VIRY.CZ

Zdravím, mám problém s tím, že počítač je v poslední době hodně zpomalený a všechno se mi něm seká, zapíná se hrozně dlouho a často se přehřívá.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Toshiba doma (administrator) on TOSHIBADOMA (12-01-2016 00:44:01)
Running from C:\Users\Toshiba doma\Downloads
Loaded Profiles: Toshiba doma (Available Profiles: Toshiba doma)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe
(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
() C:\Windows\System32\LF2GRPOW.EXE
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\Monitor.exe
() C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\ggdllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(IObit) C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(IObit) C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallMonitor.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Facebook Inc.) C:\Users\Toshiba doma\AppData\Local\Facebook\Update\FacebookUpdate.exe
(Microsoft Corporation) C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
(Valve Corporation) C:\Program Files (x86)\Steam\Steam.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(Valve Corporation) C:\Program Files (x86)\Common Files\Steam\SteamService.exe
(Valve Corporation) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Microsoft Corporation) C:\Windows\System32\Taskmgr.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-23] (Pegatron Corporation)
HKLM-x32\...\Run: [MFFSum_Pro_LL2] => C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe [24576 2010-02-11] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-11-13] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-11-13] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-07] (AVAST Software)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-01] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [uTorrent] => C:\Users\Toshiba doma\AppData\Roaming\uTorrent\uTorrent.exe [1441104 2015-05-10] (BitTorrent Inc.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Advanced SystemCare 8] => C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCTray.exe [2429728 2015-04-08] (IObit)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\MountPoints2: {c6694455-09a4-11e3-bf18-20689d3bddfb} - "E:\autorun.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-19] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PASPortal.lnk [2014-12-10]
ShortcutTarget: PASPortal.lnk -> C:\Windows\Installer\{69CD58CD-D8EC-4DB4-981B-1C256F105C7B}\NewShortcut1.exe (Acresso Software Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\..\Interfaces\{0A724FA6-6CA4-4F50-A8D5-3427A2C17775}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{81635586-F771-47FA-A278-F135D011D4BE}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.mystartsearch.com/?type=hp&ts=14199 ... X42EUCE9MT
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://search.gboxapp.com/
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM -> DefaultScope {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {10DF5BC0-4C6A-47AD-8249-FF75037D958A} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {1EF82BF4-65C0-443F-BC81-F3ED11B69EF5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {33BB0A4E-99AF-4226-BDF6-49120163DE86} URL = hxxp://www.mystartsearch.com/web/?type=ds&ts=1 ... earchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {3CDEBA9A-5D18-4AE8-85EF-47B8893120CE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {4EEB8B30-60D4-4E71-84E1-AAAF9626E5A1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {6AD36DC6-FD9B-4F23-8124-A5124DE9FD18} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {A37FD5B5-569D-4D93-8B71-DA806DD424C2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {CE77FE01-00D9-41DD-B812-6F5CC0AC5116} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {D7145CAA-4EE4-404D-B88F-020068853759} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {FD55010D-16A8-46E7-8E4C-9B0A3E4FCDA3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: ExplorerWnd Helper -> {10921475-03CE-4E04-90CE-E2E7EF20C814} -> C:\Program Files (x86)\IObit\IObit Uninstaller\UninstallExplorer64.dll [2015-11-11] (IObit)
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-19] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-19] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Advanced SystemCare Surfing Protection -> {BA0C978D-D909-49B6-AFE2-8BDE245DC7E6} -> C:\Program Files (x86)\IObit\Surfing Protection\BrowerProtect\ASCPlugin_Protection.dll [2015-04-01] (IObit)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-19] (Oracle Corporation)
Handler: livecall - No CLSID Value
Handler: msnim - No CLSID Value
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315
FF NewTab:
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Homepage: hxxp://search.gboxapp.com/
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41105.0\npctrl.dll [2015-11-04] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2015-04-21] (Nexon)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2014-07-07] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Toshiba doma\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Toshiba doma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Toshiba doma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Toshiba doma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF user.js: detected! => C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\user.js [2015-11-11]
FF SearchPlugin: C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\searchplugins\seznam-avast.xml [2014-12-31]
FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\ascsurfingprotection@iobit.com [not found]
FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\iobitascsurfingprotection@iobit.com [not found]
FF Extension: ShooPDrop - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\2@GX.net [2015-02-08] [not signed]
FF Extension: QuickSearch - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\searchffv2@gmail.com [2015-06-28] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome:
=======
CHR HomePage: Default -> hxxp://www.search.ask.com/?gct=hp
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Profile: C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Dokumenty Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Disk Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Shortcut Manager) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf [2015-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [aaaaaiabcopkplhgaedhbloeejhhankf] - hxxps://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

Opera:
=======
OPR Extension: (No Name) - C:\Users\Toshiba doma\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkefdgdkflglnokhamcliipleglggfde [2015-08-18]
OPR Extension: (No Name) - C:\Users\Toshiba doma\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-08-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 AdvancedSystemCareService8; C:\Program Files (x86)\IObit\Advanced SystemCare 8\ASCService.exe [814880 2015-04-03] (IObit)
R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-19] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-19] (Avast Software)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2015-10-12] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-09-01] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-09-01] (Ellora Assets Corp.) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-09-27] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software)
S2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-19] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-08-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-19] (AVAST Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-19] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 XMLDIUSB; C:\Windows\System32\Drivers\XMLDIUSB.sys [55808 2010-01-29] (OEM)
S3 cpuz137; \??\C:\Users\TOSHIB~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 00:44 - 2016-01-12 00:45 - 00033944 _____ C:\Users\Toshiba doma\Downloads\FRST.txt
2016-01-12 00:42 - 2016-01-12 00:44 - 00000000 ____D C:\FRST
2016-01-12 00:41 - 2016-01-12 00:41 - 00112640 _____ (forum.viry.cz) C:\Users\Toshiba doma\Downloads\Nepotvrzeno 594098.crdownload
2016-01-12 00:41 - 2016-01-12 00:41 - 00112640 _____ (forum.viry.cz) C:\Users\Toshiba doma\Downloads\Nepotvrzeno 174791.crdownload
2016-01-12 00:41 - 2016-01-12 00:41 - 00112640 _____ (forum.viry.cz) C:\Users\Toshiba doma\Downloads\Nepotvrzeno 1399.crdownload
2016-01-12 00:39 - 2016-01-12 00:40 - 02370560 _____ (Farbar) C:\Users\Toshiba doma\Downloads\FRST64.exe
2016-01-11 20:16 - 2016-01-11 20:16 - 04777027 _____ C:\Users\Toshiba doma\Downloads\Průmysl.pptx
2016-01-11 17:18 - 2016-01-11 17:18 - 00003670 _____ C:\WINDOWS\System32\Tasks\gg_uac_daemon_Toshiba doma
2016-01-10 16:04 - 2016-01-10 16:04 - 00000000 ____H C:\asc_rdflag
2016-01-01 19:06 - 2016-01-11 00:14 - 01393203 _____ C:\Users\Toshiba doma\Desktop\Průmysl.pptx
2015-12-30 13:07 - 2015-12-26 09:48 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2015-12-30 13:07 - 2015-12-26 09:48 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2015-12-15 21:02 - 2015-12-15 21:02 - 00002008 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-12-15 00:29 - 2015-12-15 00:29 - 00002549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-12-15 00:29 - 2015-12-15 00:29 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Apple Computer
2015-12-15 00:28 - 2015-12-15 00:29 - 00000000 ____D C:\Program Files (x86)\Safari
2015-12-15 00:28 - 2015-12-15 00:28 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-15 00:28 - 2015-12-15 00:28 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Apple
2015-12-15 00:28 - 2015-12-15 00:28 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-15 00:28 - 2015-12-15 00:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-15 00:27 - 2015-12-15 00:28 - 00000000 ____D C:\ProgramData\Apple
2015-12-15 00:26 - 2015-12-15 00:27 - 38494576 _____ (Apple Inc.) C:\Users\Toshiba doma\Downloads\SafariSetup.exe
2015-12-13 23:47 - 2015-12-13 23:51 - 59947288 _____ C:\Users\Toshiba doma\Downloads\Re-volt-for-win-7-x64.rar

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-12 00:45 - 2013-11-23 17:20 - 00000000 ____D C:\Users\Toshiba doma\AppData\Roaming\TS3Client
2016-01-12 00:43 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-12 00:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-12 00:32 - 2012-11-30 01:45 - 00003598 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4080011800-3767857022-2656497172-1001
2016-01-12 00:21 - 2012-12-27 14:22 - 00000000 ____D C:\Users\Toshiba doma\AppData\Roaming\Skype
2016-01-12 00:07 - 2014-11-25 21:07 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-11 23:26 - 2014-12-30 13:17 - 00004010 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F9246BDA-08FE-4222-84E4-0A387C673B8E}
2016-01-11 23:11 - 2015-09-16 22:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-11 21:18 - 2015-03-24 21:07 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-11 21:07 - 2015-12-04 21:02 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-11 19:12 - 2014-11-30 14:14 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\CrashDumps
2016-01-11 19:01 - 2012-11-30 01:38 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Packages
2016-01-11 17:36 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-11 17:20 - 2014-03-18 16:33 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-11 17:20 - 2014-03-18 15:54 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-11 17:20 - 2014-03-18 15:54 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-11 17:20 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-11 17:17 - 2013-01-10 20:19 - 03407360 ___SH C:\Users\Toshiba doma\Desktop\Thumbs.db
2016-01-10 16:07 - 2014-09-09 03:29 - 00000000 __RDO C:\Users\Toshiba doma\OneDrive
2016-01-10 16:05 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-10 16:04 - 2015-06-18 16:10 - 122003456 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 122003456 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag
2016-01-10 16:04 - 2015-06-18 16:10 - 06696960 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 06696960 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SAM.iodefrag
2016-01-10 16:03 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-10 16:02 - 2015-11-11 00:47 - 00000280 _____ C:\WINDOWS\Tasks\ASC8_SkipUac_Toshiba doma.job
2016-01-10 16:00 - 2013-02-23 15:45 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\LogMeIn Hamachi
2016-01-10 12:21 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-08 20:27 - 2015-05-23 21:03 - 00000000 ____D C:\ProgramData\ProductData
2016-01-02 14:33 - 2015-03-26 23:55 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Steam
2016-01-01 12:55 - 2015-05-16 11:04 - 00007605 _____ C:\Users\Toshiba doma\AppData\Local\resmon.resmoncfg
2015-12-31 10:04 - 2015-08-19 02:15 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2015-12-30 23:14 - 2015-12-09 00:02 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-30 23:14 - 2015-11-11 00:47 - 00002224 _____ C:\Users\Public\Desktop\Advanced SystemCare 8.lnk
2015-12-30 23:13 - 2013-08-20 17:42 - 00000000 ____D C:\Users\Toshiba doma\AppData\Roaming\DAEMON Tools Lite
2015-12-30 13:07 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2015-12-29 00:08 - 2013-10-13 10:02 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-18 23:01 - 2015-04-04 11:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-18 23:01 - 2015-04-04 11:50 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-17 19:21 - 2015-05-23 21:03 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 21:02 - 2015-08-21 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-15 20:57 - 2015-08-21 08:01 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\clear.fi
2015-12-13 23:52 - 2013-01-21 20:00 - 00000000 ____D C:\Users\Toshiba doma\Desktop\Honza hry

==================== Files in the root of some directories =======

2015-02-10 20:59 - 2015-02-10 20:59 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-02-01 23:05 - 2015-03-02 10:40 - 0000020 _____ () C:\Users\Toshiba doma\AppData\Roaming\appdataFr3.bin
2015-06-28 07:27 - 2015-06-28 07:27 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\E158.tmp
2014-03-02 17:22 - 2015-01-03 15:22 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\FileIn.cns
2014-03-02 17:22 - 2015-01-03 15:22 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\FileOut.cns
2013-03-02 17:36 - 2014-06-19 20:21 - 0045270 _____ () C:\Users\Toshiba doma\AppData\Roaming\room_v3.dat
2013-09-14 14:07 - 2013-09-14 14:07 - 0001167 _____ () C:\Users\Toshiba doma\AppData\Roaming\trace_FilterInstaller.1.txt
2013-09-14 14:07 - 2014-05-30 17:29 - 0000905 _____ () C:\Users\Toshiba doma\AppData\Roaming\trace_FilterInstaller.txt
2013-09-14 14:07 - 2014-05-30 17:29 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-01-28 20:03 - 2015-01-24 14:51 - 0008704 _____ () C:\Users\Toshiba doma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-16 11:04 - 2016-01-01 12:55 - 0007605 _____ () C:\Users\Toshiba doma\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Toshiba doma\AppData\Local\Temp\280b9948cb86b551b2356cfd401a6e71.dll
C:\Users\Toshiba doma\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-10 17:10

==================== End of FRST.txt ============================

Krasny den Vam preju


Odinstalujte Advanced System Care a dale i ostatni produkty od IObitu. Jsou to cinske smejdy, ktere svou karieru zapocaly kradezi databaze spolecnosti Malwarebytes a navic pri nekterych "opravach" timto produktem nekolikrat doslo k poskozeni operacniho systemu takovym zpusobem, ze vse zcela vyresil az kompletni reinstall. Obecne jsem proti vsem zrychlovacum a optimizerum krome nekolik let odzkouseneho CCleaneru, ktery je v defaultnim nastaveni neskodny.

Odinstalujte

• Skype Click to Call - adware z instalace Skypu http://forum.viry.cz/viewtopic.php?p=1374439#p1374439

V ramci cisteni Vam budou vyprazdneny docasne adresare (vcetne Kose).

Ulozte na plochu AdwCleaner https://toolslib.net/downloads/viewdown ... dwcleaner/ (nebo http://www.bleepingcomputer.com/download/adwcleaner/ )

• ukoncete vsechny programy
• kliknete pravym na ikonu AdwCleaneru a vyberte Spustit jako spravce (v pripade Win XP spustte obycejne dvojklikem)
• kliknete na Scan, pote na Cleaning
• po restartu na Vas vyskoci log (pripadne jej najdete v C:\AdwCleaner\AdwCleaner[Cx].txt), jehoz obsah mi zkopirujte do pristi odpovedi

# AdwCleaner v5.029 - Logfile created 12/01/2016 at 20:33:03
# Updated 11/01/2016 by Xplode
# Database : 2016-01-12.1 [Server]
# Operating system : Windows 8.1 (x64)
# Username : Toshiba doma - TOSHIBADOMA
# Running from : C:\Users\Toshiba doma\Downloads\adwcleaner_5.029.exe
# Option : Cleaning
# Support : http://toolslib.net/forum

***** [ Services ] *****


***** [ Folders ] *****

[-] Folder Deleted : C:\Program Files (x86)\AFC Secure Net
[-] Folder Deleted : C:\Program Files (x86)\RoaandomPrrice
[-] Folder Deleted : C:\Program Files (x86)\ShooPDrop
[-] Folder Deleted : C:\Program Files (x86)\uNisaales
[-] Folder Deleted : C:\Program Files (x86)\uniSaleeS
[-] Folder Deleted : C:\ProgramData\NoMore Ads
[-] Folder Deleted : C:\ProgramData\BEstSaveFoorYoOuu
[-] Folder Deleted : C:\ProgramData\BestSaveForYeoou
[-] Folder Deleted : C:\ProgramData\ddoillaarkaeeper
[-] Folder Deleted : C:\ProgramData\EnjoyCouupioan
[-] Folder Deleted : C:\ProgramData\EuxsstraaCoupon
[-] Folder Deleted : C:\ProgramData\GreatSAvee4U
[-] Folder Deleted : C:\ProgramData\mcomckmibigliimckilbbpgelnnekgpg
[-] Folder Deleted : C:\Users\Toshiba doma\SupTab
[-] Folder Deleted : C:\Users\Toshiba doma\AppData\Roaming\RPEng
[-] Folder Deleted : C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\searchffv2@gmail.com

***** [ Files ] *****

[-] File Deleted : C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\user.js

