-10-14 07:41 - 000667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
2017-11-14 21:39 - 2017-10-14 07:38 - 000416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
2017-11-14 21:39 - 2017-10-14 07:35 - 000073216 _____ (Microsoft Corporation) C:\Windows\system32\tdc.ocx
2017-11-14 21:39 - 2017-10-14 07:35 - 000060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
2017-11-14 21:39 - 2017-10-14 07:34 - 000091136 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
2017-11-14 21:39 - 2017-10-14 07:33 - 004542464 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2017-11-14 21:39 - 2017-10-14 07:33 - 000168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
2017-11-14 21:39 - 2017-10-14 07:32 - 000076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2017-11-14 21:39 - 2017-10-14 07:31 - 000279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
2017-11-14 21:39 - 2017-10-14 07:30 - 000130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
2017-11-14 21:39 - 2017-10-14 07:28 - 013680128 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2017-11-14 21:39 - 2017-10-14 07:25 - 000230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
2017-11-14 21:39 - 2017-10-14 07:24 - 000694272 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2017-11-14 21:39 - 2017-10-14 07:24 - 000690688 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2017-11-14 21:39 - 2017-10-14 07:23 - 002058752 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
2017-11-14 21:39 - 2017-10-14 07:23 - 001155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
2017-11-14 21:39 - 2017-10-14 07:10 - 002767872 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2017-11-14 21:39 - 2017-10-14 07:07 - 001314304 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2017-11-14 21:39 - 2017-10-14 07:04 - 000710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2017-11-14 21:39 - 2017-10-12 01:40 - 000308456 _____ (Adobe Systems Incorporated) C:\Windows\system32\atmfd.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 012574208 _____ (Microsoft Corporation) C:\Windows\system32\wmploc.DLL
2017-11-14 21:39 - 2017-10-12 01:37 - 011410944 _____ (Microsoft Corporation) C:\Windows\system32\wmp.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 001549824 _____ (Microsoft Corporation) C:\Windows\system32\tquery.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 001400320 _____ (Microsoft Corporation) C:\Windows\system32\mssrch.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 001363968 _____ (Microsoft Corporation) C:\Windows\system32\Query.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000666624 _____ (Microsoft Corporation) C:\Windows\system32\mssvp.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000337408 _____ (Microsoft Corporation) C:\Windows\system32\mssph.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000197120 _____ (Microsoft Corporation) C:\Windows\system32\mssphtb.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000111104 _____ (Microsoft Corporation) C:\Windows\system32\t2embed.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000104448 _____ (Microsoft Corporation) C:\Windows\system32\mssitlb.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000070656 _____ (Microsoft Corporation) C:\Windows\system32\fontsub.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000059392 _____ (Microsoft Corporation) C:\Windows\system32\msscntrs.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000034816 _____ (Microsoft Corporation) C:\Windows\system32\mssprxy.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000026112 _____ (Microsoft Corporation) C:\Windows\system32\lpk.dll
2017-11-14 21:39 - 2017-10-12 01:37 - 000010240 _____ (Microsoft Corporation) C:\Windows\system32\dciman32.dll
2017-11-14 21:39 - 2017-10-12 01:26 - 000427520 _____ (Microsoft Corporation) C:\Windows\system32\SearchIndexer.exe
2017-11-14 21:39 - 2017-10-12 01:26 - 000164352 _____ (Microsoft Corporation) C:\Windows\system32\SearchProtocolHost.exe
2017-11-14 21:39 - 2017-10-12 01:25 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\SearchFilterHost.exe
2017-11-14 21:39 - 2017-10-12 01:25 - 000009728 _____ (Microsoft Corporation) C:\Windows\system32\msshooks.dll
2017-11-14 21:39 - 2017-10-12 01:24 - 000008192 _____ (Microsoft Corporation) C:\Windows\system32\spwmp.dll
2017-11-14 21:39 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\msdxm.ocx
2017-11-14 21:39 - 2017-10-12 01:24 - 000004096 _____ (Microsoft Corporation) C:\Windows\system32\dxmasf.dll
2017-11-14 21:39 - 2017-10-12 01:16 - 000034304 _____ (Adobe Systems) C:\Windows\system32\atmlib.dll
2017-11-14 21:39 - 2017-10-12 01:14 - 000086528 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\luafv.sys
2017-11-14 21:39 - 2017-09-07 14:05 - 000922432 _____ (Microsoft Corporation) C:\Windows\system32\ucrtbase.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000066400 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-private-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000022368 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-math-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000019808 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-multibyte-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-string-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000017760 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-stdio-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000016224 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-runtime-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000015712 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-convert-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-time-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000014176 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-2-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000013664 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-filesystem-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-process-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-heap-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012640 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-conio-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-utility-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-locale-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-crt-environment-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-2-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000012128 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-1.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l2-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-timezone-l1-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l2-1-0.dll
2017-11-14 21:39 - 2017-09-07 14:05 - 000011616 _____ (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-2-0.dll
2017-11-14 21:29 - 2017-10-18 03:16 - 000114408 _____ (Microsoft Corporation) C:\Windows\system32\CompatTelRunner.exe
2017-11-14 21:29 - 2017-10-18 03:11 - 000488448 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2017-11-14 21:29 - 2017-10-15 23:04 - 000313184 _____ (Microsoft Corporation) C:\Windows\system32\centel.dll
2017-11-14 21:29 - 2017-10-04 14:04 - 001918464 _____ (Microsoft Corporation) C:\Windows\system32\aitstatic.exe
2017-11-14 21:29 - 2017-10-04 14:04 - 001321472 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2017-11-14 21:29 - 2017-10-04 14:04 - 000541696 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2017-11-14 21:29 - 2017-10-04 14:04 - 000509440 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2017-11-14 21:29 - 2017-10-04 14:04 - 000303616 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2017-11-14 21:29 - 2017-10-04 14:04 - 000193536 _____ (Microsoft Corporation) C:\Windows\system32\aepic.dll
2017-11-14 21:29 - 2017-10-04 14:04 - 000150016 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2017-11-13 22:52 - 2017-11-13 22:52 - 000037678 _____ C:\Users\Ivčík\Desktop\Addition.txt
2017-11-13 22:49 - 2017-11-16 16:25 - 000017748 _____ C:\Users\Ivčík\Desktop\FRST.txt
2017-11-08 13:28 - 2017-11-08 13:28 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
2017-11-05 20:04 - 2017-11-05 20:04 - 000000000 ____D C:\Users\Ivčík\AppData\Local\CrashDumps
2017-10-29 23:31 - 2017-10-29 23:43 - 000000000 ____D C:\uklid brr
2017-10-19 16:23 - 2017-10-19 16:23 - 000000000 ____D C:\Program Files\Common Files\Java

