virus torrenty

[Jan21]

Prosim o kontrolu, Eset hlasil virusy pri pokuse o odinstalaciu uTorrentu

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by j. zem (administrator) on JZEMBER (08-09-2018 14:50:26)
Running from C:\Users\Jozef\Desktop
Loaded Profiles: j. zem (Available Profiles: j. zem)
Platform: Windows 8.1 (Update) (X64) Language: Angličtina (Spojené kráľovstvo)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
() C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4124360 2014-09-24] (ESET)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-22] (Pegatron Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{186B7CCB-FC56-4E8C-9351-751EA47BEA5E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E1EB523A-37CF-45D7-8D4D-0D1392E1E7DD}: [DhcpNameServer] 127.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=0e5ffeb5-ad7f-a488-195e-ce7224290223&searchtype=ds&q={searchTerms}&installDate=12/02/2014
HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=0e5ffeb5-ad7f-a488-195e-ce7224290223&searchtype=ds&q={searchTerms}&installDate=12/02/2014
SearchScopes: HKLM-x32 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=0e5ffeb5-ad7f-a488-195e-ce7224290223&searchtype=ds&q={searchTerms}&installDate=12/02/2014
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3293887&CUI=UN30610846023263397&UM=2&UP=SP07A49544-28C3-4599-B005-C0501739F3C8&SSPV=
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=0e5ffeb5-ad7f-a488-195e-ce7224290223&searchtype=ds&q={searchTerms}&installDate=12/02/2014
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL = hxxp://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3293887&CUI=UN30610846023263397&UM=2&UP=SP07A49544-28C3-4599-B005-C0501739F3C8&SSPV=
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> {32AC96BC-FB4A-4265-8A8B-45BBD595728D} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-05] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM-x32 - No Name - {ae07101b-46d4-4a98-af68-0333ea26e113} - No File
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eavb8yya.default [2018-08-19]
FF user.js: detected! => C:\Users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eavb8yya.default\user.js [2014-02-12]
FF NewTab: Mozilla\Firefox\Profiles\eavb8yya.default -> about:blank
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2014-12-26] [Legacy] [not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxp://search.conduit.com/?ctid=CT3293887&SearchSource=48&CUI=UN39931426061058498&UM=2
CHR Profile: C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default [2018-09-08]
CHR Extension: (Docs) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-08-30]
CHR Extension: (Google Search) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Download Youtube Video) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppndcnonoeolinaenhopmebikpcmicp [2017-09-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-07-19]
CHR Extension: (Google Docs Offline) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [41672 2014-09-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-09-24] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [190152 2014-09-24] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
R2 TWEService; C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe [150032 2013-08-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219696 2014-08-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [155896 2014-08-19] (ESET)
R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [198096 2014-08-19] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [40512 2014-08-19] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [59064 2014-09-10] (ESET)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 14:50 - 2018-09-08 14:51 - 000017113 _____ C:\Users\Jozef\Desktop\FRST.txt
2018-09-08 14:50 - 2018-09-08 14:50 - 000000000 ____D C:\FRST
2018-09-08 14:49 - 2018-09-08 14:49 - 002413056 _____ (Farbar) C:\Users\Jozef\Downloads\FRST64.exe
2018-09-08 14:49 - 2018-09-08 14:49 - 002413056 _____ (Farbar) C:\Users\Jozef\Desktop\FRST64.exe
2018-09-08 13:03 - 2018-09-08 13:51 - 000000000 ____D C:\Users\Jozef\AppData\LocalLow\uTorrent
2018-09-07 21:58 - 2018-09-07 21:58 - 000015105 _____ C:\Users\Jozef\Downloads\[SkT]Ex_Machina_(2015)(CZ)_=_CSFD_75%.torrent
2018-09-07 21:57 - 2018-09-07 21:57 - 000017159 _____ C:\Users\Jozef\Downloads\[SkT]Ex_Machina_(2015)(CZ)_=_CSFD_80%.torrent
2018-08-23 15:18 - 2018-09-01 15:53 - 000001333 _____ C:\Users\Public\Desktop\Skype.lnk
2018-08-23 15:18 - 2018-09-01 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-08-23 15:18 - 2018-08-23 15:18 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\Skype
2018-08-23 15:16 - 2018-08-23 15:17 - 062091672 _____ (Skype Technologies S.A.) C:\Users\Jozef\Downloads\Skype-8.28.0.41.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 14:41 - 2013-01-27 19:11 - 000003596 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1504080517-992152691-4045409680-1001
2018-09-08 14:40 - 2014-09-24 18:21 - 000005392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-08 14:40 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-09-08 14:37 - 2016-02-02 20:50 - 000000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job
2018-09-08 14:37 - 2015-02-06 00:57 - 000000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job
2018-09-08 14:37 - 2013-01-29 20:45 - 000000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-09-08 14:36 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-08 14:35 - 2014-04-06 12:49 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\ClassicShell
2018-09-08 14:35 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-09-08 14:08 - 2015-07-16 09:02 - 000000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job
2018-09-08 14:07 - 2015-02-06 00:57 - 000000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job
2018-09-08 14:02 - 2015-12-04 10:03 - 000000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job
2018-09-08 14:02 - 2013-01-29 20:45 - 000000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-09-08 09:06 - 2014-12-26 19:28 - 000003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87CFF17A-C4C6-479C-92F9-2CE23281E968}
2018-09-07 22:19 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-02 22:46 - 2013-09-12 20:31 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\vlc
2018-08-29 21:15 - 2014-04-04 20:19 - 000000000 ____D C:\Users\Jozef\filmy
2018-08-29 20:17 - 2017-09-06 21:32 - 000003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1504726349
2018-08-29 20:17 - 2017-09-06 21:32 - 000001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-08-29 20:17 - 2017-09-06 21:31 - 000000000 ____D C:\Program Files\Opera
2018-08-19 23:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-15 13:41 - 2013-03-22 21:06 - 000000000 ____D C:\Users\Jozef\AppData\Local\Nero
2018-08-10 20:34 - 2013-01-29 20:46 - 000002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 20:34 - 2013-01-29 20:46 - 000002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-02-28 19:46 - 2018-02-28 19:46 - 000004096 ____H () C:\Users\Jozef\AppData\Local\keyfile3.drm

Some files in TEMP:
====================
2018-02-16 15:24 - 2015-12-01 09:22 - 000455600 ____R (Macrovision Corporation) C:\Users\Jozef\AppData\Local\Temp\_is66F3.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-01 23:27

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by j. zem (08-09-2018 14:51:43)
Running from C:\Users\Jozef\Desktop
Windows 8.1 (Update) (X64) (2014-12-26 17:16:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1504080517-992152691-4045409680-500 - Administrator - Disabled)
Guest (S-1-5-21-1504080517-992152691-4045409680-501 - Limited - Enabled)
j. zem (S-1-5-21-1504080517-992152691-4045409680-1001 - Administrator - Enabled) => C:\Users\Jozef