***** [ DLLs ] *****


***** [ Shortcuts ] *****


***** [ Scheduled tasks ] *****

[-] Task Deleted : RDReminder

***** [ Registry ] *****

[-] Key Deleted : HKLM\SOFTWARE\Clients\StartMenuInternet\Torch
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_BROWSER_EMULATION [BackgroundHost.exe]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\MAIN\FeatureControl\FEATURE_WEBOC_MOVESIZECHILD [BackgroundHost.exe]
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}{fc67e7a0}
[-] Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\aaaaaiabcopkplhgaedhbloeejhhankf
[-] Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{0F19EF48-CB8C-416A-B84C-C33B02970632}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{382F6195-1B46-40D5-B9FD-0493263E6132}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{4CA94303-9DBE-40E2-ACDD-AE966657FD91}
[-] Key Deleted : HKLM\SOFTWARE\Classes\Interface\{66A9AAEF-9AD3-4336-A8C2-BDF384CCB553}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{079E2F0F-FCA0-4163-BC82-5355B879E86E}
[-] Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{E0D6077D-7186-48B2-A6C6-2F7C533E8CFF}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA0C978D-D909-49B6-AFE2-8BDE245DC7E6}
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{EEE6C35C-6118-11DC-9C72-001320C79847}]
[-] Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\Ext\CLSID [{FE69C007-C452-4D3E-86D2-1730DF8BC871}]
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0FEB2313-F89B-4AC6-8153-84025604A06A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{02F878DF-E2BE-4B85-8CB4-A0D2D4E2ED7F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2AF343DD-3102-4F9D-AC95-DCA4C95382C7}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3137BC14-D8D7-4B67-8FFA-2E0B2E9D541B}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA2AC92-971B-47B1-ACB6-357B552155AC}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{52C5395B-1FCD-47FA-A834-FD830701C2D5}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{5D3DCC39-9233-4330-94E9-DA92BE49CA1A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{615FACDF-DADB-440D-AC91-8AAB0AE9E3AD}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{762D463B-C45A-456D-A80D-8689C297C91E}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{7A6BE473-7960-44D0-BD54-D23DA76353DF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{803F550E-BAAE-42BB-8917-64BA0006AB17}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{8D5BC51D-C9D3-43B9-B728-B30677B7C7E8}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{991C9D8D-A789-4DB9-BDFC-5F33398B04BF}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{A5ACC874-D943-483F-A2D1-14598D51F872}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{B0474212-0D9D-4361-90B3-B89D1A44275D}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{BFDE183A-C6FE-41D2-80F9-586C29210AC2}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DD260902-9420-4055-A956-9152EB4F3E6A}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{EB1F9F3C-5526-4DAE-BD4B-3EAA7715DA9F}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{F68DC16C-9C2B-455B-8853-7E4D34BAA3F4}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FBA8498F-B3A0-4942-A2BF-E0CB7BC7E000}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{0F19EF48-CB8C-416A-B84C-C33B02970632}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{382F6195-1B46-40D5-B9FD-0493263E6132}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{4CA94303-9DBE-40E2-ACDD-AE966657FD91}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{66A9AAEF-9AD3-4336-A8C2-BDF384CCB553}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{10921475-03CE-4E04-90CE-E2E7EF20C814}
[-] Key Deleted : HKCU\Software\Softonic
[-] Key Deleted : HKCU\Software\TNT2
[-] Key Deleted : HKCU\Software\WEBAPP
[-] Key Deleted : HKCU\Software\ForumerIT
[-] Key Deleted : HKCU\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
[-] Key Deleted : HKLM\SOFTWARE\mystartsearchSoftware
[-] Key Deleted : HKLM\SOFTWARE\{12A61307-94CD-4F8E-94BC-918E511FAA81}
[-] Key Deleted : HKLM\SOFTWARE\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{37476589-E48E-439E-A706-56189E2ED4C4}_is1
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{AD11DADE-C597-45D9-D8C5-1D2EB0B89613}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
[!] Key Not Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4CEE92A3-9F0C-51AB-ADC0-34EC24AD7B7E}
[-] Key Deleted : HKU\.DEFAULT\Software\AskPartnerNetwork
[-] Key Deleted : HKU\.DEFAULT\Software\ImInstaller
[-] Key Deleted : HKU\.DEFAULT\Software\VNT
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\{12DA0E6F-5543-440C-BAA2-28BF01070AFA}
[-] Key Deleted : HKU\.DEFAULT\Software\AppDataLow\Software\shareazatoolbarguid
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\789034A89BAC50E4782F0A7BDBF75632
[-] Key Deleted : HKLM\SOFTWARE\Classes\Installer\UpgradeCodes\A97CEC23332751B47BA4B95BAA50C9D0
[-] Data Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Page_URL]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Start Page]
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
[-] Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}
[-] Data Restored : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes [DefaultScope]

***** [ Web browsers ] *****

[-] [C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\prefs.js] [Preference] Deleted : user_pref("browser.startup.homepage", "hxxp://search.gboxapp.com/");
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : mystartsearch.com
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : gosearch.me
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : go search_
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : go search__
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : go search___
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Web Data] [Search Provider] Deleted : go search
[-] [C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Secure Preferences] [Extension] Deleted : aaaaaiabcopkplhgaedhbloeejhhankf

*************************

:: "Tracing" keys removed
:: Winsock settings cleared

########## EOF - C:\AdwCleaner\AdwCleaner[C1].txt - [9704 bytes] ##########

Nainstalujte MBAM a udelejte vlastni sken vsech disku - http://forum.viry.cz/viewtopic.php?f=29&t=144868

• Upozorneni: tento sken zabere od 30 minut po nekolik hodin

Malwarebytes Anti-Malware
www.malwarebytes.org

Datum skenování: 12. 1. 2016
Čas skenování: 21:52
Protokol: Test.txt
Správce: Ano

Verze: 2.2.0.1024
Databáze malwaru: v2016.01.12.06
Databáze rootkitů: v2016.01.09.01
Licence: Bezplatná verze
Ochrana proti malwaru: Vypnuto
Ochrana proti škodlivým webovým stránkám: Vypnuto
Ochrana programu: Vypnuto

OS: Windows 8.1
CPU: x64
Souborový systém: NTFS
Uživatel: Toshiba doma

Typ skenu: Vlastní sken
Výsledek: Dokončeno
Prohledaných objektů: 833096
Uplynulý čas: 7 hod, 18 min, 51 sek

Paměť: Zapnuto
Po spuštění: Zapnuto
Souborový systém: Zapnuto
Archivy: Zapnuto
Rootkity: Zapnuto
Heuristika: Zapnuto
PUP: Zapnuto
PUM: Zapnuto

Procesy: 0
(Nenalezeny žádné škodlivé položky)

Moduly: 0
(Nenalezeny žádné škodlivé položky)

Klíče registru: 13
PUP.Optional.Montiera, HKLM\SOFTWARE\CLASSES\APPID\{301966DF-A84B-4255-AAB9-574B5CE237E4}, , [576f1028f1a8d264b8005bf2a9590000],
PUP.Optional.Montiera, HKLM\SOFTWARE\WOW6432NODE\CLASSES\APPID\{301966DF-A84B-4255-AAB9-574B5CE237E4}, , [576f1028f1a8d264b8005bf2a9590000],
PUP.Optional.Montiera, HKLM\SOFTWARE\CLASSES\WOW6432NODE\APPID\{301966DF-A84B-4255-AAB9-574B5CE237E4}, , [576f1028f1a8d264b8005bf2a9590000],
PUP.Optional.MindSpark, HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{76cab667-1cd5-410f-8047-b08ab01a92a2}, , [5c6a28106138da5cafd6a6cd38caf010],
PUP.Optional.MindSpark, HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{936d1cc6-4508-4607-9638-8c714e9dc809}, , [3a8cc474772262d46656383b3bc71ce4],
PUP.Optional.Montiera, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{FAB42C19-A7C3-4A99-9DD9-5CF0B97F2CAF}, , [c30344f45f3a56e091282a23738f50b0],
PUP.Optional.SearchApp, HKLM\SOFTWARE\GOOGLE\CHROME\EXTENSIONS\aaaaaiabcopkplhgaedhbloeejhhankf, , [7d49a890ecad7cba2b71bc15a95a59a7],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE, , [8c3aac8cd6c375c1611e6cac1be9ae52],
PUP.Optional.PrivitizeTB, HKLM\SOFTWARE\WOW6432NODE\INDUSTRIYA\privitize, , [16b077c1b1e84aec58f7478618eba65a],
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0307351F-B2D7-41F2-B44A-8AF7D9D90A18}, , [13b36ccc8712b6803ee3a87760a49070],
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AF3C3C61-D975-40BE-8BA1-7BC4FEF5E533}, , [6363d8607920ea4c18a6703b28db7a86],
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE, , [666015233069dc5ac6b99f79b35114ec],
PUP.Optional.PrivitizeTB, HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\SOFTWARE\INDUSTRIYA\privitize, , [c9fd8cac099038fe69e3bd1026dd35cb],

Hodnoty registru: 4
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [8c3aac8cd6c375c1611e6cac1be9ae52]
PUP.Optional.Bandoo.AppFlsh, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{0307351f-b2d7-41f2-b44a-8af7d9d90a18}|AppPath, C:\PROGRA~2\MUSICT~1\Datamngr\SRTOOL~1\GC, , [13b36ccc8712b6803ee3a87760a49070]
PUP.Optional.ConduitTB.Gen, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{AF3C3C61-D975-40BE-8BA1-7BC4FEF5E533}|AppPath, C:\Users\Toshiba doma\AppData\Local\Conduit\CT2670199, , [6363d8607920ea4c18a6703b28db7a86]
PUM.Optional.DisableChromeUpdates, HKLM\SOFTWARE\WOW6432NODE\POLICIES\GOOGLE\UPDATE|DisableAutoUpdateChecksCheckboxValue, 1, , [666015233069dc5ac6b99f79b35114ec]

Data registru: 0
(Nenalezeny žádné škodlivé položky)

Složky: 2
PUP.Optional.MultiPlug.Gen, C:\ProgramData\14134121140231929074, , [0fb78dabc9d00e2897e0a0fc3cc76c94],
PUP.Optional.RedAdBlocker, C:\ProgramData\Red AdBlocker, , [913545f3badf04327ab85560d72b9070],

Soubory: 24
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\ddoillaarkaeeper\BPP0yvnevpx8bO.dll.vir, , [5c6ac474c4d50234647b433015ef7888],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\ddoillaarkaeeper\BPP0yvnevpx8bO.x64.dll.vir, , [bd0976c25049c472f189e448cb36827e],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\EnjoyCouupioan\Lj1zDsnjkVDbZw.dll.vir, , [d0f6f4449801f145b12e116218ec04fc],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\EnjoyCouupioan\Lj1zDsnjkVDbZw.x64.dll.vir, , [cafc1a1ee3b642f49ae062ca26dbf60a],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\EuxsstraaCoupon\crNoXtmKNsioBL.dll.vir, , [f4d2f444aeebd6600cd3f47f798b59a7],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\EuxsstraaCoupon\crNoXtmKNsioBL.x64.dll.vir, , [5472b97f05941a1c205af23a17ea06fa],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\GreatSAvee4U\mNIN0mG7edyJOi.dll.vir, , [299d67d14950b2842bb4175c679db64a],
PUP.Optional.MultiPlug, C:\AdwCleaner\Quarantine\C\ProgramData\GreatSAvee4U\mNIN0mG7edyJOi.x64.dll.vir, , [7353e6522c6d4ee86e0ca686cb36d52b],
PUP.Optional.MultiPlug.Uns, C:\AdwCleaner\Quarantine\C\ProgramData\NoMore Ads\NoMore Ads.exe.vir, , [ba0c64d47e1b6fc7dacfea29ef138f71],
PUP.Optional.MultiPlug, C:\ProgramData\adssy\YS90q3WPDQzg4U.dll, , [9a2cf840e0b90a2c835cfa7964a03bc5],
PUP.Optional.MultiPlug, C:\ProgramData\adssy\YS90q3WPDQzg4U.x64.dll, , [10b6d16739602e084931c26a4bb653ad],
PUP.Optional.MultiPlug.Uns, C:\ProgramData\Red AdBlocker\Red AdBlocker.exe, , [c600b18760392d093871a56e966c0df3],
PUP.Optional.Somoto, C:\Users\Toshiba doma\AppData\Local\Application Data\Bundled software uninstaller\bi_client.exe, , [3c8a0d2b534643f3f2a365d0d52ccb35],
Trojan.Agent, C:\Users\Toshiba doma\Desktop\Honza hry\Warcraft III\warcraft3 keygen.exe, , [c50162d62178c571f346519f8c752ed2],
PUP.Optional.APNToolBar, C:\Users\Toshiba doma\Documents\APNSetup1.exe, , [06c069cf8d0caf87a7da50dfe918c53b],
PUP.Optional.BitCoinMiner, C:\Windows\Inf\MSASGui.exe, , [745265d38910d4622ea719179e6444bc],
Trojan.BitCoinMiner, C:\Windows\Inf\mncjudq\mncjudq.exe, , [54726ecafb9e2511c00749d705fd0af6],
PUP.Optional.SweetIM, C:\Windows\Installer\1ae34a54.msi, , [ac1a15237425ae88bc8f368cde2621df],
PUP.Optional.SweetIM, C:\Windows\Installer\1ae34a5e.msi, , [8b3b50e80a8fb97d65e6bb0716ee31cf],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\14134121140231929074\4ff6e7b3db4d05d408fad79604ceb929.ini, , [0fb78dabc9d00e2897e0a0fc3cc76c94],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\14134121140231929074\add7520f3dd44cb708fad79604ceb929.ini, , [0fb78dabc9d00e2897e0a0fc3cc76c94],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\14134121140231929074\cd5b15e575e1c3d008fad79604ceb929.ini, , [0fb78dabc9d00e2897e0a0fc3cc76c94],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\14134121140231929074\d55b1ff83dc82c9808fad79604ceb929.ini, , [0fb78dabc9d00e2897e0a0fc3cc76c94],
PUP.Optional.MultiPlug.Gen, C:\ProgramData\14134121140231929074\f457e49ace5c075b08fad79604ceb929.ini, , [0fb78dabc9d00e2897e0a0fc3cc76c94],

Fyzické sektory: 0
(Nenalezeny žádné škodlivé položky)


(end)

Vsechny polozky smazte/presunte do karanteny.



Dejte logy FRST.txt a Addition.txt - http://forum.viry.cz/viewtopic.php?f=30&t=133101
Pozn. pri druhem a dalsim spusteni FRST je pro vytvoreni logu Addition.txt nutne tuto volbu explicitne zatrhnout pred zacatkem skenu.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version:10-01-2015 01
Ran by Toshiba doma (administrator) on TOSHIBADOMA (13-01-2016 19:56:51)
Running from C:\Users\Toshiba doma\Desktop
Loaded Profiles: Toshiba doma (Available Profiles: Toshiba doma)
Platform: Windows 8.1 (X64) Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RTKAUDIOSERVICE64.EXE
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
() C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe
(Freemake) C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe
(Acer Cloud Technology) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
() C:\Windows\System32\LF2GRPOW.EXE
(Ellora Assets Corp.) C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe
(Intel(R) Corporation) C:\Program Files\Intel\iCLS Client\HeciServer.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\Jhi_service.exe
(IObit) C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe
(LogMeIn, Inc.) C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe
(Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
(TeamViewer GmbH) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
(TOSHIBA Corporation) C:\Windows\System32\TODDSrv.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoService.exe
(LogMeIn Inc.) C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2.exe
(Avast Software) C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
() C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\ggdllhost.exe
(Synaptics Incorporated) C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
(Microsoft Corporation) C:\Windows\System32\GWX\GWX.exe
(Microsoft Corporation) C:\Windows\System32\SkyDrive.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\Teco\TecoResident.exe
(SRS Labs, Inc.) C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
(Nuance Communications, Inc.) C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe
(AVAST Software) C:\Program Files\AVAST Software\Avast\avastui.exe
() C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17709_none_fa7932f59afc2e40\TiWorker.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
(Nero AG) C:\Program Files (x86)\Nero\Update\NASvc.exe
(Microsoft Corporation) C:\Windows\System32\msiexec.exe
(Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Acer Incorporated) C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHSrv.exe
(Společnost TOSHIBA Corporation) C:\Program Files\TOSHIBA\TPHM\TPCHWMsg.exe
(Toshiba Europe GmbH) C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Facebook Inc.) C:\Users\Toshiba doma\AppData\Local\Facebook\Update\FacebookUpdate.exe


==================== Registry (Whitelisted) ===========================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13196432 2012-09-27] (Realtek Semiconductor)
HKLM\...\Run: [TCrdMain] => C:\Program Files\TOSHIBA\Hotkey\TCrdMain_Win8.exe [2608040 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TODDMain] => C:\Program Files (x86)\TOSHIBA\System Setting\TODDMain.exe [213136 2012-08-04] ()
HKLM\...\Run: [TecoResident] => C:\Program Files\TOSHIBA\Teco\TecoResident.exe [169896 2012-08-14] (TOSHIBA Corporation)
HKLM\...\Run: [TosWaitSrv] => C:\Program Files\TOSHIBA\TPHM\TosWaitSrv.exe [356776 2012-07-11] (TOSHIBA Corporation)
HKLM\...\Run: [SRS Premium Sound HD] => C:\Program Files\SRS Labs\SRS Control Panel\SRSPanel_64.exe [2170784 2012-07-27] (SRS Labs, Inc.)
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM\...\Run: [SynTPEnh] => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2774256 2013-08-28] (Synaptics Incorporated)
HKLM-x32\...\Run: [ToshibaDynamicIconUtility] => C:\Program Files\TOSHIBA\TOSHIBA Places Icon Utility\TosDIMonitor.exe [1498624 2012-08-09] (Toshiba)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [642216 2012-08-08] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [TPUReg] => C:\Program Files (x86)\TOSHIBA\Password Utility\TosPU.exe [6884352 2012-08-23] (Pegatron Corporation)
HKLM-x32\...\Run: [MFFSum_Pro_LL2] => C:\Program Files (x86)\Xerox Companion Suite\MFFSUM.exe [24576 2010-02-11] ()
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [PaperPort PTD] => C:\Program Files (x86)\ScanSoft\PaperPort\pptd40nt.exe [29984 2007-11-13] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [IndexSearch] => C:\Program Files (x86)\ScanSoft\PaperPort\IndexSearch.exe [46368 2007-11-13] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [6111312 2015-11-07] (AVAST Software)
HKLM-x32\...\Run: [ProductUpdater] => C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe [74752 2015-09-01] ()
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [uTorrent] => C:\Users\Toshiba doma\AppData\Roaming\uTorrent\uTorrent.exe [1441104 2015-05-10] (BitTorrent Inc.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Steam] => C:\Program Files (x86)\Steam\steam.exe [3013712 2015-12-14] (Valve Corporation)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [55349888 2015-09-04] (Skype Technologies S.A.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [912480 2015-09-02] (Microsoft Corporation)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\MountPoints2: {c6694455-09a4-11e3-bf18-20689d3bddfb} - "E:\autorun.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll [2015-08-19] (AVAST Software)
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\PASPortal.lnk [2014-12-10]
ShortcutTarget: PASPortal.lnk -> C:\Windows\Installer\{69CD58CD-D8EC-4DB4-981B-1C256F105C7B}\NewShortcut1.exe (Acresso Software Inc.)
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