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2017-11-16 16:23 - 2016-10-28 23:09 - 001788928 _____ (Farbar) C:\Users\Ivčík\Desktop\FRST.exe
2017-11-16 16:23 - 2016-10-27 20:35 - 000000000 ____D C:\FRST
2017-11-16 15:02 - 2015-04-21 08:05 - 000002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
2017-11-16 14:16 - 2010-05-17 20:59 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2017-11-16 14:16 - 2010-05-17 20:59 - 000019664 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2017-11-16 13:16 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\rescache
2017-11-16 12:17 - 2016-11-19 23:59 - 000000000 ____D C:\Users\Ivčík\AppData\LocalLow\Mozilla
2017-11-16 12:15 - 2010-11-04 19:19 - 000000000 ____D C:\ProgramData\Panda Security Toolbar Antiphishing
2017-11-16 11:13 - 2010-05-17 21:36 - 001591910 _____ C:\Windows\system32\PerfStringBackup.INI
2017-11-16 11:13 - 2009-07-14 09:44 - 000672084 _____ C:\Windows\system32\perfh005.dat
2017-11-16 11:13 - 2009-07-14 09:44 - 000142648 _____ C:\Windows\system32\perfc005.dat
2017-11-16 11:13 - 2009-07-14 03:37 - 000000000 ____D C:\Windows\inf
2017-11-16 11:08 - 2009-07-14 05:53 - 000032546 _____ C:\Windows\Tasks\SCHEDLGU.TXT
2017-11-16 11:08 - 2009-07-14 05:53 - 000000006 ____H C:\Windows\Tasks\SA.DAT
2017-11-15 16:52 - 2017-02-05 00:49 - 000001764 _____ C:\Windows\Sandboxie.ini
2017-11-15 16:49 - 2009-07-14 05:33 - 000496776 _____ C:\Windows\system32\FNTCACHE.DAT
2017-11-15 16:45 - 2015-01-01 12:47 - 000000000 ____D C:\Windows\system32\appraiser
2017-11-14 23:36 - 2017-10-11 15:09 - 124282896 ____C (Microsoft Corporation) C:\Windows\system32\MRT-KB890830.exe
2017-11-14 23:36 - 2013-08-06 18:41 - 000000000 ____D C:\Windows\system32\MRT
2017-11-14 23:35 - 2010-06-14 17:11 - 124282896 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
2017-11-14 23:19 - 2016-10-28 11:11 - 000000000 ____D C:\AdwCleaner
2017-11-14 23:19 - 2010-05-11 20:47 - 000000000 ____D C:\ProgramData\ICQ
2017-11-14 22:54 - 2016-09-18 20:52 - 000000000 ____D C:\JUPIK
2017-11-14 21:38 - 2012-05-07 09:26 - 000803328 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe
2017-11-14 21:38 - 2012-05-07 09:26 - 000144896 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl
2017-11-14 21:38 - 2009-04-01 01:01 - 000000000 ____D C:\Windows\system32\Macromed
2017-11-05 20:10 - 2017-07-07 12:19 - 000000000 ____D C:\Users\Ivčík\AppData\Local\Zoner
2017-11-04 08:46 - 2017-02-20 09:29 - 000000000 ____D C:\Program Files\TeamViewer
2017-11-03 23:55 - 2017-05-27 01:57 - 000000000 ____D C:\Users\Ivčík\AppData\Roaming\vlc
2017-11-03 22:09 - 2016-02-01 15:04 - 000000000 ____D C:\Users\Ivčík\Desktop\Blanik
2017-10-28 17:53 - 2017-06-14 13:56 - 000000000 ____D C:\Program Files\Mozilla Firefox
2017-10-28 17:53 - 2013-04-04 21:31 - 000000000 ____D C:\Program Files\Mozilla Maintenance Service
2017-10-25 13:38 - 2010-05-08 16:24 - 000000000 ____D C:\Users\Ivčík\AppData\Local\VirtualStore
2017-10-25 11:35 - 2017-02-05 12:05 - 000000000 ____D C:\2016_01_16 BRR
2017-10-22 09:52 - 2010-11-04 17:08 - 000000969 _____ C:\Users\Public\Desktop\CCleaner.lnk
2017-10-20 18:31 - 2017-02-20 09:29 - 000000000 ____D C:\Users\Ivčík\AppData\Roaming\TeamViewer
2017-10-20 16:17 - 2014-03-11 20:21 - 000000000 ____D C:\FOTO
2017-10-20 10:04 - 2016-02-17 22:51 - 000000000 ____D C:\FILM
2017-10-19 16:24 - 2015-01-17 14:25 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Java
2017-10-19 16:24 - 2014-08-13 19:53 - 000000000 ____D C:\Program Files\Java
2017-10-19 16:24 - 2013-10-05 10:07 - 000000000 ____D C:\ProgramData\Oracle
2017-10-19 16:22 - 2015-04-21 07:55 - 000095808 _____ (Oracle Corporation) C:\Windows\system32\WindowsAccessBridge.dll
2017-10-17 12:14 - 2017-01-07 21:18 - 000000000 ____D C:\navody manual