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Security 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Security 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Eset Pesonálny Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
e0.c5.cd.c5.e8.c5.d2. (HKU\S-1-5-21-1504080517-992152691-4045409680-1001\...\JogoBox) (Version: 9b. - e0.c5.cd.c5.e8.c5.d2.84.c9.c5.c7.)
ESET Endpoint Security (HKLM\...\{3805E23E-B824-4B28-B3E6-FB16CFFD9098}) (Version: 5.0.2237.1 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Opera Stable 55.0.2994.44 (HKLM-x32\...\Opera 55.0.2994.44) (Version: 55.0.2994.44 - Opera Software)
PeaZip 4.8.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype verzia 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1504080517-992152691-4045409680-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2014-09-24] (ESET)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2014-09-24] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2014-09-24] (ESET)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2014-04-05] (IvoSoft)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04488F7F-1376-4863-A8FF-02694AE978EB} - System32\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {09C1C373-B7EA-4E7B-B0AF-66FB138B461C} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0FC11970-FF7F-4779-B33F-C248D23C59F8} - System32\Tasks\{2F190A75-09C7-47C8-9096-DB18A0A97953} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe"
Task: {191562A5-99FC-4239-8EB5-47D730B31E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {191562A5-99FC-4239-8EB5-47D730B31E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-09-24] (Microsoft Corporation)
Task: {264732BC-1E4F-4967-9D8E-5245F5A215C0} - System32\Tasks\Opera scheduled Autoupdate 1504726349 => C:\Program Files\Opera\launcher.exe [2018-08-23] (Opera Software)
Task: {26C895A2-626C-4FF1-8A37-022CD39C84C2} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {2BEAB7EA-59C6-4B64-9545-98FBFDC72CFF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {35D1D696-9BDE-49FA-B13E-84F69069BFB4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {3F8C5A29-25F3-4BEB-9339-5DEBA12DB012} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4201865A-B8C3-4F4E-9D26-0AA63D2C6493} - System32\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {479EC6D7-B0CF-4929-9F84-7991BDB925C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5593516F-344D-4166-A00C-DFC12287F84D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5D0A8CF9-9A20-48DC-8E51-C53FCF621175} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {60A27CE0-E30A-4661-A142-AB156ABD5F75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {60A27CE0-E30A-4661-A142-AB156ABD5F75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-09-24] (Microsoft Corporation)
Task: {7BCB7486-9991-495F-B04A-FDC98939BF8A} - System32\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B6A9639-F40C-4402-A6B2-3F8FD7B9499C} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {93F8A72B-1BA3-4A18-B220-F49EF2A4030B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9EC4891A-DBCB-4F85-A3E6-F4CE314D51A2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {C0C2FCCA-F046-4E76-BFED-D2C2DD600D61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D3FBCBBC-774F-4AF9-913E-F8B0D2343D91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {D3FBCBBC-774F-4AF9-913E-F8B0D2343D91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {D3FBCBBC-774F-4AF9-913E-F8B0D2343D91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-09-24] (Microsoft Corporation)
Task: {EF5F0706-7A17-4D47-BCC5-3E0A1B1124BC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {F436E4DA-4F17-465E-B8BD-DCDA7053FB2A} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2011-10-13 16:38 - 2011-10-13 16:38 - 000156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2018-02-16 15:28 - 2015-12-01 09:22 - 000143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2013-08-14 12:26 - 2013-08-14 12:26 - 000150032 _____ () C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 000049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 21:13 - 2012-08-13 21:13 - 000018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2014-01-30 01:02 - 2015-06-01 22:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-31 09:11 - 2012-07-31 09:11 - 000024576 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\sk\TosDILangPack.resources.dll
2018-08-10 20:33 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 20:33 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-02-16 15:27 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-12-04 10:54 - 2012-06-25 12:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6958003B-1C74-4DA1-AC9D-06768AE25053}] => (Allow) C:\Users\Jozef\Downloads\utorrent.exe
FirewallRules: [{1E825D60-BE6E-4EB6-9269-714EEF243389}] => (Allow) C:\Users\Jozef\Downloads\utorrent.exe
FirewallRules: [{E8A99C86-A487-4B05-8374-545E4B112B98}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4B6A95B0-6BDC-4A6A-9B78-6AE128C2D8B3}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{D7CF0487-C23A-4C15-A501-0DEAAF6352EC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{2A1F6FCF-34EC-4038-8EC7-21209DCDFAFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{2494D4AC-0C14-4862-B238-2C4B2D7B7571}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A7EFE70C-D9A2-4CDB-A5DC-0F505AAEFC40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B9916959-043D-4E8B-AF45-BCBCF5C91858}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3BDDC344-5A34-4B20-AE40-93BEB8F7C1D0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A05F6900-B23C-43B0-9472-DDF3AB6D42FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{4D2D9BA2-F337-48CD-BC13-1AFC6C2F24FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1FA8B4F9-3DEC-45C1-927B-5A34BEC5147B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{10461894-B0F5-4571-AB2E-8697F2BC438B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{88AD4C9F-920D-4FDC-A6E2-F7E8D15FA463}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DB7018F4-61CD-4E46-B221-C2543F0AD4CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{09FB595A-DE9C-45D7-8B08-FD34BFFDFCF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{431C988D-9800-4EA1-BDDB-6299013848B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C6316C68-A2E6-4564-91AE-510B9063482B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B7A4584E-02E3-4549-9842-54F32EC77CC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{8EE34247-9822-4DE9-9A13-F8ED5945E313}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{933A0454-0D90-43DB-B2AD-17E8270D1882}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4D22C86A-8579-4115-8E75-E6EB8BA1971E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{0602DFE7-5BFE-449B-B1A9-E68EF1A9E3BF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B3EC20E8-F76E-499E-93AA-5BEB96A62189}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A5B2011B-CBE4-4FB2-91C0-E061462B5943}] => (Allow) LPort=54925
FirewallRules: [{C7BD50E3-883F-474D-93BC-ECEECD67CC9A}] => (Allow) C:\Program Files\Opera\54.0.2952.64\opera.exe
FirewallRules: [{6A6CE677-42C7-4CDC-B25E-8D0ABDE6A82D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3B569C90-0500-430B-89CE-237D3CC0D67A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{02C02DE8-676F-4DDA-9B58-FBA3B0ED0CE5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{ED740BF4-2320-49FC-97B0-2215707B2B92}] => (Allow) C:\Program Files\Opera\55.0.2994.44\opera.exe
FirewallRules: [{BCE23325-C721-4ECC-B0F8-3C4E7C9F7DB8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{F593D977-CB82-4474-926F-8C973F923154}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Restore Points =========================

19-08-2018 13:22:23 Scheduled Checkpoint
31-08-2018 13:04:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2018 02:40:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 02:40:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/08/2018 01:04:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 01:04:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/08/2018 09:05:23 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 09:05:23 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/07/2018 09:12:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/07/2018 09:12:59 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (09/07/2018 08:20:28 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (09/07/2018 08:19:58 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (09/06/2018 07:04:15 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (09/06/2018 07:03:45 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (09/06/2018 12:18:40 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (09/06/2018 12:18:10 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.

Error: (09/05/2018 06:59:30 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {BF6C1E47-86EC-4194-9CE5-13C15DCB2001} did not register with DCOM within the required timeout.

Error: (09/05/2018 06:59:00 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {1B1F472E-3221-4826-97DB-2C2324D389AE} did not register with DCOM within the required timeout.


Windows Defender:
===================================
Date: 2014-12-25 13:38:28.981
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {06685C37-9441-43C7-803A-8914B8E08E2A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-24 14:28:09.968
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {7053D689-B484-42D9-BC1E-F6BE15B1FA40}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 22:29:34.832
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {FFFCFE8D-684C-43AA-A893-16EAAEFA62E5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 22:19:28.534
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {02E9A2E2-B7FE-4532-BE02-5D049E39BEEB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 14:52:55.650
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8DDA8009-5DA2-4AAF-A9FF-F46A036567B5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-26 18:55:54.125
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2014-12-26 18:11:53.264
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

Date: 2014-12-13 19:34:54.240
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.189.1807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11202.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2014-12-13 19:34:54.239
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.189.1807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11202.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2014-12-13 19:34:54.239
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.189.1807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11202.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
Percentage of memory in use: 54%
Total physical RAM: 3977.22 MB
Available physical RAM: 1823.38 MB
Total Virtual: 4873.22 MB
Available Virtual: 2736 MB

==================== Drives ================================

Drive c: (TI30992200A) (Fixed) (Total:455.08 GB) (Free:364.2 GB) NTFS

\\?\Volume{0b384756-0187-11e2-8f1c-da3354a2d5c4}\ (System) (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{dac7cb98-0c94-4431-8fcc-9cfe0403e12b}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
\\?\Volume{8fb81932-3306-4a24-be15-78883272136d}\ (Recovery) (Fixed) (Total:9.42 GB) (Free:0.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Ulozte na plochu AdwCleaner https://malwarebytes.com/adwcleaner/ nebo http://www.bleepingcomputer.com/download/adwcleaner/

ukoncete vsechny programy
odsouhlaste licencni podmiky (EULA) klikem na Souhlasim
kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
kliknete na Skenovat nyni (Scan now), pote na Cisteni a opravy (Clean and Repair)
po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\Logs\AdwCleaner[Cxx].txt), jehoz obsah zkopirujte do pristi odpovedi

[Jan21]

# -------------------------------
# Malwarebytes AdwCleaner 7.2.3.1
# -------------------------------
# Build: 09-03-2018
# Database: 2018-09-06.1 (Cloud)
# Support: https://www.malwarebytes.com/support
#
# -------------------------------
# Mode: Clean
# -------------------------------
# Start: 09-08-2018
# Duration: 00:00:06
# OS: Windows 8.1
# Cleaned: 42
# Failed: 0


***** [ Services ] *****

No malicious services cleaned.