Tcpip\Parameters: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{0A724FA6-6CA4-4F50-A8D5-3427A2C17775}: [DhcpNameServer] 10.0.0.138
Tcpip\..\Interfaces\{81635586-F771-47FA-A278-F135D011D4BE}: [DhcpNameServer] 8.8.8.8 8.8.4.4

Internet Explorer:
==================
HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = hxxp://www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = hxxp://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Internet Explorer\Main,Search Page = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Internet Explorer\Main,Search Bar = hxxps://www.seznam.cz/?clid=22668
SearchScopes: HKLM-x32 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKLM-x32 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> DefaultScope {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {012E1000-F331-11DB-8314-0800200C9A66} URL = hxxp://www.google.com/search?q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {10DF5BC0-4C6A-47AD-8249-FF75037D958A} URL = hxxp://www.novinky.cz/hledej?w={searchTerms}&s ... arch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {15C4DF55-4B67-495A-A3D3-A497C4A49EE0} URL = hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {1EF82BF4-65C0-443F-BC81-F3ED11B69EF5} URL = hxxp://tv.seznam.cz/hledej?w={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {3CDEBA9A-5D18-4AE8-85EF-47B8893120CE} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=en_cz&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {4EEB8B30-60D4-4E71-84E1-AAAF9626E5A1} URL = hxxp://www.firmy.cz/?q={searchTerms}&sourceid= ... arch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {632F07F3-19A1-4d16-A23F-E6CE9486BAB5} URL = hxxp://www.bing.com/search?q={searchTerms}&FORM=AVASDF&PC=AV01
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {6AD36DC6-FD9B-4F23-8124-A5124DE9FD18} URL = hxxp://encyklopedie.seznam.cz/search?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {A37FD5B5-569D-4D93-8B71-DA806DD424C2} URL = hxxp://search.seznam.cz/?q={searchTerms}&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {CE77FE01-00D9-41DD-B812-6F5CC0AC5116} URL = hxxp://slovnik.seznam.cz/?q={searchTerms}&lang=cz_en&sourceid=QuickSearch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {D7145CAA-4EE4-404D-B88F-020068853759} URL = hxxp://www.zbozi.cz/?q={searchTerms}&r=campmoz ... arch_12454
SearchScopes: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001 -> {FD55010D-16A8-46E7-8E4C-9B0A3E4FCDA3} URL = hxxp://www.mapy.cz/?query={searchTerms}&source ... arch_12454
BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll [2015-08-19] (AVAST Software)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-19] (Oracle Corporation)
BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2015-08-19] (AVAST Software)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2013-03-06] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-19] (Oracle Corporation)
Handler: livecall - No CLSID Value
Handler: msnim - No CLSID Value
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2015-10-12] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2015-10-12] (Microsoft Corporation)

FireFox:
========
FF ProfilePath: C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315
FF NewTab:
FF DefaultSearchEngine: Seznam
FF DefaultSearchUrl: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF SearchEngineOrder.1: Seznam
FF SelectedSearchEngine: Seznam
FF Keyword.URL: hxxp://search.seznam.cz/?sourceid=quicksearch_22668&q={searchTerms}&
FF Plugin: @adobe.com/FlashPlayer -> C:\WINDOWS\system32\Macromed\Flash\NPSWF64_20_0_0_267.dll [2015-12-29] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\WINDOWS\SysWOW64\Macromed\Flash\NPSWF32_20_0_0_267.dll [2015-12-29] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\windows\SysWOW64\Adobe\Director\np32dsw_1213153.dll [2014-06-24] (Adobe Systems, Inc.)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=2.1.42 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2012-06-07] (Intel Corporation)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-19] (Oracle Corporation)
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.41212.0\npctrl.dll [2015-12-11] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/WLPG,version=16.4.3508.0205 -> C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll [2013-02-05] (Microsoft Corporation)
FF Plugin-x32: @Nero.com/KM -> C:\PROGRA~2\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL [2012-07-24] (Nero AG)
FF Plugin-x32: @ngm.nexoneu.com/NxGame -> C:\ProgramData\NexonEU\NGM\npnxgameEU.dll [2015-04-21] (Nexon)
FF Plugin-x32: @t.garena.com/garenatalk -> C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\bbtalk\plugins\npPlugin\npGarenaTalkPlugin.dll [2014-07-07] ( Garena)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.29.1\npGoogleUpdate3.dll [2015-12-04] (Google Inc.)
FF Plugin-x32: Adobe Reader -> D:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll [2013-09-03] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @Skype Limited.com/Facebook Video Calling Plugin -> C:\Users\Toshiba doma\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll [2014-07-24] (Skype Limited)
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @tools.google.com/Google Update;version=3 -> C:\Users\Toshiba doma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @tools.google.com/Google Update;version=9 -> C:\Users\Toshiba doma\AppData\Local\Google\Update\1.3.25.11\npGoogleUpdate3.dll [No File]
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Toshiba doma\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2015-08-01] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-4080011800-3767857022-2656497172-1001: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [No File]
FF SearchPlugin: C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\searchplugins\seznam-avast.xml [2014-12-31]
FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\ascsurfingprotection@iobit.com [not found]
FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\iobitascsurfingprotection@iobit.com [not found]
FF Extension: ShooPDrop - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\2@GX.net [2015-02-08] [not signed]
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2015-10-08]
FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2015-12-10]

Chrome:
=======
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
CHR StartupUrls: Default -> "hxxp://www.google.cz/"
CHR Profile: C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (Prezentace Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-03]
CHR Extension: (Dokumenty Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-03]
CHR Extension: (Disk Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-10-22]
CHR Extension: (YouTube) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-09-24]
CHR Extension: (Vyhledávání Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-10-27]
CHR Extension: (Tabulky Google) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-03]
CHR Extension: (Dokumenty Google offline) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\ghbmnnjooekpmoecnnnilnnbdlolhkhi [2015-11-17]
CHR Extension: (Avast Online Security) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\gomekmidlodglbbmalcneegieacbdmki [2015-11-03]
CHR Extension: (Shortcut Manager) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\mgjjeipcdnnjhgodgjpfkffcejoljijf [2015-03-03]
CHR Extension: (Platby Internetového obchodu Chrome) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-08-11]
CHR Extension: (Gmail) - C:\Users\Toshiba doma\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-29]
CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2015-06-28]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2015-10-12]

Opera:
=======
OPR Extension: (No Name) - C:\Users\Toshiba doma\AppData\Roaming\Opera Software\Opera Stable\Extensions\lkefdgdkflglnokhamcliipleglggfde [2015-08-18]
OPR Extension: (No Name) - C:\Users\Toshiba doma\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2015-08-18]

==================== Services (Whitelisted) ========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [146600 2015-08-19] (AVAST Software)
R3 AvastVBoxSvc; C:\Program Files\AVAST Software\Avast\ng\vbox\AvastVBoxSVC.exe [4047768 2015-08-19] (Avast Software)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2015-10-12] (Microsoft Corporation)
R2 CCDMonitorService; C:\Program Files (x86)\Acer\AOP Framework\CCDMonitorService.exe [2858336 2015-07-23] (Acer Incorporated)
R2 Freemake Improver; C:\ProgramData\Freemake\FreemakeUtilsService\FreemakeUtilsService.exe [108032 2015-09-01] (Freemake) [File not signed]
R2 FreemakeVideoCapture; C:\Program Files (x86)\Freemake\CaptureLib\CaptureLibService.exe [9216 2015-09-01] (Ellora Assets Corp.) [File not signed]
R2 GFNEXSrv; C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe [156672 2011-10-13] () [File not signed]
R2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [129856 2012-06-27] (Intel Corporation)
R2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [166720 2012-06-25] (Intel Corporation)
R2 LiveUpdateSvc; C:\Program Files (x86)\IObit\LiveUpdate\LiveUpdate.exe [2909472 2015-08-01] (IObit)
R2 LMIGuardianSvc; C:\Program Files (x86)\LogMeIn Hamachi\LMIGuardianSvc.exe [417552 2015-11-12] (LogMeIn, Inc.)
S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes)
R2 RtkAudioService; C:\Program Files\Realtek\Audio\HDA\RtkAudioService64.exe [201360 2012-09-27] (Realtek Semiconductor)
R2 TeamViewer; C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe [5613328 2015-07-29] (TeamViewer GmbH)
S3 TemproMonitoringService; C:\Program Files (x86)\Toshiba TEMPRO\TemproSvc.exe [114656 2012-08-14] (Toshiba Europe GmbH)
S3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366552 2015-07-07] (Microsoft Corporation)
S3 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23824 2015-07-07] (Microsoft Corporation)
S2 c2cautoupdatesvc; "C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe" /service [X]