==================== Files in the root of some directories =======

2010-11-04 18:13 - 2010-11-04 18:14 - 000005251 _____ () C:\Users\Ivčík\AppData\Local\MyWinLockerInstaller.txt-20101104.log
2017-04-06 13:55 - 2017-04-06 13:55 - 000002596 _____ () C:\Users\Ivčík\AppData\Local\recently-used.xbel
2017-02-13 23:42 - 2017-02-13 23:42 - 000148736 _____ (Avanquest Software) C:\ProgramData\hpeAAA5.dll

Files to move or delete:
====================
C:\ProgramData\hpeAAA5.dll

Some files in TEMP:
====================
2017-11-08 12:27 - 2017-11-08 12:28 - 008980104 _____ (Sandboxie Holdings, LLC) C:\Users\Ivčík\AppData\Local\Temp\SandboxieInstall.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\explorer.exe => File is digitally signed
C:\Windows\system32\winlogon.exe => File is digitally signed
C:\Windows\system32\wininit.exe => File is digitally signed
C:\Windows\system32\svchost.exe => File is digitally signed
C:\Windows\system32\services.exe => File is digitally signed
C:\Windows\system32\User32.dll => File is digitally signed
C:\Windows\system32\userinit.exe => File is digitally signed
C:\Windows\system32\rpcss.dll => File is digitally signed
C:\Windows\system32\dnsapi.dll => File is digitally signed
C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2017-11-09 14:21

==================== End of FRST.txt ============================

#6 Příspěvek od **Rudy** » 16 lis 2017 19:11

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [] => [X]
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\hpeAAA5.dll
C:\Users\Ivčík\AppData\Local\Temp
Duplicate Cleaner Free 3.2.7 (HKLM\...\Duplicate Cleaner Free) (Version: 3.2.7 - DigitalVolcano Software Ltd) <==== ATTENTION
ContextMenuHandlers1: [OpenFolder] -> {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => -> No File
ContextMenuHandlers5: [OpenFolder] -> {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => -> No File
ContextMenuHandlers6: [OpenFolder] -> {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:798A3728 [100]
AlternateDataStreams: C:\ProgramData\TEMP:CDFF58FE [116]