***** [ Folders ] *****

Deleted C:\SearchProtect
Deleted C:\Windows\SysWOW64\SearchProtect
Deleted C:\Program Files (x86)\Conduit
Deleted C:\Users\Jozef\AppData\Local\Conduit
Deleted C:\Users\Jozef\AppData\LocalLow\Conduit
Deleted C:\Program Files (x86)\iMesh Applications
Deleted C:\Users\Jozef\AppData\Roaming\OpenCandy

***** [ Files ] *****

Deleted C:\END

***** [ DLL ] *****

No malicious DLLs cleaned.

***** [ WMI ] *****

No malicious WMI cleaned.

***** [ Shortcuts ] *****

No malicious shortcuts cleaned.

***** [ Tasks ] *****

No malicious tasks cleaned.

***** [ Registry ] *****

Deleted HKLM\SOFTWARE\Classes\Applications\iMeshSetup-r1810-n-bc.exe
Deleted HKLM\SOFTWARE\Classes\Toolbar.CT3293887
Deleted HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\OpenCandyHelperRunOnce6D1988BAF81A4FD48F7FDC9BDD39D99B
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Deleted HKCU\Software\AppDataLow\Software\ConduitSearchScopes
Deleted HKCU\Software\AppDataLow\Software\Conduit
Deleted HKCU\Software\Conduit
Deleted HKLM\Software\Wow6432Node\Conduit
Deleted HKCU\Software\AppDataLow\Software\Smartbar
Deleted HKCU\Software\Smartbar
Deleted HKLM\Software\Wow6432Node\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
Deleted HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\3152E1F19977892449DC968802CE8964
Deleted HKLM\SOFTWARE\Classes\Record\{8F54FA54-1DF8-3B20-890C-CDD95364BC95}
Deleted HKLM\SOFTWARE\Classes\Record\{181480C8-90AC-3430-B39A-CD121E034A1A}
Deleted HKLM\SOFTWARE\Classes\Record\{FB2E65F4-5687-33EF-9BBF-4E3C9C98D3B9}
Deleted HKLM\SOFTWARE\Classes\Record\{915BB7D5-082E-3B91-B1E0-45B5FDE01F24}
Deleted HKLM\SOFTWARE\Classes\Record\{425E7597-03A2-338D-B72A-0E51FFE77A7E}
Deleted HKLM\SOFTWARE\Classes\Record\{2009AF2F-5786-3067-8799-B97F7832FDD6}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Microsoft\Internet Explorer\Toolbar|{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Wow6432Node\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKLM\Software\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{014DB5FA-EAFB-4592-A95B-F44D3EE87FA9}
Deleted HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Deleted HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{006ee092-9658-4fd6-bd8e-a21a348e59f5}
Deleted HKLM\Software\Wow6432Node\{6791A2F3-FC80-475C-A002-C014AF797E9C}
Deleted HKCU\Software\AppDataLow\{1146AC44-2F03-4431-B4FD-889BC837521F}
Deleted HKLM\Software\Wow6432Node\{1146AC44-2F03-4431-B4FD-889BC837521F}

***** [ Chromium (and derivatives) ] *****

Deleted Managera

***** [ Chromium URLs ] *****

Deleted http://search.conduit.com/?ctid=CT32938 ... 58498&UM=2
Deleted Conduit
Deleted Ask Jeeves

***** [ Firefox (and derivatives) ] *****

No malicious Firefox entries cleaned.

***** [ Firefox URLs ] *****

No malicious Firefox URLs cleaned.


*************************

[+] Delete Tracing Keys
[+] Reset Winsock

*************************

AdwCleaner[S00].txt - [4971 octets] - [08/09/2018 15:43:30]

########## EOF - C:\AdwCleaner\Logs\AdwCleaner[C00].txt ##########

[Rudy]

OK. Dejte nový log FRST.

[Jan21]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 01.09.2018 03
Ran by j. zem (administrator) on JZEMBER (08-09-2018 16:03:28)
Running from C:\Users\Jozef\Desktop
Loaded Profiles: j. zem (Available Profiles: j. zem)
Platform: Windows 8.1 (Update) (X64) Language: Angličtina (Spojené kráľovstvo)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
() C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(IvoSoft) C:\Program Files\Classic Shell\ClassicStartMenu.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(ESET) C:\Program Files\ESET\ESET Endpoint Security\egui.exe
(Intel Corporation) C:\Windows\System32\igfxtray.exe
(Intel Corporation) C:\Windows\System32\hkcmd.exe
(Intel Corporation) C:\Windows\System32\igfxpers.exe
(Toshiba) C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe
(Hewlett-Packard) C:\Program Files (x86)\HP\HP Software Update\hpwuschd2.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCtrlCntr.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\Browny02\BrYNSvc.exe
(Brother Industries, Ltd.) C:\Program Files (x86)\ControlCenter4\BrCcUxSys.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\SysWOW64\wbem\WmiPrvSE.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12936848 2012-07-13] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-13] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
HKLM\...\Run: [Classic Start Menu] => C:\Program Files\Classic Shell\ClassicStartMenu.exe [161984 2014-04-05] (IvoSoft)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Endpoint Security\egui.exe [4124360 2014-09-24] (ESET)
HKLM-x32\...\Run: [Intel AppUp(SM) center] => C:\Program Files (x86)\Intel\IntelAppStore\bin\ismagent.exe [155488 2012-08-02] (Intel Corporation)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-22] (Pegatron Corporation)
HKLM-x32\...\Run: [HP Software Update] => C:\Program Files (x86)\HP\HP Software Update\HPWuSchd2.exe [49208 2010-06-09] (Hewlett-Packard)
HKLM-x32\...\Run: [] => [X]
HKLM-x32\...\Run: [TPUReg(x86)] => "C:\Program Files\TOSHIBA\Password Utility\TosPU.exe" /Retimes
HKLM-x32\...\Run: [ControlCenter4] => C:\Program Files (x86)\ControlCenter4\BrCcBoot.exe [139776 2014-05-22] (Brother Industries, Ltd.)
HKLM-x32\...\Run: [BrStsMon00] => C:\Program Files (x86)\Browny02\Brother\BrStMonW.exe [4513792 2014-05-22] (Brother Industries, Ltd.)
Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{186B7CCB-FC56-4E8C-9351-751EA47BEA5E}: [DhcpNameServer] 192.168.1.1
Tcpip\..\Interfaces\{E1EB523A-37CF-45D7-8D4D-0D1392E1E7DD}: [DhcpNameServer] 127.0.0.1

Internet Explorer:
==================
HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://feed.snapdo.com/?publisher=Tuguu&dpid=TuguuTU&co=GB&userid=0e5ffeb5-ad7f-a488-195e-ce7224290223&searchtype=ds&q={searchTerms}&installDate=12/02/2014
HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://toshiba13.msn.com
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> {32AC96BC-FB4A-4265-8A8B-45BBD595728D} URL =
BHO: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
BHO: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_64.dll [2014-04-05] (IvoSoft)
BHO-x32: ExplorerBHO Class -> {449D0D6E-2412-4E61-B68F-1CB625CD9E52} -> C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)
BHO-x32: ClassicIEBHO Class -> {EA801577-E6AD-4BD5-8F71-4BE0154331A4} -> C:\Program Files\Classic Shell\ClassicIEDLL_32.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
Toolbar: HKLM-x32 - Classic Explorer Bar - {553891B7-A0D5-4526-BE18-D3CE461D6310} - C:\Program Files\Classic Shell\ClassicExplorer32.dll [2014-04-05] (IvoSoft)

FireFox:
========
FF ProfilePath: C:\Users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eavb8yya.default [2018-08-19]
FF user.js: detected! => C:\Users\Jozef\AppData\Roaming\Mozilla\Firefox\Profiles\eavb8yya.default\user.js [2014-02-12]
FF NewTab: Mozilla\Firefox\Profiles\eavb8yya.default -> about:blank
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
FF HKLM-x32\...\Thunderbird\Extensions: [eplgTb@eset.com] - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird
FF Extension: (ESET Endpoint Security Extension) - C:\Program Files\ESET\ESET Endpoint Security\Mozilla Thunderbird [2014-12-26] [Legacy] [not signed]
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-06] (Intel Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.33.17\npGoogleUpdate3.dll [2018-05-18] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.0.8 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)
FF Plugin-x32: @videolan.org/vlc,version=2.1.3 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-02-05] (VideoLAN)