===================== Drivers (Whitelisted) ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [28656 2015-08-19] (AVAST Software)
R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [90968 2015-08-19] (AVAST Software)
R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93528 2015-08-19] (AVAST Software)
R0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65224 2015-08-19] (AVAST Software)
R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1059656 2015-11-07] (AVAST Software)
R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [449992 2015-11-07] (AVAST Software)
R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [150672 2015-08-19] (AVAST Software)
R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [274808 2015-08-19] (AVAST Software)
R3 AtiHDAudioService; C:\Windows\system32\drivers\AtihdW86.sys [98472 2012-07-17] (Advanced Micro Devices)
S3 BthMtpEnum; C:\Windows\system32\DRIVERS\BthMtpEnum.sys [62976 2013-08-22] (Microsoft Corporation)
R1 dtsoftbus01; C:\Windows\System32\drivers\dtsoftbus01.sys [283064 2013-08-20] (Disc Soft Ltd)
S0 ebdrv; C:\Windows\System32\drivers\evbda.sys [3357024 2013-08-22] (Broadcom Corporation)
R3 hamachi; C:\Windows\system32\DRIVERS\Hamdrv.sys [45680 2015-11-12] (LogMeIn Inc.)
R3 MBAMProtector; C:\WINDOWS\system32\drivers\mbam.sys [25816 2015-10-05] (Malwarebytes)
S3 MBAMWebAccessControl; C:\WINDOWS\system32\drivers\mwac.sys [64216 2015-10-05] (Malwarebytes Corporation)
R0 ngvss; C:\Windows\System32\Drivers\ngvss.sys [115152 2015-08-19] (AVAST Software)
R2 npf; C:\Windows\System32\drivers\npf.sys [35344 2011-02-11] (CACE Technologies, Inc.)
R2 PEGAGFN; C:\Program Files (x86)\TOSHIBA\Password Utility\PEGAGFN.sys [14344 2009-09-11] (PEGATRON)
R3 RtkBtFilter; C:\Windows\system32\DRIVERS\RtkBtfilter.sys [24208 2012-07-11] (Realtek Microelectronics)
R3 RTWlanE; C:\Windows\system32\DRIVERS\rtwlane.sys [1936088 2013-07-31] (Realtek Semiconductor Corporation )
R3 SensorsSimulatorDriver; C:\Windows\system32\DRIVERS\WUDFRd.sys [226304 2014-10-29] (Microsoft Corporation)
R3 SmbDrvI; C:\Windows\system32\DRIVERS\Smb_driver_Intel.sys [43832 2012-08-14] (Synaptics Incorporated)
R3 Thotkey; C:\Windows\System32\drivers\Thotkey.sys [28632 2012-07-31] (Windows (R) Win 7 DDK provider)
R2 VBoxAswDrv; C:\Program Files\AVAST Software\Avast\ng\vbox\VBoxAswDrv.sys [273824 2015-08-19] (Avast Software)
S3 WdBoot; C:\Windows\system32\drivers\WdBoot.sys [44560 2015-07-07] (Microsoft Corporation)
S3 WdFilter; C:\Windows\system32\drivers\WdFilter.sys [270168 2015-07-07] (Microsoft Corporation)
S3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114520 2015-07-07] (Microsoft Corporation)
S3 XMLDIUSB; C:\Windows\System32\Drivers\XMLDIUSB.sys [55808 2010-01-29] (OEM)
S3 cpuz137; \??\C:\Users\TOSHIB~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-13 19:56 - 2016-01-13 19:57 - 00030386 _____ C:\Users\Toshiba doma\Desktop\FRST.txt
2016-01-13 19:48 - 2016-01-13 19:48 - 00003670 _____ C:\WINDOWS\System32\Tasks\gg_uac_daemon_Toshiba doma
2016-01-13 18:08 - 2016-01-05 21:04 - 00826872 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerApp.exe
2016-01-13 18:08 - 2016-01-05 21:04 - 00176632 _____ (Adobe Systems Incorporated) C:\WINDOWS\SysWOW64\FlashPlayerCPLApp.cpl
2016-01-13 12:36 - 2015-12-11 05:38 - 25837568 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtml.dll
2016-01-13 12:36 - 2015-12-11 04:55 - 06051328 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript9.dll
2016-01-13 12:36 - 2015-12-11 04:50 - 20367360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mshtml.dll
2016-01-13 12:36 - 2015-12-11 03:43 - 04610560 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript9.dll
2016-01-13 12:35 - 2015-12-11 05:00 - 00571904 _____ (Microsoft Corporation) C:\WINDOWS\system32\vbscript.dll
2016-01-13 12:35 - 2015-12-11 04:45 - 00817664 _____ (Microsoft Corporation) C:\WINDOWS\system32\jscript.dll
2016-01-13 12:35 - 2015-12-11 04:21 - 00496640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\vbscript.dll
2016-01-13 12:35 - 2015-12-11 04:18 - 00092160 _____ (Microsoft Corporation) C:\WINDOWS\system32\mshtmled.dll
2016-01-13 12:35 - 2015-12-11 04:09 - 01032704 _____ (Microsoft Corporation) C:\WINDOWS\system32\inetcomm.dll
2016-01-13 12:35 - 2015-12-11 04:09 - 00663552 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\jscript.dll
2016-01-13 12:35 - 2015-12-11 04:03 - 14456832 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieframe.dll
2016-01-13 12:35 - 2015-12-11 03:59 - 00798208 _____ (Microsoft Corporation) C:\WINDOWS\system32\msfeeds.dll
2016-01-13 12:35 - 2015-12-11 03:43 - 00880128 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\inetcomm.dll
2016-01-13 12:35 - 2015-12-11 03:38 - 02487808 _____ (Microsoft Corporation) C:\WINDOWS\system32\wininet.dll
2016-01-13 12:35 - 2015-12-11 03:37 - 00687104 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msfeeds.dll
2016-01-13 12:35 - 2015-12-11 03:35 - 12856320 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieframe.dll
2016-01-13 12:35 - 2015-12-11 03:26 - 01546752 _____ (Microsoft Corporation) C:\WINDOWS\system32\urlmon.dll
2016-01-13 12:35 - 2015-12-11 03:14 - 00800768 _____ (Microsoft Corporation) C:\WINDOWS\system32\ieapfltr.dll
2016-01-13 12:35 - 2015-12-11 03:12 - 02011136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\wininet.dll
2016-01-13 12:35 - 2015-12-11 03:08 - 01311744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\urlmon.dll
2016-01-13 12:35 - 2015-12-11 03:07 - 00710144 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ieapfltr.dll
2016-01-13 12:34 - 2015-12-08 20:08 - 00685432 _____ (Microsoft Corporation) C:\WINDOWS\system32\advapi32.dll
2016-01-13 12:34 - 2015-12-08 20:07 - 00507176 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\advapi32.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 02745184 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVDECOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02528784 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVDECOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02450240 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVENCOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02447136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVENCOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 02334104 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 02324744 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01877504 _____ (Microsoft Corporation) C:\WINDOWS\system32\msmpeg2adec.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01798480 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMALFXGFXDSP.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01484888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\msmpeg2adec.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01288128 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetsrc.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01210200 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 01115640 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetsrc.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 01037680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00850680 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfnetcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00735496 _____ (Microsoft Corporation) C:\WINDOWS\system32\evr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00700360 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfnetcore.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00629600 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP4SDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00584656 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\evr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00557856 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00498472 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfsvr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00492736 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00463776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP4SDECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00399776 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfsvr.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00299080 _____ (Microsoft Corporation) C:\WINDOWS\system32\VIDRESZR.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00250520 _____ (Microsoft Corporation) C:\WINDOWS\system32\MPG4DECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00248432 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP43DECD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00246856 _____ (Microsoft Corporation) C:\WINDOWS\system32\RESAMPLEDMO.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00229272 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\RESAMPLEDMO.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00203016 _____ (Microsoft Corporation) C:\WINDOWS\system32\COLORCNV.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00184912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\COLORCNV.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00183856 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\VIDRESZR.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00116720 _____ (Microsoft Corporation) C:\WINDOWS\system32\MP3DMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00099136 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP3DMOD.DLL
2016-01-13 12:34 - 2015-12-05 06:58 - 00090392 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfvdsp.dll
2016-01-13 12:34 - 2015-12-05 06:58 - 00081032 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\devenum.dll
2016-01-13 12:34 - 2015-12-03 19:02 - 01664000 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOE.DLL
2016-01-13 12:34 - 2015-12-03 18:36 - 01697792 _____ (Microsoft Corporation) C:\WINDOWS\system32\quartz.dll
2016-01-13 12:34 - 2015-12-03 18:06 - 01501184 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\quartz.dll
2016-01-13 12:34 - 2015-12-03 17:40 - 01010688 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMSPDMOD.DLL
2016-01-13 12:34 - 2015-12-03 17:29 - 00887296 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOD.DLL
2016-01-13 12:34 - 2015-12-02 16:04 - 00670208 _____ (Microsoft Corporation) C:\WINDOWS\system32\qedit.dll
2016-01-13 12:34 - 2015-12-02 16:01 - 00561664 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qedit.dll
2016-01-13 12:33 - 2015-12-30 20:32 - 07453016 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntoskrnl.exe
2016-01-13 12:33 - 2015-12-30 20:32 - 01735000 _____ (Microsoft Corporation) C:\WINDOWS\system32\ntdll.dll
2016-01-13 12:33 - 2015-12-30 20:32 - 01499912 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ntdll.dll
2016-01-13 12:33 - 2015-12-10 01:40 - 00033456 _____ (Microsoft Corporation) C:\WINDOWS\system32\CompatTelRunner.exe
2016-01-13 12:33 - 2015-12-07 11:56 - 01380600 _____ (Microsoft Corporation) C:\WINDOWS\system32\gdi32.dll
2016-01-13 12:33 - 2015-12-05 06:58 - 01150232 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMADMOE.DLL
2016-01-13 12:33 - 2015-12-05 06:58 - 00914672 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMADMOE.DLL
2016-01-13 12:33 - 2015-12-05 06:58 - 00275312 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MPG4DECD.DLL
2016-01-13 12:33 - 2015-12-05 06:58 - 00274280 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MP43DECD.DLL
2016-01-13 12:33 - 2015-12-05 06:58 - 00244296 _____ (Microsoft Corporation) C:\WINDOWS\system32\mfps.dll
2016-01-13 12:33 - 2015-12-05 06:58 - 00110544 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfps.dll
2016-01-13 12:33 - 2015-12-05 06:58 - 00090904 _____ (Microsoft Corporation) C:\WINDOWS\system32\devenum.dll
2016-01-13 12:33 - 2015-12-05 06:58 - 00076936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\mfvdsp.dll
2016-01-13 12:33 - 2015-12-04 16:00 - 01097216 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\gdi32.dll
2016-01-13 12:33 - 2015-12-03 20:42 - 00561952 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\cng.sys
2016-01-13 12:33 - 2015-12-03 20:42 - 00397224 _____ (Microsoft Corporation) C:\WINDOWS\system32\bcryptprimitives.dll
2016-01-13 12:33 - 2015-12-03 20:42 - 00137968 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncrypt.dll
2016-01-13 12:33 - 2015-12-03 20:42 - 00106960 _____ (Microsoft Corporation) C:\WINDOWS\system32\ncryptsslp.dll
2016-01-13 12:33 - 2015-12-03 20:41 - 00177488 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\ksecpkg.sys
2016-01-13 12:33 - 2015-12-03 19:52 - 00340872 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\bcryptprimitives.dll
2016-01-13 12:33 - 2015-12-03 19:52 - 00120376 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncrypt.dll
2016-01-13 12:33 - 2015-12-03 19:52 - 00091416 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ncryptsslp.dll
2016-01-13 12:33 - 2015-12-03 19:28 - 00401920 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb.sys
2016-01-13 12:33 - 2015-12-03 19:28 - 00202240 _____ (Microsoft Corporation) C:\WINDOWS\system32\Drivers\mrxsmb20.sys
2016-01-13 12:33 - 2015-12-03 19:07 - 00340992 _____ (Microsoft Corporation) C:\WINDOWS\system32\qdvd.dll
2016-01-13 12:33 - 2015-12-03 19:07 - 00289792 _____ (Microsoft Corporation) C:\WINDOWS\system32\ksproxy.ax
2016-01-13 12:33 - 2015-12-03 19:05 - 00644608 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVXENCD.DLL
2016-01-13 12:33 - 2015-12-03 19:00 - 00451072 _____ (Microsoft Corporation) C:\WINDOWS\system32\WMVSENCD.DLL
2016-01-13 12:33 - 2015-12-03 18:58 - 00378880 _____ (Microsoft Corporation) C:\WINDOWS\system32\SysFxUI.dll
2016-01-13 12:33 - 2015-12-03 18:51 - 00445440 _____ (Microsoft Corporation) C:\WINDOWS\system32\certcli.dll
2016-01-13 12:33 - 2015-12-03 18:30 - 00468480 _____ (Microsoft Corporation) C:\WINDOWS\system32\MFWMAAEC.DLL
2016-01-13 12:33 - 2015-12-03 18:28 - 00519680 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\qdvd.dll
2016-01-13 12:33 - 2015-12-03 18:28 - 00245760 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\ksproxy.ax
2016-01-13 12:33 - 2015-12-03 18:27 - 00736256 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVXENCD.DLL
2016-01-13 12:33 - 2015-12-03 18:24 - 01411584 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMSPDMOE.DLL
2016-01-13 12:33 - 2015-12-03 18:23 - 00402432 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\WMVSENCD.DLL
2016-01-13 12:33 - 2015-12-03 18:16 - 00324096 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\certcli.dll
2016-01-13 12:33 - 2015-12-03 18:13 - 01441280 _____ (Microsoft Corporation) C:\WINDOWS\system32\lsasrv.dll
2016-01-13 12:33 - 2015-12-03 18:07 - 00432128 _____ (Microsoft Corporation) C:\WINDOWS\system32\schannel.dll
2016-01-13 12:33 - 2015-12-03 18:01 - 00743936 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\MFWMAAEC.DLL
2016-01-13 12:33 - 2015-12-03 17:45 - 00357888 _____ (Microsoft Corporation) C:\WINDOWS\SysWOW64\schannel.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 01380864 _____ (Microsoft Corporation) C:\WINDOWS\system32\appraiser.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 01164800 _____ (Microsoft Corporation) C:\WINDOWS\system32\aeinv.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 00792064 _____ (Microsoft Corporation) C:\WINDOWS\system32\generaltel.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 00705024 _____ (Microsoft Corporation) C:\WINDOWS\system32\invagent.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 00505344 _____ (Microsoft Corporation) C:\WINDOWS\system32\devinv.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 00210432 _____ (Microsoft Corporation) C:\WINDOWS\system32\aepic.dll
2016-01-13 12:33 - 2015-11-17 22:07 - 00076800 _____ (Microsoft Corporation) C:\WINDOWS\system32\acmigration.dll
2016-01-13 06:57 - 2016-01-13 06:57 - 00007166 _____ C:\Users\Toshiba doma\Desktop\Test.txt
2016-01-12 20:55 - 2016-01-12 21:52 - 00192216 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\MBAMSwissArmy.sys
2016-01-12 20:55 - 2016-01-12 20:55 - 00001145 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
2016-01-12 20:55 - 2016-01-12 20:55 - 00000000 ____D C:\ProgramData\Malwarebytes
2016-01-12 20:55 - 2016-01-12 20:55 - 00000000 ____D C:\Program Files (x86)\Malwarebytes Anti-Malware
2016-01-12 20:55 - 2015-10-05 09:50 - 00109272 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbamchameleon.sys
2016-01-12 20:55 - 2015-10-05 09:50 - 00064216 _____ (Malwarebytes Corporation) C:\WINDOWS\system32\Drivers\mwac.sys
2016-01-12 20:55 - 2015-10-05 09:50 - 00025816 _____ (Malwarebytes) C:\WINDOWS\system32\Drivers\mbam.sys
2016-01-12 20:54 - 2016-01-12 20:54 - 22908888 _____ (Malwarebytes ) C:\Users\Toshiba doma\Downloads\mbam-setup-2.2.0.1024.exe
2016-01-12 20:29 - 2016-01-12 20:33 - 00000000 ____D C:\AdwCleaner
2016-01-12 20:29 - 2016-01-12 20:29 - 01754112 _____ C:\Users\Toshiba doma\Downloads\adwcleaner_5.029.exe
2016-01-12 00:42 - 2016-01-13 19:56 - 00000000 ____D C:\FRST
2016-01-12 00:39 - 2016-01-12 00:40 - 02370560 _____ (Farbar) C:\Users\Toshiba doma\Desktop\FRST64.exe
2016-01-10 16:04 - 2016-01-10 16:04 - 00000000 ____H C:\asc_rdflag
2016-01-01 19:06 - 2016-01-11 00:14 - 01393203 _____ C:\Users\Toshiba doma\Desktop\Průmysl.pptx
2015-12-15 21:02 - 2015-12-15 21:02 - 00002008 _____ C:\Users\Public\Desktop\abMedia.lnk
2015-12-15 00:29 - 2015-12-15 00:29 - 00002549 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Safari.lnk
2015-12-15 00:29 - 2015-12-15 00:29 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Apple Computer
2015-12-15 00:28 - 2015-12-15 00:29 - 00000000 ____D C:\Program Files (x86)\Safari
2015-12-15 00:28 - 2015-12-15 00:28 - 00002579 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Apple Software Update.lnk
2015-12-15 00:28 - 2015-12-15 00:28 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Apple
2015-12-15 00:28 - 2015-12-15 00:28 - 00000000 ____D C:\ProgramData\Apple Computer
2015-12-15 00:28 - 2015-12-15 00:28 - 00000000 ____D C:\Program Files (x86)\Apple Software Update
2015-12-15 00:27 - 2015-12-15 00:28 - 00000000 ____D C:\ProgramData\Apple

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2016-01-13 19:53 - 2014-03-18 16:33 - 01745984 _____ C:\WINDOWS\system32\PerfStringBackup.INI
2016-01-13 19:53 - 2014-03-18 15:54 - 00739924 _____ C:\WINDOWS\system32\perfh005.dat
2016-01-13 19:53 - 2014-03-18 15:54 - 00151610 _____ C:\WINDOWS\system32\perfc005.dat
2016-01-13 19:53 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\AppReadiness
2016-01-13 19:53 - 2013-08-22 14:36 - 00000000 ____D C:\WINDOWS\Inf
2016-01-13 19:50 - 2015-09-16 22:56 - 00000000 ____D C:\Program Files (x86)\Steam
2016-01-13 19:50 - 2015-03-24 21:07 - 00000000 ____D C:\Program Files (x86)\Opera
2016-01-13 19:49 - 2014-09-09 03:29 - 00000000 __RDO C:\Users\Toshiba doma\OneDrive
2016-01-13 19:48 - 2015-12-04 21:02 - 00000980 _____ C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
2016-01-13 19:45 - 2013-08-22 15:45 - 00000006 ____H C:\WINDOWS\Tasks\SA.DAT
2016-01-13 19:44 - 2015-06-02 00:00 - 00000000 ____D C:\Program Files\Microsoft Silverlight
2016-01-13 19:43 - 2013-08-22 14:25 - 00262144 ___SH C:\WINDOWS\system32\config\BBI
2016-01-13 19:42 - 2015-04-16 00:18 - 00000000 ____D C:\WINDOWS\system32\appraiser
2016-01-13 19:42 - 2014-08-07 17:47 - 00000000 ___SD C:\WINDOWS\system32\CompatTel
2016-01-13 19:40 - 2015-01-10 04:05 - 00000000 ____D C:\ProgramData\adssy
2016-01-13 19:36 - 2012-12-27 14:22 - 00000000 ____D C:\Users\Toshiba doma\AppData\Roaming\Skype
2016-01-13 19:32 - 2013-08-22 16:36 - 00000000 ____D C:\WINDOWS\system32\NDF
2016-01-13 19:29 - 2012-11-30 01:38 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Packages
2016-01-13 19:28 - 2012-07-26 08:59 - 00000000 ____D C:\WINDOWS\CbsTemp
2016-01-13 19:09 - 2012-11-30 01:45 - 00003600 _____ C:\WINDOWS\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-4080011800-3767857022-2656497172-1001
2016-01-13 19:07 - 2014-11-25 21:07 - 00000914 _____ C:\WINDOWS\Tasks\Adobe Flash Player Updater.job
2016-01-13 19:04 - 2014-12-30 13:17 - 00004010 _____ C:\WINDOWS\System32\Tasks\User_Feed_Synchronization-{F9246BDA-08FE-4222-84E4-0A387C673B8E}
2016-01-13 18:14 - 2015-06-02 00:03 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Silverlight
2016-01-13 18:14 - 2012-11-30 05:37 - 00000000 ____D C:\ProgramData\Microsoft Help
2016-01-13 18:13 - 2015-06-02 00:00 - 00000000 ____D C:\Program Files (x86)\Microsoft Silverlight
2016-01-13 18:11 - 2012-07-26 06:26 - 00000375 _____ C:\WINDOWS\win.ini
2016-01-13 18:07 - 2013-08-14 12:34 - 00000000 ____D C:\WINDOWS\system32\MRT
2016-01-13 18:01 - 2012-12-25 19:55 - 143671360 _____ (Microsoft Corporation) C:\WINDOWS\system32\MRT.exe
2016-01-13 17:58 - 2015-03-23 23:42 - 00000000 ____D C:\ProgramData\Package Cache
2016-01-13 11:39 - 2013-02-23 15:45 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\LogMeIn Hamachi
2016-01-12 21:18 - 2013-11-23 17:20 - 00000000 ____D C:\Users\Toshiba doma\AppData\Roaming\TS3Client
2016-01-12 20:37 - 2015-08-19 02:15 - 00004182 _____ C:\WINDOWS\System32\Tasks\avast! Emergency Update
2016-01-12 20:33 - 2014-09-08 23:44 - 00000000 ____D C:\Users\Toshiba doma
2016-01-12 20:27 - 2015-05-23 21:02 - 00000000 ____D C:\Program Files (x86)\IObit
2016-01-12 18:17 - 2013-08-22 16:36 - 00000000 ___HD C:\Program Files\WindowsApps
2016-01-12 00:47 - 2013-08-22 14:36 - 00000000 ____D C:\Windows
2016-01-11 19:12 - 2014-11-30 14:14 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\CrashDumps
2016-01-11 17:17 - 2013-01-10 20:19 - 03407360 ___SH C:\Users\Toshiba doma\Desktop\Thumbs.db
2016-01-10 16:04 - 2015-06-18 16:10 - 122003456 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 122003456 _____ C:\WINDOWS\system32\config\SOFTWARE.iodefrag
2016-01-10 16:04 - 2015-06-18 16:10 - 06696960 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 06696960 _____ C:\WINDOWS\system32\config\DEFAULT.iodefrag
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SECURITY.iodefrag
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SAM.iodefrag.bak
2016-01-10 16:04 - 2015-06-18 16:10 - 00032768 _____ C:\WINDOWS\system32\config\SAM.iodefrag
2016-01-08 20:27 - 2015-05-23 21:03 - 00000000 ____D C:\ProgramData\ProductData
2016-01-02 14:33 - 2015-03-26 23:55 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\Steam
2016-01-01 12:55 - 2015-05-16 11:04 - 00007605 _____ C:\Users\Toshiba doma\AppData\Local\resmon.resmoncfg
2015-12-30 23:14 - 2015-12-09 00:02 - 00000000 ____D C:\WINDOWS\Minidump
2015-12-30 23:13 - 2013-08-20 17:42 - 00000000 ____D C:\Users\Toshiba doma\AppData\Roaming\DAEMON Tools Lite
2015-12-29 00:08 - 2013-10-13 10:02 - 00003802 _____ C:\WINDOWS\System32\Tasks\Adobe Flash Player Updater
2015-12-18 23:01 - 2015-04-04 11:50 - 00000000 ___SD C:\WINDOWS\SysWOW64\GWX
2015-12-18 23:01 - 2015-04-04 11:50 - 00000000 ___SD C:\WINDOWS\system32\GWX
2015-12-17 19:21 - 2015-05-23 21:03 - 00000000 ____D C:\ProgramData\IObit
2015-12-15 21:02 - 2015-08-21 08:01 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acer
2015-12-15 20:57 - 2015-08-21 08:01 - 00000000 ____D C:\Users\Toshiba doma\AppData\Local\clear.fi

==================== Files in the root of some directories =======

2015-02-10 20:59 - 2015-02-10 20:59 - 0000079 _____ () C:\Program Files (x86)\prefs.js
2015-02-01 23:05 - 2015-03-02 10:40 - 0000020 _____ () C:\Users\Toshiba doma\AppData\Roaming\appdataFr3.bin
2015-06-28 07:27 - 2015-06-28 07:27 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\E158.tmp
2014-03-02 17:22 - 2015-01-03 15:22 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\FileIn.cns
2014-03-02 17:22 - 2015-01-03 15:22 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\FileOut.cns
2013-03-02 17:36 - 2014-06-19 20:21 - 0045270 _____ () C:\Users\Toshiba doma\AppData\Roaming\room_v3.dat
2013-09-14 14:07 - 2013-09-14 14:07 - 0001167 _____ () C:\Users\Toshiba doma\AppData\Roaming\trace_FilterInstaller.1.txt
2013-09-14 14:07 - 2014-05-30 17:29 - 0000905 _____ () C:\Users\Toshiba doma\AppData\Roaming\trace_FilterInstaller.txt
2013-09-14 14:07 - 2014-05-30 17:29 - 0000000 _____ () C:\Users\Toshiba doma\AppData\Roaming\trace_FilterInstaller.txt-CRT.txt
2014-01-28 20:03 - 2015-01-24 14:51 - 0008704 _____ () C:\Users\Toshiba doma\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-16 11:04 - 2016-01-01 12:55 - 0007605 _____ () C:\Users\Toshiba doma\AppData\Local\resmon.resmoncfg

Some files in TEMP:
====================
C:\Users\Toshiba doma\AppData\Local\Temp\280b9948cb86b551b2356cfd401a6e71.dll
C:\Users\Toshiba doma\AppData\Local\Temp\ed6e8e8c4b588010c8f64663407c6196.dll
C:\Users\Toshiba doma\AppData\Local\Temp\sqlite3.dll


==================== Bamital & volsnap =================

(There is no automatic fix for files that do not pass verification.)