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

wilgefortz · #7 Příspěvek od **wilgefortz** » 20 lis 2017 22:45

Fix result of Farbar Recovery Scan Tool (x86) Version: 19-11-2017
Ran by Ivčík (20-11-2017 22:32:33) Run:1
Running from C:\Users\Ivčík\Desktop
Loaded Profiles: Ivčík (Available Profiles: Ivčík)
Boot Mode: Normal

==============================================

fixlist content:
*****************
Start
HKLM\...\Run: [SunJavaUpdateSched] => C:\Program Files\Common Files\Java\Java Update\jusched.exe [587288 2017-09-05] (Oracle Corporation)
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\...\Run: [] => [X]
GroupPolicyScripts: Restriction <==== ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Restriction <==== ATTENTION
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> DefaultScope {67A2568C-7A0A-4EED-AECC-B5405DE63B64} URL =
SearchScopes: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> {3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} URL =
BHO: Google Toolbar Helper -> {AA58ED58-01DD-4d91-8333-CF10577473F7} -> C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
Toolbar: HKLM - Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
Toolbar: HKU\S-1-5-21-1794764402-2752610107-2250550547-1000 -> Google Toolbar - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2016-12-01] (Google Inc.)
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
C:\ProgramData\hpeAAA5.dll
C:\Users\Iv��k\AppData\Local\Temp
Duplicate Cleaner Free 3.2.7 (HKLM\...\Duplicate Cleaner Free) (Version: 3.2.7 - DigitalVolcano Software Ltd) <==== ATTENTION
ContextMenuHandlers1: [OpenFolder] -> {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => -> No File
ContextMenuHandlers5: [OpenFolder] -> {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => -> No File
ContextMenuHandlers6: [OpenFolder] -> {80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => -> No File
AlternateDataStreams: C:\ProgramData\TEMP:798A3728 [100]
AlternateDataStreams: C:\ProgramData\TEMP:CDFF58FE [116]

EmptyTemp:
End
*****************

HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value removed successfully.
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Windows\CurrentVersion\Run\\ => value removed successfully.
C:\Windows\system32\GroupPolicy\Machine => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
HKLM\SOFTWARE\Policies\Google => key removed successfully.
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully.
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key removed successfully.
HKLM\Software\Classes\CLSID\{3BD44F0E-0596-4008-AEE0-45D47E3A8F0E} => key not found.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully.
HKLM\Software\Classes\CLSID\{AA58ED58-01DD-4d91-8333-CF10577473F7} => key removed successfully.
HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar\\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => value removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11d4-9B18-009027A5CD4F} => key removed successfully.
HKU\S-1-5-21-1794764402-2752610107-2250550547-1000\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => value removed successfully.
HKLM\Software\Classes\CLSID\{2318C2B1-4965-11D4-9B18-009027A5CD4F} => key not found.
HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE => key removed successfully.
C:\ProgramData\hpeAAA5.dll => moved successfully
"C:\Users\Iv��k\AppData\Local\Temp" => not found.
Duplicate Cleaner Free 3.2.7 (HKLM\...\Duplicate Cleaner Free) (Version: 3.2.7 - DigitalVolcano Software Ltd) <==== ATTENTION => Error: No automatic fix found for this entry.
HKLM\Software\Classes\*\ShellEx\ContextMenuHandlers\OpenFolder => key removed successfully.
HKLM\Software\Classes\CLSID\{80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => key not found.
HKLM\Software\Classes\Directory\Background\ShellEx\ContextMenuHandlers\OpenFolder => key removed successfully.
HKLM\Software\Classes\CLSID\{80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => key not found.
HKLM\Software\Classes\Folder\ShellEx\ContextMenuHandlers\OpenFolder => key removed successfully.
HKLM\Software\Classes\CLSID\{80AEF606-7FFA-4EF6-86C4-0B86FEF4E0CD} => key not found.
C:\ProgramData\TEMP => ":798A3728" ADS removed successfully..
C:\ProgramData\TEMP => ":CDFF58FE" ADS removed successfully..

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStoree, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 24914540 B
Java, Flash, Steam htmlcache => 1049 B
Windows/system/drivers => 11173673 B
Edge => 0 B
Chrome => 96256 B
Firefox => 380198970 B
Opera => 0 B

Temp, IE cache, history, cookies, recent:
Users => 0 B
Default => 0 B
Public => 0 B
ProgramData => 0 B
systemprofile => 199094 B
LocalService => 132244 B
NetworkService => 77692 B
Ivčík => 259192688 B

RecycleBin => 143635833 B
EmptyTemp: => 789.7 MB temporary data Removed.

================================

The system needed a reboot.

==== End of Fixlog 22:35:10 ====

#8 Příspěvek od **Rudy** » 21 lis 2017 19:03

Smazáno. Nastala nějaká změna?

VIRY.CZ

Sekaní ntb a firefoxu

Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu

Re: Sekaní ntb a firefoxu