Chrome:
=======
CHR DefaultProfile: Default
CHR HomePage: Default -> hxxps://www.google.com/
CHR Profile: C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default [2018-09-08]
CHR Extension: (Docs) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2017-10-12]
CHR Extension: (Google Drive) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-25]
CHR Extension: (Adblock Plus) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cfhdojbkjhnklbpkdaibdccddilifddb [2018-08-30]
CHR Extension: (Google Search) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Download Youtube Video) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\cppndcnonoeolinaenhopmebikpcmicp [2017-09-06]
CHR Extension: (Chrome Remote Desktop) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gbchcmhmhahfdphkhkmpfmihenigjmpp [2018-07-19]
CHR Extension: (Google Docs Offline) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2018-08-17]
CHR Extension: (Chrome Web Store Payments) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2018-04-03]
CHR Extension: (Gmail) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-28]
CHR Extension: (Chrome Media Router) - C:\Users\Jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pkedcjkdefgpdelpbcmbmeomcjbeemfm [2018-08-11]
CHR HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>

==================== Services (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R3 BrYNSvc; C:\Program Files (x86)\Browny02\BrYNSvc.exe [282112 2013-09-25] (Brother Industries, Ltd.) [File not signed]
S3 EhttpSrv; C:\Program Files\ESET\ESET Endpoint Security\EHttpSrv.exe [41672 2014-09-24] (ESET)
R2 ekrn; C:\Program Files\ESET\ESET Endpoint Security\x86\ekrn.exe [1029704 2014-09-24] (ESET)
S3 ESHASRV; C:\Program Files\ESET\ESET Endpoint Security\EShaSrv.exe [190152 2014-09-24] (ESET)
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 Net Driver HPZ12; C:\Windows\System32\HPZinw12.dll [71680 2010-08-06] (Hewlett-Packard) [File not signed]
R2 Pml Driver HPZ12; C:\Windows\System32\HPZipm12.dll [89600 2010-08-06] (Hewlett-Packard) [File not signed]
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
R2 TWEService; C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe [150032 2013-08-14] ()
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ======================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 dot4; C:\WINDOWS\system32\DRIVERS\Dot4.sys [151968 2012-09-25] (Windows (R) Win 7 DDK provider)
S3 Dot4Print; C:\WINDOWS\System32\drivers\Dot4Prt.sys [27040 2012-09-25] (Windows (R) Win 7 DDK provider)
R1 eamonm; C:\WINDOWS\System32\DRIVERS\eamonm.sys [219696 2014-08-19] (ESET)
R1 ehdrv; C:\WINDOWS\system32\DRIVERS\ehdrv.sys [155896 2014-08-19] (ESET)
R2 epfw; C:\WINDOWS\system32\DRIVERS\epfw.sys [198096 2014-08-19] (ESET)
R1 EpfwLWF; C:\WINDOWS\system32\DRIVERS\EpfwLWF.sys [40512 2014-08-19] (ESET)
R0 epfwwfp; C:\WINDOWS\System32\DRIVERS\epfwwfp.sys [59064 2014-09-10] (ESET)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RTWlanE; C:\WINDOWS\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SmbDrvI; C:\WINDOWS\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
R3 Thotkey; C:\WINDOWS\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
S3 WdBoot; C:\WINDOWS\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\WINDOWS\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\WINDOWS\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 15:42 - 2018-09-08 15:44 - 000000000 ____D C:\AdwCleaner
2018-09-08 15:41 - 2018-09-08 15:41 - 007571152 _____ (Malwarebytes) C:\Users\Jozef\Downloads\adwcleaner_7.2.3.1.exe
2018-09-08 15:41 - 2018-09-08 15:41 - 007571152 _____ (Malwarebytes) C:\Users\Jozef\Desktop\adwcleaner_7.2.3.1.exe
2018-09-08 14:51 - 2018-09-08 14:52 - 000035900 _____ C:\Users\Jozef\Desktop\Addition.txt
2018-09-08 14:50 - 2018-09-08 16:03 - 000015873 _____ C:\Users\Jozef\Desktop\FRST.txt
2018-09-08 14:50 - 2018-09-08 16:03 - 000000000 ____D C:\FRST
2018-09-08 14:49 - 2018-09-08 14:49 - 002413056 _____ (Farbar) C:\Users\Jozef\Downloads\FRST64.exe
2018-09-08 14:49 - 2018-09-08 14:49 - 002413056 _____ (Farbar) C:\Users\Jozef\Desktop\FRST64.exe
2018-09-08 13:03 - 2018-09-08 13:51 - 000000000 ____D C:\Users\Jozef\AppData\LocalLow\uTorrent
2018-09-07 21:58 - 2018-09-07 21:58 - 000015105 _____ C:\Users\Jozef\Downloads\[SkT]Ex_Machina_(2015)(CZ)_=_CSFD_75%.torrent
2018-09-07 21:57 - 2018-09-07 21:57 - 000017159 _____ C:\Users\Jozef\Downloads\[SkT]Ex_Machina_(2015)(CZ)_=_CSFD_80%.torrent
2018-08-23 15:18 - 2018-09-01 15:53 - 000001333 _____ C:\Users\Public\Desktop\Skype.lnk
2018-08-23 15:18 - 2018-09-01 15:53 - 000000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2018-08-23 15:18 - 2018-08-23 15:18 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\Skype
2018-08-23 15:16 - 2018-08-23 15:17 - 062091672 _____ (Skype Technologies S.A.) C:\Users\Jozef\Downloads\Skype-8.28.0.41.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2018-09-08 16:02 - 2015-12-04 10:03 - 000000960 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job
2018-09-08 16:02 - 2013-01-29 20:45 - 000000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
2018-09-08 15:50 - 2014-09-24 18:21 - 000005392 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2018-09-08 15:50 - 2013-08-22 15:36 - 000000000 ____D C:\WINDOWS\Inf
2018-09-08 15:46 - 2016-02-02 20:50 - 000000956 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job
2018-09-08 15:46 - 2015-02-06 00:57 - 000000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job
2018-09-08 15:46 - 2013-01-29 20:45 - 000000918 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2018-09-08 15:45 - 2013-08-22 16:45 - 000000006 ____H C:\WINDOWS\Tasks\SA.DAT
2018-09-08 15:12 - 2014-12-26 19:28 - 000003926 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{87CFF17A-C4C6-479C-92F9-2CE23281E968}
2018-09-08 15:08 - 2015-07-16 09:02 - 000000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job
2018-09-08 15:07 - 2015-02-06 00:57 - 000000922 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job
2018-09-08 15:05 - 2013-01-27 19:11 - 000003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-1504080517-992152691-4045409680-1001
2018-09-08 14:35 - 2014-04-06 12:49 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\ClassicShell
2018-09-08 14:35 - 2013-08-22 15:25 - 000262144 ___SH C:\WINDOWS\system32\config\BBI
2018-09-07 22:19 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\AppReadiness
2018-09-02 22:46 - 2013-09-12 20:31 - 000000000 ____D C:\Users\Jozef\AppData\Roaming\vlc
2018-08-29 21:15 - 2014-04-04 20:19 - 000000000 ____D C:\Users\Jozef\filmy
2018-08-29 20:17 - 2017-09-06 21:32 - 000003844 _____ C:\WINDOWS\System32\Tasks\Opera scheduled Autoupdate 1504726349
2018-08-29 20:17 - 2017-09-06 21:32 - 000001032 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Prehliadač Opera.lnk
2018-08-29 20:17 - 2017-09-06 21:31 - 000000000 ____D C:\Program Files\Opera
2018-08-19 23:17 - 2013-08-22 17:36 - 000000000 ____D C:\WINDOWS\system32\NDF
2018-08-15 13:41 - 2013-03-22 21:06 - 000000000 ____D C:\Users\Jozef\AppData\Local\Nero
2018-08-10 20:34 - 2013-01-29 20:46 - 000002267 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
2018-08-10 20:34 - 2013-01-29 20:46 - 000002226 _____ C:\Users\Public\Desktop\Google Chrome.lnk

==================== Files in the root of some directories =======

2018-02-28 19:46 - 2018-02-28 19:46 - 000004096 ____H () C:\Users\Jozef\AppData\Local\keyfile3.drm

Some files in TEMP:
====================
2018-02-16 15:24 - 2015-12-01 09:22 - 000455600 ____R (Macrovision Corporation) C:\Users\Jozef\AppData\Local\Temp\_is66F3.exe