C:\WINDOWS\system32\winlogon.exe => File is digitally signed
C:\WINDOWS\system32\wininit.exe => File is digitally signed
C:\WINDOWS\explorer.exe => File is digitally signed
C:\WINDOWS\SysWOW64\explorer.exe => File is digitally signed
C:\WINDOWS\system32\svchost.exe => File is digitally signed
C:\WINDOWS\SysWOW64\svchost.exe => File is digitally signed
C:\WINDOWS\system32\services.exe => File is digitally signed
C:\WINDOWS\system32\User32.dll => File is digitally signed
C:\WINDOWS\SysWOW64\User32.dll => File is digitally signed
C:\WINDOWS\system32\userinit.exe => File is digitally signed
C:\WINDOWS\SysWOW64\userinit.exe => File is digitally signed
C:\WINDOWS\system32\rpcss.dll => File is digitally signed
C:\WINDOWS\system32\dnsapi.dll => File is digitally signed
C:\WINDOWS\SysWOW64\dnsapi.dll => File is digitally signed
C:\WINDOWS\system32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2016-01-13 17:55

==================== End of FRST.txt ============================

=======

Additional scan result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Toshiba doma (2016-01-13 19:58:47)
Running from C:\Users\Toshiba doma\Desktop
Windows 8.1 (X64) (2014-09-09 02:20:21)
Boot Mode: Normal
==========================================================


==================== Accounts: =============================

Administrator (S-1-5-21-4080011800-3767857022-2656497172-500 - Administrator - Disabled)
Guest (S-1-5-21-4080011800-3767857022-2656497172-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-4080011800-3767857022-2656497172-1054 - Limited - Enabled)
Toshiba doma (S-1-5-21-4080011800-3767857022-2656497172-1001 - Administrator - Enabled) => C:\Users\Toshiba doma

==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AV: avast! Antivirus (Enabled - Out of date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: avast! Antivirus (Enabled - Out of date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

==================== Installed Programs ======================

(Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

«Euro Truck Simulator 2» v.1.3.1s (HKLM-x32\...\«Euro Truck Simulator 2»_is1) (Version: - SCS Software)
µTorrent (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\uTorrent) (Version: 3.4.3.40097 - BitTorrent Inc.)
abMedia (HKLM-x32\...\{E9AF1707-3F3A-49E2-8345-4F2D629D0876}) (Version: 2.09.2003.0 - Acer Incorporated)
Adobe Flash Player 20 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 20.0.0.267 - Adobe Systems Incorporated)
AOP Framework (HKLM-x32\...\{4A37A114-702F-4055-A4B6-16571D4A5353}) (Version: 3.09.2004.0 - Acer Incorporated)
Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.3.2225 - AVAST Software)
Balíček ovladače systému Windows - PASCO Scientific (WinUSB) Pasco Interface (08/14/2008 1.0.0.0) (HKLM\...\AD4AD0F184940E4712E96652A58ADDC47894E622) (Version: 08/14/2008 1.0.0.0 - PASCO Scientific)
Bandisoft MPEG-1 Decoder (HKLM-x32\...\BandiMPEG1) (Version: - Bandisoft.com)
Battle for Wesnoth 1.12.0 (HKLM-x32\...\Battle for Wesnoth 1.12.0) (Version: 1.12.0 - )
Crystal Reports for Visual Studio (x32 Version: 12.51.0.240 - SAP) Hidden
DataStudio (HKLM-x32\...\InstallShield_{69CD58CD-D8EC-4DB4-981B-1C256F105C7B}) (Version: 1.9.8.9 - PASCO scientific)
DataStudio (x32 Version: 1.9.8.9 - PASCO scientific) Hidden
Doplněk Microsoft Outlook Hotmail Connector (64bitový) (HKLM\...\{95140000-007A-0405-1000-0000000FF1CE}) (Version: 14.0.5118.5000 - Microsoft Corporation)
Dotfuscator Software Services - Community Edition (HKLM-x32\...\{41B31ABE-5A6E-498A-8F28-3BA3B8779A41}) (Version: 5.0.2300.0 - PreEmptive Solutions)
Dropbox (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Dropbox) (Version: 2.6.24 - Dropbox, Inc.)
Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{32136776-FE3F-453D-80DA-CDD993BDB2A3}) (Version: 11.1.20810.00 - Microsoft Corporation)
Football Manager 2011 (HKLM-x32\...\Football Manager 2011) (Version: 11.0.0.0 - Sports Interactive)
GameRanger (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\GameRanger) (Version: - GameRanger Technologies)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 47.0.2526.106 - Google Inc.)
Google Chrome (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Google Chrome) (Version: 39.0.2171.95 - Google Inc.)
Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.29.1 - Google Inc.) Hidden
Java 8 Update 31 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218031F0}) (Version: 8.0.310 - Oracle Corporation)
LaRoXionMT2 (HKLM-x32\...\LaRoXionMT2 5.0.3.0) (Version: 5.0.3.0 - LaRoXion)
LaRoXionMT2 (x32 Version: 5.0.3.0 - LaRoXion) Hidden
League of Legends (HKLM-x32\...\League of Legends 3.0.1) (Version: 3.0.1 - Riot Games)
League of Legends (x32 Version: 3.0.1 - Riot Games) Hidden
Locomania (HKLM-x32\...\Locomania_is1) (Version: 1.0 - TopQer, s.r.o.)
LogMeIn Hamachi (HKLM-x32\...\LogMeIn Hamachi) (Version: 2.2.0.410 - LogMeIn, Inc.)
LogMeIn Hamachi (x32 Version: 2.2.0.410 - LogMeIn, Inc.) Hidden
Malwarebytes Anti-Malware verze 2.2.0.1024 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes)
Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 - Visual Studio 2010 Tools (HKLM-x32\...\{40416836-56CC-4C0E-A6AF-5C34BADCE483}) (Version: 2.0.50217.0 - Microsoft Corporation)
Microsoft ASP.NET MVC 2 (HKLM-x32\...\{DD8FF2F3-0D97-4CF3-AF78-FA0E1B242244}) (Version: 2.0.60926.0 - Microsoft Corporation)
Microsoft Help Viewer 1.0 (HKLM\...\Microsoft Help Viewer 1.0) (Version: 1.0.30319 - Microsoft Corporation)
Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.41212.0 - Microsoft Corporation)
Microsoft Silverlight 3 SDK (HKLM-x32\...\{2012098D-EEE9-4769-8DD3-B038050854D4}) (Version: 3.0.40818.0 - Microsoft Corporation)
Microsoft SkyDrive (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\SkyDriveSetup.exe) (Version: 16.4.6013.0910 - Microsoft Corporation)
Microsoft SQL Server 2005 Compact Edition [ENU] (HKLM-x32\...\{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}) (Version: 3.1.0000 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Framework (HKLM-x32\...\{0DDCEC37-369C-484B-B16D-B4413FD42FB9}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Data-Tier Application Project (HKLM-x32\...\{E5AE9031-79A5-4627-9641-BEFA82819B08}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Management Objects (HKLM-x32\...\{4E968D9C-21A7-4915-B698-F7AEB913541D}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 R2 Transact-SQL Language Service (HKLM-x32\...\{78C3657E-742C-40B1-9F53-E5A921D40F17}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
Microsoft SQL Server Data Tools - enu (11.1.20828.01) (HKLM-x32\...\{4F2B8233-35EE-4197-8C3B-EACCBF712029}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20828.01) (HKLM-x32\...\{FAE0523E-08A4-4717-8E8E-6EC6F32CBE88}) (Version: 11.1.20828.01 - Microsoft Corporation)
Microsoft SQL Server Database Publishing Wizard 1.4 (HKLM-x32\...\{ACE28263-76A4-4BF5-B6F4-8BD719595969}) (Version: 10.1.2512.8 - Microsoft Corporation)
Microsoft SQL Server System CLR Types (HKLM-x32\...\{2A2F3AE8-246A-4252-BB26-1BEB45627074}) (Version: 10.50.1447.4 - Microsoft Corporation)
Microsoft Sync Framework Runtime v1.0 SP1 (x64) (HKLM\...\{8438EC02-B8A9-462D-AC72-1B521349C001}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework SDK v1.0 SP1 (HKLM-x32\...\{0E3DFC64-CC49-4BE2-8C9C-58EF129675DB}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Framework Services v1.0 SP1 (x64) (HKLM\...\{034106B5-54B7-467F-B477-5B7DBB492624}) (Version: 1.0.3010.0 - Microsoft Corporation)
Microsoft Sync Services for ADO.NET v2.0 SP1 (x64) (HKLM\...\{1D1CEEF8-3741-45BD-8E77-963E1DEBDDD3}) (Version: 2.0.3010.0 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
Microsoft Team Foundation Server 2010 Object Model - ENU (HKLM\...\Microsoft Team Foundation Server 2010 Object Model - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{837b34e3-7c30-493c-8f6a-2b0f04e2912c}) (Version: 8.0.59193 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}) (Version: 8.0.59192 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (x64) (HKLM\...\{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}) (Version: 8.0.61000 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Designtime - 10.0.30319 (HKLM\...\{F5079164-1DB9-3BDA-853B-F78AF67CE071}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Runtime - 10.0.30319 (HKLM\...\{94D70749-4281-39AC-AD90-B56A0E0A402E}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Runtime - 10.0.30319 (HKLM-x32\...\{6A86554B-8928-30E4-A53C-D7337689134D}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
Microsoft Visual F# 2.0 Runtime (HKLM-x32\...\{729A3000-BC8A-3B74-BA5D-5068FE12D70C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 ADO.NET Entity Framework Tools (HKLM-x32\...\{14DD7530-CCD2-3798-B37D-3839ED6A441C}) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Professional - ENU (HKLM-x32\...\Microsoft Visual Studio 2010 Professional - ENU) (Version: 10.0.30319 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Microsoft Visual Studio Express 2012 for Windows Desktop - ENU (HKLM-x32\...\{e0efdce9-a486-4676-8aa5-65bb08cbf34c}) (Version: 11.0.50727.42 - Microsoft Corporation)
Microsoft Visual Studio Macro Tools (HKLM-x32\...\Microsoft Visual Studio Macro Tools) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Windows Media Video 9 VCM (HKLM-x32\...\WMV9_VCM) (Version: - )
Microsoft XNA Framework Redistributable 3.1 (HKLM-x32\...\{19BFDA5D-1FE2-4F25-97F9-1A79DD04EE20}) (Version: 3.1.10527.0 - Microsoft Corporation)
Microsoft XNA Framework Redistributable 4.0 (HKLM-x32\...\{2BFC7AA0-544C-4E3A-8796-67F3BE655BE9}) (Version: 4.0.20823.0 - Microsoft Corporation)
Minecraft 1.7.4 version for Windows (HKLM-x32\...\{03CBAAC1-E120-3334-893E-FEE959A46E90}_is1) (Version: for Windows - )
Montezumova pomsta (HKLM-x32\...\Montezumova pomsta) (Version: - )
Mumble 1.2.10 (HKLM-x32\...\{24A2B2AA-3E68-4618-80E0-D5568B03CDD7}) (Version: 1.2.10 - Thorvald Natvig)
Opera Stable 30.0.1835.59 (HKLM-x32\...\Opera 30.0.1835.59) (Version: 30.0.1835.59 - Opera Software)
Pasco USB Driver (HKLM-x32\...\PascoUSBDriver) (Version: - )
PascoCommonFiles (HKLM-x32\...\PascoCommonFiles) (Version: 1.1.5 - )
Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
Rally Trophy (HKLM-x32\...\{42A4EC40-09BC-427C-B657-67978B784058}) (Version: 1.0.0 - JoWooD Productions Software AG)
S.K.I.L.L. - Special Force 2 (HKLM-x32\...\Steam App 286940) (Version: - Dragonfly GF Co., LTD)
Safari (HKLM-x32\...\{C779648B-410E-4BBA-B75B-5815BCEFE71D}) (Version: 5.34.57.2 - Apple Inc.)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
Seznam Software (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\SeznamInstall) (Version: - Seznam.cz)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.5.0.9082 - Microsoft Corporation)
Skype™ 7.10 (HKLM-x32\...\{6A0549A9-1B96-498C-ACBC-3943001FEB19}) (Version: 7.10.101 - Skype Technologies S.A.)
Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
Surfing Protection (HKLM-x32\...\IObit Surfing Protection_is1) (Version: 1.2 - IObit)
Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version: - Valve)
TeamViewer 10 (HKLM-x32\...\TeamViewer) (Version: 10.0.45471 - TeamViewer)
TOSHIBA Resolution+ Plug-in for Windows Media Player (HKLM-x32\...\{6CB76C9D-80C2-4CB3-A4CD-D96B239E3F94}) (Version: 1.2.2.00 - TOSHIBA Corporation)
TrackMania Nations Forever (HKLM-x32\...\Steam App 11020) (Version: - Nadeo)
Unity Web Player (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\UnityWebPlayer) (Version: - Unity Technologies ApS)
Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
Visual Studio 2010 Prerequisites - English (HKLM\...\{662014D2-0450-37ED-ABAE-157C88127BEB}) (Version: 10.0.30319 - Microsoft Corporation)
Visual Studio 2010 Tools for SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{112C23F2-C036-4D40-BED4-0CB47BF5555C}) (Version: 4.0.8080.0 - Microsoft Corporation)
Warface (HKLM-x32\...\Steam App 291480) (Version: - Crytek)
Web Deployment Tool (HKLM\...\{0F37D969-1260-419E-B308-EF7D29ABDE20}) (Version: 1.1.0618 - Microsoft Corporation)
Windows Driver Package - Realtek Semiconductor Corp. RtkBtFilter Bluetooth (07/11/2012 2.3.13.3) (HKLM\...\57F58DC141BEB353704E041792E5B00606694FEA) (Version: 07/11/2012 2.3.13.3 - Realtek Semiconductor Corp.)
Windows Live Essentials (HKLM-x32\...\WinLiveSuite) (Version: 16.4.3508.0205 - Microsoft Corporation)
Windows Movie Maker 2.6 (HKLM-x32\...\{B3DAF54F-DB25-4586-9EF1-96D24BB14088}) (Version: 2.6.4037.0 - Microsoft Corporation)
WinPcap 4.1.2 (HKLM-x32\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies)
World of Tanks (HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\{1EAC1D02-C6AC-4FA6-9A44-96258C37C812eu}_is1) (Version: - Wargaming.net)
Worms Armageddon - New Edition CZ 3.6.31.0 Beta (HKLM-x32\...\Worms Armageddon - New Edition CZ 3.6.31.0 Beta) (Version: - )
Zoner Photo Studio 17 (HKLM\...\ZonerPhotoStudio17_CZ_is1) (Version: 17.0.1.1 - ZONER software)

==================== Custom CLSID (Whitelisted): ==========================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== Scheduled Tasks (Whitelisted) =============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

Task: {00099762-5415-43BA-8A79-0228E693B684} - System32\Tasks\TOSHIBA\Service Station => C:\Program Files\TOSHIBA\Toshiba Service Station\ToshibaServiceStation.exe [2012-07-27] (TOSHIBA Corporation)
Task: {08D00158-1146-4A9D-AA1E-62DA3EB8B80C} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {1875FFB0-4E89-4951-BB8B-25173AEA0C7B} - System32\Tasks\{F9E5D7ED-3BA1-4BB3-83CE-BBE409ADB239} => pcalua.exe -a "D:\Knights of Honor\KoH.exe" -d "D:\Knights of Honor"
Task: {18BE5267-0CD5-48B2-8A54-EDAB20C7F9F7} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4080011800-3767857022-2656497172-1001UA => C:\Users\Toshiba doma\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-10] (Facebook Inc.)
Task: {28F75BD7-4619-4339-909E-5DD823C166C3} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.)
Task: {2FB39D70-132D-4811-A07B-AE980D9E0D13} - System32\Tasks\{4890B580-A263-4A39-953A-3C4B0DC6E3E7} => Chrome.exe hxxp://ui.skype.com/ui/0/7.8.0.102/cs/go/help.faq.installer?LastError=1618
Task: {3C2D15CA-0BEB-4A92-90B7-B7459394C1C1} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\WINDOWS\system32\MRT.exe [2016-01-13] (Microsoft Corporation)
Task: {45ED9DD2-D9A5-4D4D-8FF1-A6BB4160D5A4} - System32\Tasks\Synaptics TouchPad Enhancements => C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2013-08-28] (Synaptics Incorporated)
Task: {52D8263E-B738-430A-8411-1781BE9CAA18} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2013-07-22] (Piriform Ltd)
Task: {5A984CA5-3036-4241-B107-E8D1AF1E6847} - System32\Tasks\Toshiba\CommonNotifier => C:\Program Files (x86)\Toshiba TEMPRO\Toshiba.Tempro.UI.CommonNotifier.exe [2012-08-14] (Toshiba Europe GmbH)
Task: {7194E9D7-95CC-42A7-B247-B1F218070D4E} - System32\Tasks\avastBCLRestartS-1-5-21-4080011800-3767857022-2656497172-1001 => Chrome.exe
Task: {76A71F6C-AB72-45B9-8BB4-EDA52C6F167A} - System32\Tasks\Norton Security Scan for Toshiba doma => C:\PROGRA~2\NORTON~2\Engine\372~1.10\Nss.exe
Task: {7C8EE600-114A-41A0-B972-1FAAADBF12BD} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4080011800-3767857022-2656497172-1001UA => C:\Users\Toshiba doma\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {80FD1255-C359-41FD-BA46-1599B333D1EB} - System32\Tasks\{AC09E8F8-4C4E-4FF5-A403-4F2806758242} => pcalua.exe -a E:\AOESETUP.EXE -d E:\
Task: {8390261A-3D40-4B07-B205-65F49012883E} - System32\Tasks\Uninstaller_SkipUac_Toshiba_doma => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe
Task: {91264EB9-2D33-4BF6-A4E1-C57F136B5F85} - System32\Tasks\Opera scheduled Autoupdate 1427227671 => C:\Program Files (x86)\Opera\launcher.exe [2015-06-10] (Opera Software)
Task: {92174805-8065-4367-9A0B-75606E0E67C3} - System32\Tasks\{BF448076-C1A2-4BE5-9423-29FB904BCFC0} => pcalua.exe -a "C:\Program Files (x86)\EA GAMES\Medal of Honor Pacific Assault(tm) MPDemo\mohpa_mpdemo.exe" -d C:\PROGRA~2\EAGAME~1\MEDALO~1
Task: {9867A8BB-4C2E-44AF-94FE-5FCB9C968E18} - System32\Tasks\BacKGroundAgent => C:\Program Files (x86)\Acer\AOP Framework\BackgroundAgent.exe [2015-07-23] (Acer Incorporated)
Task: {986CD2FC-7EC3-4E3E-8E25-80ABDE87FC82} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeReminderTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)
Task: {AE5CE4D3-727C-4172-98E9-D1C64E062442} - System32\Tasks\{DFED834C-9C33-4432-8BCC-F4B1FDC60534} => pcalua.exe -a "C:\Users\Toshiba doma\Desktop\Age of Empires II\SETUPREG.EXE" -d "C:\Users\Toshiba doma\Desktop\Age of Empires II"
Task: {B2FB8FAA-DC01-4106-AC1C-C5A90E440F60} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-4080011800-3767857022-2656497172-1001Core => C:\Users\Toshiba doma\AppData\Local\Google\Update\GoogleUpdate.exe
Task: {BA48FCCD-F364-42BF-B684-E7B4DCC4D3D1} - System32\Tasks\Microsoft\Windows\UPnP\UPnPHostConfig => config upnphost start= auto
Task: {BFE19581-CE08-4B0E-BFFF-B46566FBDB53} - System32\Tasks\Adobe Flash Player Updater => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-12-29] (Adobe Systems Incorporated)
Task: {C9B408D3-5301-439B-88CC-18C52F347016} - System32\Tasks\{C72A3ECE-55F7-486F-AC16-A852F7EEDE3C} => pcalua.exe -a "C:\Users\Toshiba doma\Desktop\Honza hry\IL-2 Sturmovik 1946\il2setup.exe" -d "C:\Users\Toshiba doma\Desktop\Honza hry\IL-2 Sturmovik 1946"
Task: {CD865E08-F9E0-415B-A775-4A8BAA8D356D} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2015-08-19] (AVAST Software)
Task: {DEE97F1F-F0B9-4565-B655-665B3FB74344} - System32\Tasks\{2F4460E2-33CF-4E32-B2A4-0D42E0680F09} => Chrome.exe hxxp://ui.skype.com/ui/0/7.12.0.101/cs/go/help.faq.installer?LastError=1618
Task: {ECF83A4A-1AD3-4CE7-BE14-940DCD232BB5} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-4080011800-3767857022-2656497172-1001Core => C:\Users\Toshiba doma\AppData\Local\Facebook\Update\FacebookUpdate.exe [2014-06-10] (Facebook Inc.)
Task: {F0E5D5D5-6D0C-467E-9938-D2D7B13BADE9} - System32\Tasks\gg_uac_daemon_Toshiba doma => C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\ggdllhost.exe [2013-07-10] ()
Task: {F7D6C661-3BAA-4230-B7DE-A656411BD8B3} - System32\Tasks\AVAST Software\Avast settings backup => C:\Program Files\Common Files\AV\avast! Antivirus\backup.exe [2015-12-15] (AVAST Software)
Task: {FEA89F7F-BBA9-4847-80D0-AAD6F6B0BFD5} - System32\Tasks\Microsoft\Windows\Setup\GWXTriggers\ScheduleUpgradeTime => C:\Windows\system32\GWX\GWXUXWorker.exe [2015-12-05] (Microsoft Corporation)

(If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)

Task: C:\WINDOWS\Tasks\Adobe Flash Player Updater.job => C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\Uninstaller_SkipUac_Toshiba_doma.job => C:\Program Files (x86)\IObit\IObit Uninstaller\IObitUninstaler.exe

==================== Shortcuts =============================

(The entries could be listed to be restored or removed.)

==================== Loaded Modules (Whitelisted) ==============

2011-10-13 22:38 - 2011-10-13 22:38 - 00156672 _____ () C:\Program Files (x86)\TOSHIBA\Password Utility\GFNEXSrv.exe
2013-01-24 21:29 - 2009-12-17 09:21 - 00071680 _____ () C:\WINDOWS\System32\LF2GRPJL.DLL
2013-01-24 21:29 - 2009-12-17 09:21 - 00020480 _____ () C:\WINDOWS\system32\LF2GRPOW.exe
2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2013-08-12 17:43 - 2013-07-10 12:54 - 00049456 _____ () C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\ggdllhost.exe
2012-07-19 02:38 - 2012-07-19 02:38 - 00020904 _____ () C:\Program Files\TOSHIBA\Hotkey\SmoothView.dll
2012-07-19 02:38 - 2012-07-19 02:38 - 00049064 _____ () C:\Program Files\TOSHIBA\Hotkey\Hotkey\FnZ.dll
2012-08-14 03:13 - 2012-08-14 03:13 - 00018344 _____ () C:\Program Files\TOSHIBA\Teco\TecoMUI.dll
2015-10-07 22:26 - 2015-09-01 14:41 - 00074752 _____ () C:\Program Files (x86)\Common Files\Freemake Shared\ProductUpdater\ProductUpdater.exe
2015-08-19 02:14 - 2015-08-19 02:14 - 00102864 _____ () C:\Program Files\AVAST Software\Avast\log.dll
2015-08-19 02:14 - 2015-08-19 02:14 - 00123976 _____ () C:\Program Files\AVAST Software\Avast\JsonRpcServer.dll
2016-01-13 17:22 - 2016-01-13 17:22 - 02822144 _____ () C:\Program Files\AVAST Software\Avast\defs\16011300\algo.dll
2015-05-23 21:03 - 2014-10-16 10:26 - 00622880 _____ () C:\Program Files (x86)\IObit\LiveUpdate\ProductStatistics.dll
2013-02-28 10:17 - 2013-08-23 10:10 - 00553776 _____ () C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\ggspawn.dll
2015-06-28 10:32 - 2015-06-28 10:32 - 40540672 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
2012-09-20 23:18 - 2012-06-25 18:41 - 01198912 _____ () C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\ACE.dll
2015-08-21 08:01 - 2015-07-28 15:33 - 00088928 _____ () C:\Program Files (x86)\Acer\clear.fi plug-in\Clearfishellext.dll
2015-12-16 23:10 - 2015-12-11 04:54 - 01583432 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libglesv2.dll
2015-12-16 23:10 - 2015-12-11 04:54 - 00081224 _____ () C:\Program Files (x86)\Google\Chrome\Application\47.0.2526.106\libegl.dll
2015-12-03 15:21 - 2015-12-03 15:21 - 00202456 _____ () C:\Program Files (x86)\Acer\abMedia\curllib.dll
2015-12-03 15:23 - 2015-12-03 15:23 - 00654000 _____ () C:\Program Files (x86)\Acer\abMedia\sqlite3.dll
2015-12-03 15:23 - 2015-12-03 15:23 - 00641240 _____ () C:\Program Files (x86)\Acer\abMedia\tag.dll
2015-12-03 15:23 - 2015-12-03 15:23 - 00119000 _____ () C:\Program Files (x86)\Acer\abMedia\OpenLDAP.dll
2015-08-21 08:01 - 2015-08-21 08:01 - 00014176 _____ () C:\WINDOWS\assembly\GAC_MSIL\MyService\1.0.0.1__2dfa3f50f0bed57d\MyService.dll
2015-07-23 15:08 - 2015-07-23 15:08 - 00012128 _____ () C:\Program Files (x86)\Acer\AOP Framework\ServiceInterface.dll
2015-07-23 14:56 - 2015-07-23 14:56 - 00277856 _____ () C:\Program Files (x86)\Acer\AOP Framework\libcurl.dll

==================== Alternate Data Streams (Whitelisted) =========

(If an entry is included in the fixlist, only the ADS will be removed.)


==================== Safe Mode (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\Hamachi2Svc => ""="Service"

==================== EXE Association (Whitelisted) ===============

(If an entry is included in the fixlist, the registry item will be restored to default or removed.)


==================== Internet Explorer trusted/restricted ===============

(If an entry is included in the fixlist, it will be removed from the registry.)

IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\008i.com -> 008i.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\008k.com -> 008k.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\00hq.com -> 00hq.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\0190-dialers.com -> 0190-dialers.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\01i.info -> 01i.info
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\05p.com -> 05p.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\0calories.net -> 0calories.net
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\0cj.net -> 0cj.net
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\0scan.com -> 0scan.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\1-britney-spears-nude.com -> 1-britney-spears-nude.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\1-domains-registrations.com -> 1-domains-registrations.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\1-se.com -> 1-se.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\1001movie.com -> 1001movie.com
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\1001night.biz -> 1001night.biz
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\100gal.net -> 100gal.net
IE restricted site: HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\100sexlinks.com -> 100sexlinks.com

There are 4788 more sites.


==================== Hosts content: ===============================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2013-08-22 14:25 - 2014-11-15 17:09 - 00000035 ____A C:\WINDOWS\system32\Drivers\etc\hosts


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Toshiba doma\AppData\Local\Microsoft\Windows\Themes\RoamedThemeFiles\DesktopBackground\img0.jpg
DNS Servers: 10.0.0.138
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 0) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
Windows Firewall is enabled.

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\StartupFolder: => "McAfee Security Scan Plus.lnk"
HKLM\...\StartupApproved\StartupFolder: => "PASPortal.lnk"
HKLM\...\StartupApproved\Run: => "AutoKMS"
HKLM\...\StartupApproved\Run: => "BCSSync"
HKLM\...\StartupApproved\Run32: => "Adobe ARM"
HKLM\...\StartupApproved\Run32: => "MFFSum_Pro_LL2"
HKLM\...\StartupApproved\Run32: => "LogMeIn Hamachi Ui"
HKLM\...\StartupApproved\Run32: => "IndexSearch"
HKLM\...\StartupApproved\Run32: => "SSBkgdUpdate"
HKLM\...\StartupApproved\Run32: => "SweetIM"
HKLM\...\StartupApproved\Run32: => "Sweetpacks Communicator"
HKLM\...\StartupApproved\Run32: => "PrivitizeVPN"
HKLM\...\StartupApproved\Run32: => "ApnUpdater"
HKLM\...\StartupApproved\Run32: => "NCUpdateHelper"
HKLM\...\StartupApproved\Run32: => "ApnTBMon"
HKLM\...\StartupApproved\Run32: => "IObit Malware Fighter"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\StartupFolder: => "GameRanger.lnk"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\StartupFolder: => "MyPC Backup.lnk"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "KPeerNexonEU"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "Skype"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "uTorrent"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "Pando Media Booster"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "NCsoft Launcher"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "Optimizer Pro"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "PlayNC Launcher"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "Yahoo! Search"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "{6B84E528-9705-4D36-9C97-97B8E23DAB75}"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "Zoner Photo Studio Autoupdate"
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\StartupApproved\Run: => "Advanced SystemCare 7"