==================== Bamital & volsnap ======================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed

LastRegBack: 2018-09-08 15:05

==================== End of FRST.txt ============================

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by j. zem (08-09-2018 16:04:27)
Running from C:\Users\Jozef\Desktop
Windows 8.1 (Update) (X64) (2014-12-26 17:16:37)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-1504080517-992152691-4045409680-500 - Administrator - Disabled)
Guest (S-1-5-21-1504080517-992152691-4045409680-501 - Limited - Enabled)
j. zem (S-1-5-21-1504080517-992152691-4045409680-1001 - Administrator - Enabled) => C:\Users\Jozef

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: ESET Endpoint Security 5.0 (Enabled - Up to date) {19259FAE-8396-A113-46DB-15B0E7DFA289}
AV: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Endpoint Security 5.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: Eset Pesonálny Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}) (Version: - Microsoft)
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0015-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0016-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0018-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0019-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001A-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001B-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0405-0000-0000000FF1CE}_PROPLUS_{3C3813E1-C370-4F32-9639-8B43C7C780CD}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0407-0000-0000000FF1CE}_PROPLUS_{2AB528A5-BB1B-4EBE-8E51-AD0C4CD33CA9}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-040E-0000-0000000FF1CE}_PROPLUS_{685D17E5-D868-4A77-B58E-255DEBA78262}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-001F-041B-0000-0000000FF1CE}_PROPLUS_{F67648A4-713E-4298-BBAD-A83D8283B0F3}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-0000-1000-0000000FF1CE}_PROPLUS_{00C5525B-3CB3-467D-8100-2E6FB306CD86}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-002A-041B-1000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-0044-041B-0000-0000000FF1CE}_PROPLUS_{B1A00287-698E-48D0-8C8F-A3387C2B8C45}) (Version: - Microsoft) Hidden
2007 Microsoft Office Suite Service Pack 1 (SP1) (HKLM-x32\...\{90120000-006E-041B-0000-0000000FF1CE}_PROPLUS_{FE295FA2-72FC-4859-85B3-0E6685DB13A4}) (Version: - Microsoft) Hidden
64 Bit HP CIO Components Installer (HKLM\...\{FF21C3E6-97FD-474F-9518-8DCBE94C2854}) (Version: 7.2.8 - Hewlett-Packard) Hidden
Brother MFL-Pro Suite DCP-1610W series (HKLM-x32\...\{75E38F04-1BAF-4054-A059-57F831688943}) (Version: 1.0.2.0 - Brother Industries, Ltd.)
Classic Shell (HKLM\...\{023F92C9-AB10-4C54-BF09-C550AEC37917}) (Version: 4.0.6 - IvoSoft)
e0.c5.cd.c5.e8.c5.d2. (HKU\S-1-5-21-1504080517-992152691-4045409680-1001\...\JogoBox) (Version: 9b. - e0.c5.cd.c5.e8.c5.d2.84.c9.c5.c7.)
ESET Endpoint Security (HKLM\...\{3805E23E-B824-4B28-B3E6-FB16CFFD9098}) (Version: 5.0.2237.1 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 68.0.3440.106 - Spoločnosť Google Inc.)
Google Update Helper (HKLM-x32\...\{60EC980A-BDA2-4CB6-A427-B07A5498B4CA}) (Version: 1.3.33.17 - Google Inc.) Hidden
Google Update Helper (HKLM-x32\...\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}) (Version: 1.3.25.11 - Google Inc.) Hidden
HP Update (HKLM-x32\...\{B0069CFA-5BB9-4C03-B1C6-89CE290E5AFE}) (Version: 5.002.006.003 - Hewlett-Packard)
Intel AppUp(SM) center (HKLM-x32\...\Intel AppUp(SM) center 33268) (Version: 3.6.1.33268.15 - Intel)
Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 8.1.0.1252 - Intel Corporation)
Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.4229 - Intel Corporation)
Intel(R) Rapid Storage Technology (HKLM-x32\...\{3E29EE6C-963A-4aae-86C1-DC237C4A49FC}) (Version: 11.5.2.1001 - Intel Corporation)
Intel(R) SDK for OpenCL - CPU Only Runtime Package (HKLM-x32\...\{FCB3772C-B7D0-4933-B1A9-3707EBACC573}) (Version: 2.0.0.37149 - Intel Corporation)
Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
Microsoft Office Professional Plus 2007 (HKLM-x32\...\PROPLUS) (Version: 12.0.6215.1000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Mozilla Firefox 28.0 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 28.0 (x86 en-US)) (Version: 28.0 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 28.0 - Mozilla)
Nero 12 Essentials Toshiba (HKLM-x32\...\{BA8958DC-ADD7-41E5-8436-5883C7E871C7}) (Version: 12.0.00400 - Nero AG)
Opera Stable 55.0.2994.44 (HKLM-x32\...\Opera 55.0.2994.44) (Version: 55.0.2994.44 - Opera Software)
PeaZip 4.8.1 (HKLM-x32\...\{5A2BC38A-406C-4A5B-BF45-6991F9A05325}_is1) (Version: - Giorgio Tani)
Premium Sound HD (HKLM\...\{94F03B8E-CB73-4653-AFE9-79112C01FED2}) (Version: 1.12.4600 - SRS Labs, Inc.)
Prerequisite installer (HKLM-x32\...\{3AAB08A3-F129-4BD5-B409-AE674F93759D}) (Version: 12.0.0002 - Nero AG) Hidden
Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 8.3.730.2012 - Realtek)
Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6687 - Realtek Semiconductor Corp.)
Realtek USB 2.0 Card Reader (HKLM-x32\...\{96AE7E41-E34E-47D0-AC07-1091A8127911}) (Version: 6.1.8400.30136 - Realtek Semiconductor Corp.)
Realtek WLAN Driver (HKLM-x32\...\{9D3D8C60-A55F-4fed-B2B9-173001290E16}) (Version: 2.00.0020 - REALTEK Semiconductor Corp.)
Shared C Run-time for x64 (HKLM\...\{EF79C448-6946-4D71-8134-03407888C054}) (Version: 10.0.0 - McAfee)
Skype verzia 8.29 (HKLM-x32\...\Skype_is1) (Version: 8.29 - Skype Technologies S.A.)
Synaptics Pointing Device Driver (HKLM\...\SynTPDeinstKey) (Version: 17.0.8.21 - Synaptics Incorporated)
TOSHIBA Desktop Assist (HKLM\...\{95CCACF0-010D-45F0-82BF-858643D8BC02}) (Version: 1.00.0007.00002 - Toshiba Corporation)
TOSHIBA eco Utility (HKLM\...\{5944B9D4-3C2A-48DE-931E-26B31714A2F7}) (Version: 2.0.0.6415 - Toshiba Corporation)
TOSHIBA Function Key (HKLM\...\{16562A90-71BC-41A0-B890-D91B0C267120}) (Version: 1.00.6425 - Toshiba Corporation)
TOSHIBA Manuals (HKLM-x32\...\{90FF4432-21B7-4AF6-BA6E-FB8C1FED9173}) (Version: 10.10 - TOSHIBA)
Toshiba Password Utility (HKLM-x32\...\InstallShield_{6D35FF17-A8B3-43D3-917E-5A1F2C3FB628}) (Version: 2.00.910 - Toshiba Corporation)
TOSHIBA PC Health Monitor (HKLM\...\{9DECD0F9-D3E8-48B0-A390-1CF09F54E3A4}) (Version: 1.8.17.640104 - Toshiba Corporation)
Toshiba Places Icon Utility (HKLM\...\{C991A8C4-307C-4FDD-8AAE-A1BF44881E95}) (Version: 2.1.1 - TOSHIBA)
TOSHIBA Recovery Media Creator (HKLM-x32\...\{B65BBB06-1F8E-48F5-8A54-B024A9E15FDF}) (Version: 2.2.0.54043005 - Toshiba Corporation)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TOSHIBA Service Station (HKLM\...\{B8C8422F-01F1-4791-B084-047AAFF9BFCC}) (Version: 2.4.4 - TOSHIBA)
TOSHIBA System Driver (HKLM-x32\...\{1E6A96A1-2BAB-43EF-8087-30437593C66C}) (Version: 1.00.0012 - Toshiba Corporation)
TOSHIBA System Settings (HKLM-x32\...\{05A55927-DB9B-4E26-BA44-828EBFF829F0}) (Version: 1.00.0002.32002 - Toshiba Corporation)
Toshiba TEMPRO (HKLM-x32\...\{F76F5214-83A8-4030-80C9-1EF57391D72A}) (Version: 4.2.1 - Toshiba Europe GmbH)
TOSHIBA VIDEO PLAYER (HKLM\...\{FF07604E-C860-40E9-A230-E37FA41F103A}) (Version: 5.1.0.12-A - Toshiba Corporation)
VLC media player 2.1.3 (HKLM-x32\...\VLC media player) (Version: 2.1.3 - VideoLAN)
Welcome App (Start-up experience) (HKLM-x32\...\{828175FA-7307-4DBF-95AD-9CEE086B6F45}) (Version: 12.0.13000 - Nero AG) Hidden

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

CustomCLSID: HKU\S-1-5-21-1504080517-992152691-4045409680-1001_Classes\CLSID\{00000001-0E3A-4123-8B32-4B68A91E104A}\InprocServer32 -> C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIBasePlace.dll (Toshiba Corporation)
ShellIconOverlayIdentifiers: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ShellIconOverlayIdentifiers-x32: [ShareOverlay] -> {594D4122-1F87-41E2-96C7-825FB4796516} => C:\Program Files\Classic Shell\ClassicExplorer64.dll [2014-04-05] (IvoSoft)
ContextMenuHandlers1: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2014-09-24] (ESET)
ContextMenuHandlers2: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2014-09-24] (ESET)
ContextMenuHandlers5: [igfxcui] -> {3AB1675A-CCFF-11D2-8B20-00A0C93CB1F4} => C:\WINDOWS\system32\igfxpph.dll [2015-06-01] (Intel Corporation)
ContextMenuHandlers6: [ESET Smart Security - Context Menu Shell Extension] -> {B089FE88-FB52-11D3-BDF1-0050DA34150D} => C:\Program Files\ESET\ESET Endpoint Security\shellExt.dll [2014-09-24] (ESET)
ContextMenuHandlers6: [StartMenuExt] -> {E595F05F-903F-4318-8B0A-7F633B520D2B} => C:\WINDOWS\System32\StartMenuHelper64.dll [2014-04-05] (IvoSoft)

==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {04488F7F-1376-4863-A8FF-02694AE978EB} - System32\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {09C1C373-B7EA-4E7B-B0AF-66FB138B461C} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0FC11970-FF7F-4779-B33F-C248D23C59F8} - System32\Tasks\{2F190A75-09C7-47C8-9096-DB18A0A97953} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe"
Task: {191562A5-99FC-4239-8EB5-47D730B31E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfigAndContent
Task: {191562A5-99FC-4239-8EB5-47D730B31E9B} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfigandcontent => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-09-24] (Microsoft Corporation)
Task: {264732BC-1E4F-4967-9D8E-5245F5A215C0} - System32\Tasks\Opera scheduled Autoupdate 1504726349 => C:\Program Files\Opera\launcher.exe [2018-08-23] (Opera Software)
Task: {26C895A2-626C-4FF1-8A37-022CD39C84C2} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {2BEAB7EA-59C6-4B64-9545-98FBFDC72CFF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {35D1D696-9BDE-49FA-B13E-84F69069BFB4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {3F8C5A29-25F3-4BEB-9339-5DEBA12DB012} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4201865A-B8C3-4F4E-9D26-0AA63D2C6493} - System32\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {479EC6D7-B0CF-4929-9F84-7991BDB925C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5593516F-344D-4166-A00C-DFC12287F84D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5D0A8CF9-9A20-48DC-8E51-C53FCF621175} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {60A27CE0-E30A-4661-A142-AB156ABD5F75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {60A27CE0-E30A-4661-A142-AB156ABD5F75} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => Command(2): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-09-24] (Microsoft Corporation)
Task: {7BCB7486-9991-495F-B04A-FDC98939BF8A} - System32\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B6A9639-F40C-4402-A6B2-3F8FD7B9499C} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {93F8A72B-1BA3-4A18-B220-F49EF2A4030B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {9EC4891A-DBCB-4F85-A3E6-F4CE314D51A2} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {C0C2FCCA-F046-4E76-BFED-D2C2DD600D61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {D3FBCBBC-774F-4AF9-913E-F8B0D2343D91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(1): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshConfig
Task: {D3FBCBBC-774F-4AF9-913E-F8B0D2343D91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(2): %windir%\system32\GWX\GWXConfigManager.exe -> /RefreshContent
Task: {D3FBCBBC-774F-4AF9-913E-F8B0D2343D91} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\refreshgwxconfig-B => Command(3): C:\WINDOWS\system32\GWX\GWXDetector.exe [2015-09-24] (Microsoft Corporation)
Task: {EF5F0706-7A17-4D47-BCC5-3E0A1B1124BC} - System32\Tasks\CreateChoiceProcessTask => C:\Windows\BrowserChoice\browserchoice.exe
Task: {F436E4DA-4F17-465E-B8BD-DCDA7053FB2A} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Synaptics TouchPad Enhancements.job => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe

==================== Shortcuts & WMI ========================

(The entries could be listed to be restored or removed.)


==================== Loaded Modules (Whitelisted) ==============

2011-10-13 16:38 - 2011-10-13 16:38 - 000156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2018-02-16 15:28 - 2015-12-01 09:22 - 000143360 ____R () C:\WINDOWS\system32\BrSNMP64.dll
2013-08-14 12:26 - 2013-08-14 12:26 - 000150032 _____ () C:\Users\Jozef\AppData\Local\JogoBox\JogoBoxService.exe
2012-07-18 20:38 - 2012-07-18 20:38 - 000020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-18 20:38 - 2012-07-18 20:38 - 000049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-13 21:13 - 2012-08-13 21:13 - 000018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2014-01-30 01:02 - 2015-06-01 22:00 - 000102912 _____ () C:\Windows\System32\IccLibDll_x64.dll
2012-07-31 09:11 - 2012-07-31 09:11 - 000024576 _____ () C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\sk\TosDILangPack.resources.dll
2018-08-10 20:33 - 2018-08-08 02:41 - 004855640 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libglesv2.dll
2018-08-10 20:33 - 2018-08-08 02:41 - 000115544 _____ () C:\Program Files (x86)\Google\Chrome\Application\68.0.3440.106\libegl.dll
2018-02-16 15:27 - 2009-02-27 17:38 - 000139264 ____R () C:\Program Files (x86)\Brother\BrUtilities\BrLogAPI.dll
2012-12-04 10:54 - 2012-06-25 12:41 - 001198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)

AlternateDataStreams: C:\ProgramData\TEMP:373E1720 [118]

==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)


==================== Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 15:25 - 2013-08-22 15:25 - 000000824 _____ C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-1504080517-992152691-4045409680-1001\Control Panel\Desktop\\Wallpaper -> C:\Windows\Web\Wallpaper\Toshiba\Standard.jpg
DNS Servers: 192.168.1.1
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer => (SmartScreenEnabled: RequireAdmin)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==


==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [{6958003B-1C74-4DA1-AC9D-06768AE25053}] => (Allow) C:\Users\Jozef\Downloads\utorrent.exe
FirewallRules: [{1E825D60-BE6E-4EB6-9269-714EEF243389}] => (Allow) C:\Users\Jozef\Downloads\utorrent.exe
FirewallRules: [{E8A99C86-A487-4B05-8374-545E4B112B98}] => (Allow) C:\Program Files (x86)\HP\hp software update\hpwucli.exe
FirewallRules: [{4B6A95B0-6BDC-4A6A-9B78-6AE128C2D8B3}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{D7CF0487-C23A-4C15-A501-0DEAAF6352EC}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{2A1F6FCF-34EC-4038-8EC7-21209DCDFAFE}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgh.exe
FirewallRules: [{2494D4AC-0C14-4862-B238-2C4B2D7B7571}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqusgm.exe
FirewallRules: [{A7EFE70C-D9A2-4CDB-A5DC-0F505AAEFC40}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgpc01.exe
FirewallRules: [{B9916959-043D-4E8B-AF45-BCBCF5C91858}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqgplgtupl.exe
FirewallRules: [{3BDDC344-5A34-4B20-AE40-93BEB8F7C1D0}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqfxt08.exe
FirewallRules: [{A05F6900-B23C-43B0-9472-DDF3AB6D42FF}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxs08.exe
FirewallRules: [{4D2D9BA2-F337-48CD-BC13-1AFC6C2F24FD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpiscnapp.exe
FirewallRules: [{1FA8B4F9-3DEC-45C1-927B-5A34BEC5147B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqnrs08.exe
FirewallRules: [{10461894-B0F5-4571-AB2E-8697F2BC438B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpoews01.exe
FirewallRules: [{88AD4C9F-920D-4FDC-A6E2-F7E8D15FA463}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpzwiz01.exe
FirewallRules: [{DB7018F4-61CD-4E46-B221-C2543F0AD4CD}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpfccopy.exe
FirewallRules: [{09FB595A-DE9C-45D7-8B08-FD34BFFDFCF8}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcopy2.exe
FirewallRules: [{431C988D-9800-4EA1-BDDB-6299013848B7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqkygrp.exe
FirewallRules: [{C6316C68-A2E6-4564-91AE-510B9063482B}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposid01.exe
FirewallRules: [{B7A4584E-02E3-4549-9842-54F32EC77CC7}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hposfx08.exe
FirewallRules: [{8EE34247-9822-4DE9-9A13-F8ED5945E313}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpofxm08.exe
FirewallRules: [{933A0454-0D90-43DB-B2AD-17E8270D1882}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqste08.exe
FirewallRules: [{4D22C86A-8579-4115-8E75-E6EB8BA1971E}] => (Allow) C:\Program Files (x86)\HP\Digital Imaging\bin\hpqtra08.exe
FirewallRules: [{0602DFE7-5BFE-449B-B1A9-E68EF1A9E3BF}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{B3EC20E8-F76E-499E-93AA-5BEB96A62189}] => (Allow) C:\Program Files\Common Files\mcafee\mcsvchost\McSvHost.exe
FirewallRules: [{A5B2011B-CBE4-4FB2-91C0-E061462B5943}] => (Allow) LPort=54925
FirewallRules: [{C7BD50E3-883F-474D-93BC-ECEECD67CC9A}] => (Allow) C:\Program Files\Opera\54.0.2952.64\opera.exe
FirewallRules: [{6A6CE677-42C7-4CDC-B25E-8D0ABDE6A82D}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
FirewallRules: [{3B569C90-0500-430B-89CE-237D3CC0D67A}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{02C02DE8-676F-4DDA-9B58-FBA3B0ED0CE5}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{ED740BF4-2320-49FC-97B0-2215707B2B92}] => (Allow) C:\Program Files\Opera\55.0.2994.44\opera.exe
FirewallRules: [{BCE23325-C721-4ECC-B0F8-3C4E7C9F7DB8}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe
FirewallRules: [{F593D977-CB82-4474-926F-8C973F923154}] => (Allow) C:\Program Files (x86)\Microsoft\Skype for Desktop\Skype.exe

==================== Restore Points =========================

19-08-2018 13:22:23 Scheduled Checkpoint
31-08-2018 13:04:14 Scheduled Checkpoint

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (09/08/2018 03:50:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 03:50:13 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/08/2018 02:40:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 02:40:45 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/08/2018 01:04:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 01:04:48 PM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.

Error: (09/08/2018 09:05:23 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3006) (User: NT AUTHORITY)
Description: Unable to read the performance counter strings defined for the 01b language ID. The first DWORD in the Data section contains the Win32 error code.

Error: (09/08/2018 09:05:23 AM) (Source: Microsoft-Windows-LoadPerf) (EventID: 3012) (User: NT AUTHORITY)
Description: The performance strings in the Performance registry value is corrupted when process Performance extension counter provider. The BaseIndex value from the Performance registry is the first DWORD in the Data section, LastCounter value is the second DWORD in the Data section, and LastHelp value is the third DWORD in the Data section.


System errors:
=============
Error: (09/08/2018 03:44:40 PM) (Source: DCOM) (EventID: 10010) (User: JZember)
Description: The server {9BA05972-F6A8-11CF-A442-00A0C90A8F39} did not register with DCOM within the required timeout.

Error: (09/08/2018 03:44:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Nero Update sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2018 03:44:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) ME Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2018 03:44:31 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TPCH Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2018 03:44:31 PM) (Source: Service Control Manager) (EventID: 7031) (User: )
Description: Služba Služba sieťového zdieľania pre prehrávač Windows Media Player sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1 krát. O 30000 ms bude vykonaná nasledujúca opravná akcia: Reštartovať službu.

Error: (09/08/2018 03:44:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba BrYNSvc sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2018 03:44:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba Intel(R) Management and Security Application User Notification Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.

Error: (09/08/2018 03:44:30 PM) (Source: Service Control Manager) (EventID: 7034) (User: )
Description: Služba TOSHIBA eco Utility Service sa neočakávane ukončila. Služba sa týmto spôsobom ukončila už 1-krát.


Windows Defender:
===================================
Date: 2014-12-25 13:38:28.981
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {06685C37-9441-43C7-803A-8914B8E08E2A}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-24 14:28:09.968
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {7053D689-B484-42D9-BC1E-F6BE15B1FA40}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 22:29:34.832
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {FFFCFE8D-684C-43AA-A893-16EAAEFA62E5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 22:19:28.534
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {02E9A2E2-B7FE-4532-BE02-5D049E39BEEB}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-22 14:52:55.650
Description:
Windows Defender scan has been stopped before completion.
Scan ID: {8DDA8009-5DA2-4AAF-A9FF-F46A036567B5}
Scan Type: Antimalware
Scan Parameters: Quick Scan

Date: 2014-12-26 18:55:54.125
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: Antimalware protection has stopped functioning for an unknown reason. In some instances, restarting the service may resolve the problem.

Date: 2014-12-26 18:11:53.264
Description:
Windows Defender Real-Time Protection feature has encountered an error and failed.
Feature: Network Inspection System
Error Code: 0x80070002
Error description: The system cannot find the file specified.
Reason: The system is missing updates that are required for running Network Inspection System. Install the required updates and restart the computer.

Date: 2014-12-13 19:34:54.240
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.189.1807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11202.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2014-12-13 19:34:54.239
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.189.1807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11202.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

Date: 2014-12-13 19:34:54.239
Description:
Windows Defender has encountered an error trying to update signatures.
New Signature Version:
Previous Signature Version: 1.189.1807.0
Update Source: Microsoft Update Server
Signature Type: AntiVirus
Update Type: Full
Current Engine Version:
Previous Engine Version: 1.1.11202.0
Error code: 0x80240016
Error description: An unexpected problem occurred while checking for updates. For information on installing or troubleshooting updates, see Help and Support.

==================== Memory info ===========================

Processor: Intel(R) Celeron(R) CPU B830 @ 1.80GHz
Percentage of memory in use: 48%
Total physical RAM: 3977.22 MB
Available physical RAM: 2050.49 MB
Total Virtual: 4873.22 MB
Available Virtual: 2901.14 MB

==================== Drives ================================

Drive c: (TI30992200A) (Fixed) (Total:455.08 GB) (Free:364.52 GB) NTFS

\\?\Volume{0b384756-0187-11e2-8f1c-da3354a2d5c4}\ (System) (Fixed) (Total:0.44 GB) (Free:0.12 GB) NTFS
\\?\Volume{dac7cb98-0c94-4431-8fcc-9cfe0403e12b}\ () (Fixed) (Total:0.44 GB) (Free:0.08 GB) NTFS
\\?\Volume{8fb81932-3306-4a24-be15-78883272136d}\ (Recovery) (Fixed) (Total:9.42 GB) (Free:0.65 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Protective MBR) (Size: 465.8 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> {32AC96BC-FB4A-4265-8A8B-45BBD595728D} URL =
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job
C:\Users\Jozef\AppData\Local\Temp
Task: {04488F7F-1376-4863-A8FF-02694AE978EB} - System32\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {09C1C373-B7EA-4E7B-B0AF-66FB138B461C} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0FC11970-FF7F-4779-B33F-C248D23C59F8} - System32\Tasks\{2F190A75-09C7-47C8-9096-DB18A0A97953} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe"
Task: {2BEAB7EA-59C6-4B64-9545-98FBFDC72CFF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3F8C5A29-25F3-4BEB-9339-5DEBA12DB012} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4201865A-B8C3-4F4E-9D26-0AA63D2C6493} - System32\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {479EC6D7-B0CF-4929-9F84-7991BDB925C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5593516F-344D-4166-A00C-DFC12287F84D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5D0A8CF9-9A20-48DC-8E51-C53FCF621175} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7BCB7486-9991-495F-B04A-FDC98939BF8A} - System32\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B6A9639-F40C-4402-A6B2-3F8FD7B9499C} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {93F8A72B-1BA3-4A18-B220-F49EF2A4030B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C0C2FCCA-F046-4E76-BFED-D2C2DD600D61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F436E4DA-4F17-465E-B8BD-DCDA7053FB2A} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Jan21]

Fix result of Farbar Recovery Scan Tool (x64) Version: 01.09.2018 03
Ran by j. zem (08-09-2018 17:38:17) Run:1
Running from C:\Users\Jozef\Desktop
Loaded Profiles: j. zem (Available Profiles: j. zem)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start

CloseProcesses:
HKLM-x32\...\Run: [] => [X]
SearchScopes: HKLM-x32 -> DefaultScope {006ee092-9658-4fd6-bd8e-a21a348e59f5} URL =
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> DefaultScope {014DB5FA-EAFB-4592-A95B-F44D3EE87FA9} URL =
SearchScopes: HKU\S-1-5-21-1504080517-992152691-4045409680-1001 -> {32AC96BC-FB4A-4265-8A8B-45BBD595728D} URL =
FF HKLM-x32\...\Thunderbird\Extensions: [msktbird@mcafee.com] - C:\Program Files\McAfee\MSK => not found
CHR HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>
CHR HKLM-x32\...\Chrome\Extension: [agembgempdmebanhogdjbpcmppdmklbe] - C:\Users\Jozef\AppData\Local\CRE\agembgempdmebanhogdjbpcmppdmklbe.crx <not found>
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job
C:\Users\Jozef\AppData\Local\Temp
Task: {04488F7F-1376-4863-A8FF-02694AE978EB} - System32\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {09C1C373-B7EA-4E7B-B0AF-66FB138B461C} - System32\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {0FC11970-FF7F-4779-B33F-C248D23C59F8} - System32\Tasks\{2F190A75-09C7-47C8-9096-DB18A0A97953} => C:\windows\system32\pcalua.exe -a "C:\Program Files (x86)\TOSHIBA Games\Uninstall.exe"
Task: {2BEAB7EA-59C6-4B64-9545-98FBFDC72CFF} - System32\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {3F8C5A29-25F3-4BEB-9339-5DEBA12DB012} - System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {4201865A-B8C3-4F4E-9D26-0AA63D2C6493} - System32\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {479EC6D7-B0CF-4929-9F84-7991BDB925C4} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5593516F-344D-4166-A00C-DFC12287F84D} - System32\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {5D0A8CF9-9A20-48DC-8E51-C53FCF621175} - System32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {7BCB7486-9991-495F-B04A-FDC98939BF8A} - System32\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {8B6A9639-F40C-4402-A6B2-3F8FD7B9499C} - System32\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {93F8A72B-1BA3-4A18-B220-F49EF2A4030B} - System32\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {C0C2FCCA-F046-4E76-BFED-D2C2DD600D61} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {F436E4DA-4F17-465E-B8BD-DCDA7053FB2A} - System32\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201 => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

EmptyTemp:
End
*****************

Processes closed successfully.
"HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\" => removed successfully
HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value restored successfully
"HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope" => removed successfully
"HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{32AC96BC-FB4A-4265-8A8B-45BBD595728D}" => removed successfully
HKLM\Software\Classes\CLSID\{32AC96BC-FB4A-4265-8A8B-45BBD595728D} => not found
"HKLM\Software\Wow6432Node\Mozilla\Thunderbird\Extensions\\msktbird@mcafee.com" => removed successfully
"HKU\S-1-5-21-1504080517-992152691-4045409680-1001\SOFTWARE\Google\Chrome\Extensions\agembgempdmebanhogdjbpcmppdmklbe" => removed successfully
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\agembgempdmebanhogdjbpcmppdmklbe" => removed successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job => moved successfully

"C:\Users\Jozef\AppData\Local\Temp" folder move:

Could not move "C:\Users\Jozef\AppData\Local\Temp" => Scheduled to move on reboot.

"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{04488F7F-1376-4863-A8FF-02694AE978EB}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{04488F7F-1376-4863-A8FF-02694AE978EB}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d04197164c82ae" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{09C1C373-B7EA-4E7B-B0AF-66FB138B461C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{09C1C373-B7EA-4E7B-B0AF-66FB138B461C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d0ef185952d433" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{0FC11970-FF7F-4779-B33F-C248D23C59F8}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{0FC11970-FF7F-4779-B33F-C248D23C59F8}" => removed successfully
C:\WINDOWS\System32\Tasks\{2F190A75-09C7-47C8-9096-DB18A0A97953} => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\{2F190A75-09C7-47C8-9096-DB18A0A97953}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{2BEAB7EA-59C6-4B64-9545-98FBFDC72CFF}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{2BEAB7EA-59C6-4B64-9545-98FBFDC72CFF}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d0bf9569bd7469" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{3F8C5A29-25F3-4BEB-9339-5DEBA12DB012}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{3F8C5A29-25F3-4BEB-9339-5DEBA12DB012}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d1ab9dc3931892 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d1ab9dc3931892" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{4201865A-B8C3-4F4E-9D26-0AA63D2C6493}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{4201865A-B8C3-4F4E-9D26-0AA63D2C6493}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d08faecc0249f9" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{479EC6D7-B0CF-4929-9F84-7991BDB925C4}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{479EC6D7-B0CF-4929-9F84-7991BDB925C4}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{5593516F-344D-4166-A00C-DFC12287F84D}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5593516F-344D-4166-A00C-DFC12287F84D}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0bf956c822437" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{5D0A8CF9-9A20-48DC-8E51-C53FCF621175}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5D0A8CF9-9A20-48DC-8E51-C53FCF621175}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d1e9575ec3ace5 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d1e9575ec3ace5" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{7BCB7486-9991-495F-B04A-FDC98939BF8A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{7BCB7486-9991-495F-B04A-FDC98939BF8A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d04197155bb1f8" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Logon\{8B6A9639-F40C-4402-A6B2-3F8FD7B9499C}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{8B6A9639-F40C-4402-A6B2-3F8FD7B9499C}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineCore1d15dea8e6064e5" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93F8A72B-1BA3-4A18-B220-F49EF2A4030B}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93F8A72B-1BA3-4A18-B220-F49EF2A4030B}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d12e6a44e27653" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{C0C2FCCA-F046-4E76-BFED-D2C2DD600D61}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{C0C2FCCA-F046-4E76-BFED-D2C2DD600D61}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{F436E4DA-4F17-465E-B8BD-DCDA7053FB2A}" => removed successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{F436E4DA-4F17-465E-B8BD-DCDA7053FB2A}" => removed successfully
C:\WINDOWS\System32\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201 => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\GoogleUpdateTaskMachineUA1d0e1bbca2fb201" => removed successfully
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job" => not found
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d04197155bb1f8.job" => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d08faecc0249f9.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0bf9569bd7469.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d0ef185952d433.job => moved successfully
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore1d15dea8e6064e5.job" => not found
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job" => not found
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d04197164c82ae.job" => not found
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0bf956c822437.job" => not found
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d0e1bbca2fb201.job => moved successfully
"C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA1d12e6a44e27653.job" => not found

=========== EmptyTemp: ==========

BITS transfer queue => 8388608 B
DOMStore, IE Recovery, AppCache, Feeds Cache, Thumbcache, IconCache => 84377390 B
Java, Flash, Steam htmlcache => 722 B
Windows/system/drivers => 1061749916 B
Edge => 0 B
Chrome => 961874007 B
Firefox => 20720970 B
Opera => 505564871 B

Temp, IE cache, history, cookies, recent:
Default => 0 B
Users => 0 B
ProgramData => 0 B
Public => 0 B
systemprofile => 128 B
systemprofile32 => 0 B
LocalService => 63644 B
NetworkService => 968 B
Jozef => 694831845 B

RecycleBin => 12099426859 B
EmptyTemp: => 14.4 GB temporary data Removed.

================================

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 08-09-2018 17:44:27)

C:\Users\Jozef\AppData\Local\Temp => moved successfully

==== End of Fixlog 17:44:28 ====

[Rudy]

Smazáno. Nastala nějaká změna?

[Jan21]

Vypadá to dobre. Dekujeme za pomoc.

[Rudy]

To jsem rád a nemáte zač!