==================== FirewallRules (Whitelisted) ===============

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

FirewallRules: [vm-monitoring-nb-session] => (Allow) LPort=139
FirewallRules: [UDP Query User{AFCA48D0-4C9D-479C-95E3-6F0335BC9CCB}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{C024CE6D-E143-4CB1-AB20-4D85809F54CE}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{611B591A-7FD7-4FFA-AD23-040B67EEB46E}] => (Block) C:\users\toshiba doma\desktop\honza hry\age of empires ii\empires2.exe
FirewallRules: [{8D0578A2-8973-4008-85D9-A7E1B0DA560B}] => (Block) C:\users\toshiba doma\desktop\honza hry\age of empires ii\empires2.exe
FirewallRules: [UDP Query User{46E4BB29-47A8-4B29-9494-FC79C2B755D5}C:\users\toshiba doma\desktop\honza hry\age of empires ii\empires2.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\empires2.exe
FirewallRules: [TCP Query User{C506F4A5-B03B-40E6-BE53-02427FB3BA4E}C:\users\toshiba doma\desktop\honza hry\age of empires ii\empires2.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\empires2.exe
FirewallRules: [{0B6D60C2-89AD-4F22-9C02-681EA77B6193}] => (Allow) C:\Users\Toshiba doma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{65927E67-352F-47DC-86B7-AB6B1AC0C6AC}] => (Allow) C:\Users\Toshiba doma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{9935151D-2D6C-429A-A6E2-C5735FAF959B}] => (Allow) C:\Users\Toshiba doma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{DD9455D4-C7BE-4E43-9599-72BD95DA63AA}] => (Allow) C:\Users\Toshiba doma\AppData\Roaming\Dropbox\bin\Dropbox.exe
FirewallRules: [{C2206D66-6972-4DAE-9D61-5E53093F7DA4}] => (Allow) C:\Users\Toshiba doma\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{BE4366CE-25B9-4D98-BC29-8F851EF706E1}] => (Allow) C:\Users\Toshiba doma\AppData\Roaming\uTorrent\uTorrent.exe
FirewallRules: [{B63960EE-A3C0-4DB0-8994-13D06AE29DFD}] => (Allow) C:\Users\Toshiba doma\AppData\Local\Facebook\Video\Skype\FacebookVideoCalling.exe
FirewallRules: [UDP Query User{20668074-23C8-4695-A81E-3DB49C2187A9}C:\users\toshiba doma\desktop\honza hry\terraria\terraria 1.1.2\terraria\terrariaserver.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\terraria\terraria 1.1.2\terraria\terrariaserver.exe
FirewallRules: [TCP Query User{0696A737-A8B7-417C-A146-2627D29919F6}C:\users\toshiba doma\desktop\honza hry\terraria\terraria 1.1.2\terraria\terrariaserver.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\terraria\terraria 1.1.2\terraria\terrariaserver.exe
FirewallRules: [{277D3442-B620-4D06-8CE6-2A727409B92B}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{60613034-A54C-4EC1-96EB-31A5638C862E}] => (Allow) C:\Program Files (x86)\Hearthstone\Hearthstone.exe
FirewallRules: [{36420037-7287-482E-BEC5-A307B58532B6}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{C8B15272-2247-48FB-A986-7467F576E3F0}] => (Allow) C:\Program Files (x86)\Battle.net\Battle.net.exe
FirewallRules: [{1E9509F5-D451-4B03-BA13-D2ECAF4DD7D1}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{935E3FFF-A391-4FF4-9A7B-1EFF8EABB265}] => (Allow) C:\Program Files (x86)\Steam\Steam.exe
FirewallRules: [{739F8BDE-36A7-4844-9864-2137760DA7C8}] => (Block) C:\program files (x86)\pyro studios\imperial glory\imperialglory.exe
FirewallRules: [{A7749FBB-F2D6-42A8-9A3B-0035AC748800}] => (Block) C:\program files (x86)\pyro studios\imperial glory\imperialglory.exe
FirewallRules: [UDP Query User{BF032D96-B2F5-4B5C-8E2E-93A55B59BF0A}C:\program files (x86)\pyro studios\imperial glory\imperialglory.exe] => (Allow) C:\program files (x86)\pyro studios\imperial glory\imperialglory.exe
FirewallRules: [TCP Query User{00BEE1C1-6311-446A-BCF5-3A0866C4D3BF}C:\program files (x86)\pyro studios\imperial glory\imperialglory.exe] => (Allow) C:\program files (x86)\pyro studios\imperial glory\imperialglory.exe
FirewallRules: [{04599C5A-56ED-444F-8089-DF4F8C87EFE6}] => (Block) C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [{A598989A-B159-4C2C-ACB3-172FBF075DF3}] => (Block) C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [UDP Query User{7C05EC50-E52A-40C7-BD5B-8BC812837290}C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe] => (Allow) C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [TCP Query User{89CBFFA9-8DF6-4449-AB0C-9BE21D67AAFE}C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe] => (Allow) C:\program files (x86)\ubisoft\blue byte\the settlers - dědictví králů\bin\settlershok.exe
FirewallRules: [{C616BFF1-AA56-4921-8966-488091C9A610}] => (Allow) LPort=1900
FirewallRules: [{B0EFC093-0FF9-4AC8-8ED1-D55543AC2F8F}] => (Allow) LPort=2869
FirewallRules: [{20E319CB-21D5-4B3C-AFE5-9F4A6F779E86}] => (Allow) C:\Program Files (x86)\Windows Live\Contacts\wlcomm.exe
FirewallRules: [UDP Query User{A7F65A32-FB31-46A7-8D5E-D1DA1A4175B3}C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{D269E0B3-BE78-4DDE-845E-0FEBB4EDA00E}C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{4795A6EB-E62A-4E4A-B20E-2D275AD8CA2E}C:\users\toshiba doma\desktop\honza hry\need for speed most wanted\speed.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\need for speed most wanted\speed.exe
FirewallRules: [TCP Query User{BD407A77-369C-4C37-A254-726487CB405B}C:\users\toshiba doma\desktop\honza hry\need for speed most wanted\speed.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\need for speed most wanted\speed.exe
FirewallRules: [{6D9E4C5F-5917-4269-A957-356B7ED2DAC2}] => (Block) C:\games\sins of a solar empire 2\sins of a solar empire entrenchment.exe
FirewallRules: [{93B1844D-9954-4E88-B2E9-DB1EB3899B23}] => (Block) C:\games\sins of a solar empire 2\sins of a solar empire entrenchment.exe
FirewallRules: [UDP Query User{59FB1E56-408F-44FA-8F1F-612CE6E850D9}C:\games\sins of a solar empire 2\sins of a solar empire entrenchment.exe] => (Allow) C:\games\sins of a solar empire 2\sins of a solar empire entrenchment.exe
FirewallRules: [TCP Query User{80E46C2A-23D9-4F1B-9850-8ECFBBD2A53D}C:\games\sins of a solar empire 2\sins of a solar empire entrenchment.exe] => (Allow) C:\games\sins of a solar empire 2\sins of a solar empire entrenchment.exe
FirewallRules: [{B22FD0CF-C587-481A-BF45-A6065D45BE83}] => (Block) C:\games\panzers1\run\panzers.exe
FirewallRules: [{3EF76272-7C00-474B-8D63-44805046C1DD}] => (Block) C:\games\panzers1\run\panzers.exe
FirewallRules: [UDP Query User{A39B54A4-5976-4141-9E12-715BDED34ECE}C:\games\panzers1\run\panzers.exe] => (Allow) C:\games\panzers1\run\panzers.exe
FirewallRules: [TCP Query User{DCA00680-5D3B-4C90-8A0F-BE12CA262545}C:\games\panzers1\run\panzers.exe] => (Allow) C:\games\panzers1\run\panzers.exe
FirewallRules: [{E87C8DAE-0321-4E69-B455-4FB206B71767}] => (Block) C:\games\sow2arcon\exe\sow2.exe
FirewallRules: [{5617F0B3-9347-400A-AC85-3158C5974301}] => (Block) C:\games\sow2arcon\exe\sow2.exe
FirewallRules: [UDP Query User{D0868103-6085-45C6-A05B-188D58577F75}C:\windows\syswow64\dpnsvr.exe] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [TCP Query User{9CF2D0D2-BD84-4A49-9E88-84072122687E}C:\windows\syswow64\dpnsvr.exe] => (Block) C:\windows\syswow64\dpnsvr.exe
FirewallRules: [UDP Query User{9AD5726B-DEDE-4D4D-8626-D7E6DE4F055A}C:\games\sow2arcon\exe\sow2.exe] => (Allow) C:\games\sow2arcon\exe\sow2.exe
FirewallRules: [TCP Query User{FF76F935-3995-4202-A2B5-BB9A7514A094}C:\games\sow2arcon\exe\sow2.exe] => (Allow) C:\games\sow2arcon\exe\sow2.exe
FirewallRules: [{0279182E-02F7-4E17-B74C-4DD22A0D078B}] => (Block) C:\topcd\traktor 2\game.exe
FirewallRules: [{972C920B-6CB3-4DDD-A007-17F4B7460F44}] => (Block) C:\topcd\traktor 2\game.exe
FirewallRules: [UDP Query User{14E592A1-AD64-42A9-85FD-B520BFAB7872}C:\topcd\traktor 2\game.exe] => (Allow) C:\topcd\traktor 2\game.exe
FirewallRules: [TCP Query User{5B7BAE0A-5DA7-4510-A77D-75A8D0BBF793}C:\topcd\traktor 2\game.exe] => (Allow) C:\topcd\traktor 2\game.exe
FirewallRules: [{184D827F-C1DE-4821-B125-1BFBE5955AA9}] => (Allow) C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\Room\garena_room.exe
FirewallRules: [{11D7A13F-DA62-4802-BCF0-A2A1CDF39F75}] => (Allow) C:\Users\Toshiba doma\Desktop\Honza hry\Nová složka\Garena Plus\ggdllhost.exe
FirewallRules: [UDP Query User{6064FD36-1DA7-4694-B016-381A3C1D39EB}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [TCP Query User{DEABDB27-8AC8-4621-8879-F9D00976D014}C:\program files (x86)\java\jre7\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre7\bin\javaw.exe
FirewallRules: [{A9980B48-D9C3-45AF-9E22-BE32579DB266}] => (Block) C:\users\toshiba doma\desktop\honza hry\warcraft iii\war3.exe
FirewallRules: [{3783B7B9-F880-4D0F-BC47-550152907798}] => (Block) C:\users\toshiba doma\desktop\honza hry\warcraft iii\war3.exe
FirewallRules: [UDP Query User{BEB9E377-3719-4F34-9433-2732BC2F9643}C:\users\toshiba doma\desktop\honza hry\warcraft iii\war3.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\warcraft iii\war3.exe
FirewallRules: [TCP Query User{4E2A378C-D974-4C85-A69A-A92E035843BE}C:\users\toshiba doma\desktop\honza hry\warcraft iii\war3.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\warcraft iii\war3.exe
FirewallRules: [UDP Query User{E6575DCC-FCC4-40BF-93AD-7F1CBDDFCA94}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [TCP Query User{283BE55E-FBE0-44DB-B490-1187EDC1E2AD}C:\windows\syswow64\dplaysvr.exe] => (Block) C:\windows\syswow64\dplaysvr.exe
FirewallRules: [UDP Query User{E0D5CB2E-8F74-4BEB-8191-151584341C20}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{D50DDF42-72C2-4220-A87D-15DB20ACE683}C:\windows\syswow64\javaw.exe] => (Block) C:\windows\syswow64\javaw.exe
FirewallRules: [{1F77A0BF-E4AC-40D4-9F0D-9462FF293326}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{3E7DC6D7-DD21-4662-9140-EADB4ECA994D}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5A6C4E23-9B09-4ADB-8389-323E5C31B1DC}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{E8C37FE5-EB40-48BE-A0B8-926AD0080B8A}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{5321F321-3522-46DE-966D-B78F63774AD9}] => (Allow) C:\Program Files (x86)\Pando Networks\Media Booster\PMB.exe
FirewallRules: [{7D977833-CAC2-44CE-9335-5C3CF0EBCA26}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [{93AFE495-92F1-46FE-B968-A391A2A3A429}] => (Allow) C:\ProgramData\NexonEU\NGM\NGM.exe
FirewallRules: [UDP Query User{52945CE3-7B54-4157-8FD2-3B427DDC6DDF}D:\sins of a solar empire rebellion\sins of a solar empire rebellion.exe] => (Block) D:\sins of a solar empire rebellion\sins of a solar empire rebellion.exe
FirewallRules: [TCP Query User{634A0CBC-3286-4AA5-8C9B-0B223FFA2233}D:\sins of a solar empire rebellion\sins of a solar empire rebellion.exe] => (Block) D:\sins of a solar empire rebellion\sins of a solar empire rebellion.exe
FirewallRules: [{05FDE323-78B9-41CB-8BA0-8B68C3E9974D}] => (Allow) C:\Program Files (x86)\Xerox Companion Suite\MFServices.exe
FirewallRules: [{125A4A66-6F60-4AA9-8627-4317BDECEF5B}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{23EA42EA-CC5A-4389-9097-A8F2431EB6E5}] => (Allow) C:\Program Files (x86)\GameSpy Arcade\Aphex.exe
FirewallRules: [{6816F5F5-0870-4129-9A05-F159B7D830FD}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [{D12F4253-B7C8-4557-920A-2D36827538BB}] => (Allow) C:\Windows\SysWOW64\msiexec.exe
FirewallRules: [UDP Query User{053052A8-13B0-4C2D-B32E-7F47D829CC97}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [TCP Query User{99A9EF3D-2A89-444D-B94B-96DB1B9FF924}C:\windows\syswow64\javaw.exe] => (Allow) C:\windows\syswow64\javaw.exe
FirewallRules: [UDP Query User{1A488046-218B-420E-9193-1BDDA511B622}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [TCP Query User{FE1AAB3C-1621-43EE-97AA-063FBBE8048C}C:\program files (x86)\skype\phone\skype.exe] => (Block) C:\program files (x86)\skype\phone\skype.exe
FirewallRules: [{9DD1BEF6-1D65-441F-85F5-FBFED6C4EE1C}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [{E37BDA05-09F9-4BF5-9ED4-9ABC22EA506D}] => (Allow) C:\Program Files (x86)\Nero\KM\KwikMedia.exe
FirewallRules: [TCP Query User{920A6824-055F-4675-B796-964B6B4161A2}C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [UDP Query User{8157EAAA-0A83-4D60-8B84-36B5D32D86BA}C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe] => (Allow) C:\users\toshiba doma\appdata\roaming\gameranger\gameranger\gameranger.exe
FirewallRules: [TCP Query User{F1D21398-B4DF-4AA6-84CE-B34FC897D2CA}C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [UDP Query User{0971A8EC-D343-4AA0-A56F-0CA664CE5393}C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1\age2_x1.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1\age2_x1.exe
FirewallRules: [{E24CD0F3-6CAE-4BAD-9F9B-CB5803EC2175}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [{5BCC3DE1-C8FA-40DA-9A22-C7FB5BA0F268}] => (Allow) C:\Program Files (x86)\Steam\bin\steamwebhelper.exe
FirewallRules: [TCP Query User{0B1DD5D4-7445-484F-98F6-DEAC7ACCFADA}C:\users\toshiba doma\desktop\honza hry\age of empires ii\myth-age2_x1.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\myth-age2_x1.exe
FirewallRules: [UDP Query User{7A334196-AF5E-4F57-8AAA-9BE6350EB2FF}C:\users\toshiba doma\desktop\honza hry\age of empires ii\myth-age2_x1.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\myth-age2_x1.exe
FirewallRules: [TCP Query User{E262E20A-785B-4474-A184-F4AEED41AA21}D:\věci z plochy\counter-strike 1.6 non-steam\hl.exe] => (Allow) D:\věci z plochy\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [UDP Query User{2B721172-B784-4C90-ADDE-20FFDDDE2915}D:\věci z plochy\counter-strike 1.6 non-steam\hl.exe] => (Allow) D:\věci z plochy\counter-strike 1.6 non-steam\hl.exe
FirewallRules: [TCP Query User{07CD0890-4AEF-4234-BB96-12A99381BA42}C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1.exe
FirewallRules: [UDP Query User{5BD74817-C80D-4EE3-B286-821E9398B8A2}C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1.exe] => (Allow) C:\users\toshiba doma\desktop\honza hry\age of empires ii\age2_x1.exe
FirewallRules: [{DE082014-41C8-4C90-ACC7-538B62D12DCF}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{A3717538-D71C-4B27-B18F-00CDC3E3E38D}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForever.exe
FirewallRules: [{5B59CA46-BF25-4BF7-AF4D-E8AB876B959A}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{54D65B26-F186-4E6E-A423-0A049E61FF05}] => (Allow) C:\Program Files (x86)\Steam\SteamApps\common\TrackMania Nations Forever\TmForeverLauncher.exe
FirewallRules: [{E6E7EE5F-3609-4D1E-BB06-3AA94F41C398}] => (Allow) C:\Program Files\Zoner\Photo Studio 17\Program32\MediaServer.exe
FirewallRules: [TCP Query User{6B3A1C92-E638-49CE-9791-DDC9E551E567}C:\program files (x86)\battle for wesnoth 1.12.0\wesnothd.exe] => (Allow) C:\program files (x86)\battle for wesnoth 1.12.0\wesnothd.exe
FirewallRules: [UDP Query User{5499FA1E-DFEC-4CF9-852B-1ACB2E1E343F}C:\program files (x86)\battle for wesnoth 1.12.0\wesnothd.exe] => (Allow) C:\program files (x86)\battle for wesnoth 1.12.0\wesnothd.exe
FirewallRules: [TCP Query User{3FBB7961-5618-433A-B988-E794F4CA5B56}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [UDP Query User{4E9C046D-6531-4670-8831-01C81792BABE}C:\program files (x86)\hearthstone\hearthstone.exe] => (Allow) C:\program files (x86)\hearthstone\hearthstone.exe
FirewallRules: [TCP Query User{192749F2-5E8C-41C4-81F8-F14438FF0159}D:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe] => (Allow) D:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe
FirewallRules: [UDP Query User{1D1F9444-A46D-4B74-83D5-0528FB8EBAD2}D:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe] => (Allow) D:\program files (x86)\topcd\zachranari\fire department 3\fd3.exe
FirewallRules: [TCP Query User{9C6B7090-55FA-42A5-9686-8866BE18A9B4}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [UDP Query User{B7C76AA6-59BB-4CB0-BABD-7996AF3EC169}C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe] => (Block) C:\program files (x86)\java\jre1.8.0_31\bin\javaw.exe
FirewallRules: [{02995373-7160-4696-B616-FE47A548EB23}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{3E37FFF7-4730-4DF7-966F-58CD6640DB8A}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{03AF0468-563A-4F6A-B1A9-8E0C65D71006}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{5395EA6F-EBC9-479D-8A17-80E9FBE9E2A8}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [TCP Query User{93B2435A-5844-45D4-BEAA-1437BF419038}D:\topcd\quadcorem2\pack\core.bin] => (Allow) D:\topcd\quadcorem2\pack\core.bin
FirewallRules: [UDP Query User{7E7CFD72-02EB-476E-A951-F93E90AE0F20}D:\topcd\quadcorem2\pack\core.bin] => (Allow) D:\topcd\quadcorem2\pack\core.bin
FirewallRules: [{F44B3EDA-1745-4096-BFDD-E7182BBAF90D}] => (Block) D:\topcd\quadcorem2\pack\core.bin
FirewallRules: [{8BCB57D6-8E06-4EE0-B84E-80FB25B7A896}] => (Block) D:\topcd\quadcorem2\pack\core.bin
FirewallRules: [TCP Query User{71A01D8E-4BBF-4784-BFD4-9469B0A4E00A}C:\program files (x86)\laroxionmt2\graves.dll] => (Allow) C:\program files (x86)\laroxionmt2\graves.dll
FirewallRules: [UDP Query User{F4A528CE-B025-46A4-9F99-761547907423}C:\program files (x86)\laroxionmt2\graves.dll] => (Allow) C:\program files (x86)\laroxionmt2\graves.dll
FirewallRules: [TCP Query User{F25FF3D7-80A0-43F9-9E63-3CA60F997086}D:\wot\wotlauncher.exe] => (Allow) D:\wot\wotlauncher.exe
FirewallRules: [UDP Query User{122AF330-5324-4357-B711-E2E753D2CFE0}D:\wot\wotlauncher.exe] => (Allow) D:\wot\wotlauncher.exe
FirewallRules: [{B93FF5DA-A4E8-4CB7-AD14-2E4905550C13}] => (Block) D:\wot\wotlauncher.exe
FirewallRules: [{9107F12E-0AC7-44E7-BE68-1A693E458710}] => (Block) D:\wot\wotlauncher.exe
FirewallRules: [TCP Query User{771A9746-EDCA-4F7E-AB8B-87D5C592DD3C}D:\wolfenstein - enemy territory\et.exe] => (Allow) D:\wolfenstein - enemy territory\et.exe
FirewallRules: [UDP Query User{1749D031-065D-44FE-A9EC-7C120E143773}D:\wolfenstein - enemy territory\et.exe] => (Allow) D:\wolfenstein - enemy territory\et.exe
FirewallRules: [{AB03B930-5F7B-400C-9182-E2DC8F74288C}] => (Block) D:\wolfenstein - enemy territory\et.exe
FirewallRules: [{DDC51F74-519A-46BD-AC68-98A473A52BB3}] => (Block) D:\wolfenstein - enemy territory\et.exe
FirewallRules: [TCP Query User{CCEEC444-D6BC-4222-B783-D9D834649506}D:\wot\worldoftanks.exe] => (Allow) D:\wot\worldoftanks.exe
FirewallRules: [UDP Query User{AED00F9F-31B1-40D8-BF4A-9213A5E6DCA1}D:\wot\worldoftanks.exe] => (Allow) D:\wot\worldoftanks.exe
FirewallRules: [{D02A7156-1311-49B6-AFB1-5FCBEA4252BF}] => (Block) D:\wot\worldoftanks.exe
FirewallRules: [{6B360485-DD42-4251-8300-AE738E0BB470}] => (Block) D:\wot\worldoftanks.exe
FirewallRules: [TCP Query User{3636E5F6-0FAB-42E2-867E-0D1D32EF7169}C:\users\toshiba doma\desktop\men of war\mow.exe] => (Allow) C:\users\toshiba doma\desktop\men of war\mow.exe
FirewallRules: [UDP Query User{9F146BF0-195A-4A27-BE67-CEAF8B77E00D}C:\users\toshiba doma\desktop\men of war\mow.exe] => (Allow) C:\users\toshiba doma\desktop\men of war\mow.exe
FirewallRules: [TCP Query User{6081B934-78DC-45E8-9804-EEA6D9965591}C:\users\toshiba doma\desktop\men of war\mow.exe] => (Allow) C:\users\toshiba doma\desktop\men of war\mow.exe
FirewallRules: [UDP Query User{2AFF8F9B-1168-4789-9A4E-CED49040D4B0}C:\users\toshiba doma\desktop\men of war\mow.exe] => (Allow) C:\users\toshiba doma\desktop\men of war\mow.exe
FirewallRules: [{4EEAE2D1-FF80-4F0F-9C3C-D5010CBD12BC}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{BB02040D-1B02-435A-90A3-65D4387D33E1}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer.exe
FirewallRules: [{79DB9470-23DC-4EBC-B665-D90035432095}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{305695BC-21D7-42F3-B257-44B0C9A2C568}] => (Allow) C:\Program Files (x86)\TeamViewer\TeamViewer_Service.exe
FirewallRules: [{BBA9294C-4538-4DA6-96D6-0F2936898BAA}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{E37B84B9-00AD-44DD-8F2E-EC4287F44724}] => (Allow) C:\Program Files\AVAST Software\Avast\ng\vbox\aswFe.exe
FirewallRules: [{907F8374-0B52-4D26-A9E5-52D64A88CC3F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{99ACAE11-BADA-405C-BCE7-C8C2A2A4731C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{A83151E1-3763-45EB-BEB0-6B6B46778FFB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{35476BAE-2DB2-41D8-B9DF-A60EC8BBD3B8}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BD00B978-4FF6-418D-B7AC-07BBE4F29602}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{714E399E-B446-43ED-9195-03C273B10A2C}] => (Allow) C:\Program Files (x86)\Acer\AOP Framework\acer\ccd.exe
FirewallRules: [{3D185E3F-8CFF-47C3-9608-DD53F633EDAB}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{EF53103D-D77B-4E1E-B0A1-3076867F254C}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{078B7961-1D89-49FB-81EE-AB6ED54914B6}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{1530A85C-F1B0-4968-AAB2-EA2B8FE8101F}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{A6AB8C0F-59C1-4EF4-BD4A-3C0905A66C36}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{04590C38-A4EA-476F-B7D6-BC540B2B2131}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\SKILL\DFUBG.exe
FirewallRules: [{40B6445A-D96F-4A8F-B59B-626ADA423829}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{CFF9CD80-6343-4335-B5EB-947F3FD7C2DB}] => (Allow) D:\Program Files (x86)\SteamLibrary\steamapps\common\Warface\live\nw.exe
FirewallRules: [{3D466E0B-2DB5-4E42-A5E2-3210344294D4}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2011\fm.exe
FirewallRules: [{941B3CEF-83AE-49B5-B557-153C694210EF}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2011\fm.exe
FirewallRules: [{E526EAF1-BE1A-4F00-9F51-148AC6D84670}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2011\fm.exe
FirewallRules: [{E13034F2-C746-4D7E-AAD0-55ECD8D7AB43}] => (Allow) C:\Program Files (x86)\Sports Interactive\Football Manager 2011\fm.exe
FirewallRules: [TCP Query User{8D56AD00-67C0-48DB-9A8F-F8B83685A091}C:\users\toshiba doma\desktop\honza hry\re-volt\revolt-full-game+-cheaty\revolt\revolt.exe] => (Block) C:\users\toshiba doma\desktop\honza hry\re-volt\revolt-full-game+-cheaty\revolt\revolt.exe
FirewallRules: [UDP Query User{C1B09502-F945-4299-AB42-ACDDF5B66A41}C:\users\toshiba doma\desktop\honza hry\re-volt\revolt-full-game+-cheaty\revolt\revolt.exe] => (Block) C:\users\toshiba doma\desktop\honza hry\re-volt\revolt-full-game+-cheaty\revolt\revolt.exe
FirewallRules: [{5D3D8D51-81CF-4698-8483-7C69DBDA4A9E}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{62CEFE1D-3BC0-4498-9C48-C27831D1D5CD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{61853F81-7C3F-472D-9FEA-403335C856D7}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{59818EA9-CE60-4FB7-94E0-4E9E1EBB2798}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{3C456D19-1D61-434F-B90A-ADFD9655202D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{29FD7D87-084A-4D78-AD3A-0EAF129B8D9D}] => (Allow) C:\Program Files (x86)\Acer\abMedia\DMCDaemon.exe
FirewallRules: [{04175476-5EBD-4CB2-97CC-A8735D96A4FD}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{BABB69D3-CA06-437B-A022-C4A7BD6BFE53}] => (Allow) C:\Program Files (x86)\Acer\abMedia\WindowsUpnpMV.exe
FirewallRules: [{9CB88CC2-0343-42AF-8833-A346462F0202}] => (Allow) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe

==================== Restore Points =========================

27-12-2015 12:30:51 Windows Update
30-12-2015 13:06:01 Windows Update
07-01-2016 19:04:58 Naplánovaný kontrolní bod
11-01-2016 18:52:27 Windows Update

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (01/13/2016 07:56:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (01/13/2016 07:56:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\Toshiba doma\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (01/13/2016 07:56:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (01/13/2016 07:56:44 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\Toshiba doma\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (01/13/2016 07:54:34 PM) (Source: MsiInstaller) (EventID: 11921) (User: NT AUTHORITY)
Description: Product: Nero Update -- Error 1921.Service Nero Update (NAUpdate) could not be stopped. Verify that you have sufficient privileges to stop system services.

Error: (01/13/2016 07:49:55 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (01/13/2016 07:49:55 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\Toshiba doma\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (01/13/2016 07:48:51 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.

Error: (01/13/2016 07:48:51 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1508) (User: NT AUTHORITY)
Description: Systém Windows nemohl načíst registr. Tento problém je často způsoben nedostatkem paměti nebo nedostatečnými zabezpečovacími právy.

PODROBNOSTI – Je poškozena databáze konfiguračního registru.
pro: C:\Users\Toshiba doma\AppData\Local\Microsoft\Windows\\UsrClass.dat

Error: (01/13/2016 07:48:42 PM) (Source: Microsoft-Windows-User Profiles Service) (EventID: 1542) (User: NT AUTHORITY)
Description: Systém Windows nemůže načíst soubor registru tříd.
PODROBNOSTI – Je poškozena databáze konfiguračního registru.


System errors:
=============
Error: (01/13/2016 08:00:51 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingWeather.

Error: (01/13/2016 08:00:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.Office.OneNote.

Error: (01/13/2016 08:00:41 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin.

Error: (01/13/2016 07:47:04 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
Description: Služba Skype Click to Call Updater neuspěla při spuštění v důsledku následující chyby:
%%2

Error: (01/13/2016 07:41:30 PM) (Source: DCOM) (EventID: 10010) (User: TOSHIBADOMA)
Description: {9BA05972-F6A8-11CF-A442-00A0C90A8F39}

Error: (01/13/2016 07:29:55 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): sMedioforToshiba.TOSHIBAMediaPlayerbysMedioTrueLin.

Error: (01/13/2016 07:29:52 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.BingFoodAndDrink.

Error: (01/13/2016 07:29:49 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.ZuneVideo.

Error: (01/13/2016 07:29:46 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.WindowsReadingList.

Error: (01/13/2016 07:29:42 PM) (Source: Microsoft-Windows-WindowsUpdateClient) (EventID: 20) (User: NT AUTHORITY)
Description: Instalace se nezdařila: Instalování následující aktualizace se nezdařilo z důvodu chyby (0x80070002): Microsoft.ZuneMusic.


==================== Memory info ===========================

Processor: Intel(R) Core(TM) i3-2328M CPU @ 2.20GHz
Percentage of memory in use: 48%
Total physical RAM: 4049.7 MB
Available physical RAM: 2104.02 MB
Total Virtual: 6097.7 MB
Available Virtual: 3741.49 MB

==================== Drives ================================

Drive c: (TI30983100A) (Fixed) (Total:294.7 GB) (Free:171.63 GB) NTFS
Drive d: (Nový svazek) (Fixed) (Total:290.6 GB) (Free:233.85 GB) NTFS

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (Size: 596.2 GB) (Disk ID: 00000000)

Partition: GPT.

==================== End of Addition.txt ============================

Odinstalujte starou a zranitelnou verzi javy. Pokud javu potrebujete, pak nainstalujte novou z java.com - pozor na adware pri jeji instalaci http://forum.viry.cz/viewtopic.php?p=1374438#p1374438 . Z hlediska bezpecnosti (exploity) je lepsi ji nemit. Aktualni je 8U66. Verze Javy, ktere v PC mate nainstalovane:

• Java 8 Update 31

Po restartu dejte vedet, jak se PC chova.

• Do Poznamkoveho bloku (Start -> spustit -> notepad) zkopirujte obsah bileho pole
• ulozte na plochu jako fixlist (Typ souboru: Textovy dokument)
• znovu spustte FRST a kliknete na Fix
• po restartu bude na plose ulozen fixlog, jehoz obsah vlozte do pristi odpovedi

  Kód: Vybrat vše

  Start
  CreateRestorePoint:
  CloseProcesses:
  HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
  HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
  HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
  HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [uTorrent] => C:\Users\Toshiba doma\AppData\Roaming\uTorrent\uTorrent.exe [1441104 2015-05-10] (BitTorrent Inc.)
  HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
  HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
  HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\MountPoints2: {c6694455-09a4-11e3-bf18-20689d3bddfb} - "E:\autorun.exe"
  ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
  ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
  ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
  ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
  CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = 
  HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = 
  SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL = 
  FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\ascsurfingprotection@iobit.com [not found]
  FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\iobitascsurfingprotection@iobit.com [not found]
  FF Extension: ShooPDrop - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\2@GX.net [2015-02-08] [not signed]
  CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
  S3 cpuz137; \??\C:\Users\TOSHIB~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
  S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
  2016-01-13 19:56 - 2016-01-13 19:57 - 00030386 _____ C:\Users\Toshiba doma\Desktop\FRST.txt
  2016-01-12 20:29 - 2016-01-12 20:33 - 00000000 ____D C:\AdwCleaner
  2016-01-12 20:29 - 2016-01-12 20:29 - 01754112 _____ C:\Users\Toshiba doma\Downloads\adwcleaner_5.029.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
  Hosts:
  EmptyTemp:
  End

Fix result of Farbar Recovery Scan Tool (x64) Version:10-01-2015 01
Ran by Toshiba doma (2016-01-13 23:38:24) Run:1
Running from C:\Users\Toshiba doma\Desktop
Loaded Profiles: Toshiba doma (Available Profiles: Toshiba doma)
Boot Mode: Normal
==============================================

fixlist content:
*****************
Start
CreateRestorePoint:
CloseProcesses:
HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
HKLM-x32\...\Run: [SSBkgdUpdate] => C:\Program Files (x86)\Common Files\Scansoft Shared\SSBkgdUpdate\SSBkgdupdate.exe [210472 2006-10-25] (Nuance Communications, Inc.)
HKLM-x32\...\Run: [LogMeIn Hamachi Ui] => C:\Program Files (x86)\LogMeIn Hamachi\hamachi-2-ui.exe [5565448 2015-11-12] (LogMeIn Inc.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [uTorrent] => C:\Users\Toshiba doma\AppData\Roaming\uTorrent\uTorrent.exe [1441104 2015-05-10] (BitTorrent Inc.)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [DAEMON Tools Lite] => C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [3673696 2013-08-01] (Disc Soft Ltd)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\Run: [Zoner Photo Studio Autoupdate] => C:\PROGRAM FILES\ZONER\PHOTO STUDIO 17\Program32\ZPSTRAY.EXE [437248 2014-09-12] (ZONER software)
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\...\MountPoints2: {c6694455-09a4-11e3-bf18-20689d3bddfb} - "E:\autorun.exe"
ShellIconOverlayIdentifiers: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers: [DropboxExt4] -> {FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive1] -> {F241C880-6982-4CE5-8CF7-7085BA96DA5A} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive2] -> {A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => No File
ShellIconOverlayIdentifiers-x32: [ SkyDrive3] -> {BBACC218-34EA-4666-9D7A-C78F2274A524} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt1] -> {FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt2] -> {FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => No File
ShellIconOverlayIdentifiers-x32: [DropboxExt3] -> {FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => No File
CHR HKLM\SOFTWARE\Policies\Google: Restriction <======= ATTENTION
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL =
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL =
SearchScopes: HKU\.DEFAULT -> DefaultScope {9BB47C17-9C68-4BB3-B188-DD9AF0FD21} URL =
FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\ascsurfingprotection@iobit.com [not found]
FF Extension: No Name - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\iobitascsurfingprotection@iobit.com [not found]
FF Extension: ShooPDrop - C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\2@GX.net [2015-02-08] [not signed]
CHR HomePage: Default -> hxxps://www.google.com/?trackid=sp-006
S3 cpuz137; \??\C:\Users\TOSHIB~1\AppData\Local\Temp\cpuz137\cpuz137_x64.sys [X]
S3 EagleX64; \??\C:\WINDOWS\system32\drivers\EagleX64.sys [X]
2016-01-13 19:56 - 2016-01-13 19:57 - 00030386 _____ C:\Users\Toshiba doma\Desktop\FRST.txt
2016-01-12 20:29 - 2016-01-12 20:33 - 00000000 ____D C:\AdwCleaner
2016-01-12 20:29 - 2016-01-12 20:29 - 01754112 _____ C:\Users\Toshiba doma\Downloads\adwcleaner_5.029.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Hosts:
EmptyTemp:
End
*****************

Restore point was successfully created.
Processes closed successfully.
HKLM\Software\Microsoft\Windows\CurrentVersion\Run\\BCSSync => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SSBkgdUpdate => value removed successfully
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\LogMeIn Hamachi Ui => value removed successfully
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Windows\CurrentVersion\Run\\uTorrent => value removed successfully
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Windows\CurrentVersion\Run\\DAEMON Tools Lite => value removed successfully
HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Zoner Photo Studio Autoupdate => value removed successfully
"HKU\S-1-5-21-4080011800-3767857022-2656497172-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{c6694455-09a4-11e3-bf18-20689d3bddfb}" => key removed successfully
HKCR\CLSID\{c6694455-09a4-11e3-bf18-20689d3bddfb} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt4" => key removed successfully
HKCR\CLSID\{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive1" => key removed successfully
HKCR\Wow6432Node\CLSID\{F241C880-6982-4CE5-8CF7-7085BA96DA5A} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive2" => key removed successfully
HKCR\Wow6432Node\CLSID\{A0396A93-DC06-4AEF-BEE9-95FFCCAEF20E} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\ SkyDrive3" => key removed successfully
HKCR\Wow6432Node\CLSID\{BBACC218-34EA-4666-9D7A-C78F2274A524} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt1" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt2" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\ShellIconOverlayIdentifiers\DropboxExt3" => key removed successfully
HKCR\Wow6432Node\CLSID\{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} => key not found.
"HKLM\SOFTWARE\Policies\Google" => key removed successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Page_URL => value restored successfully
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main\\Default_Search_URL => value restored successfully
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully
C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\ascsurfingprotection@iobit.com => path removed successfully
C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\extensions\iobitascsurfingprotection@iobit.com => path removed successfully
C:\Users\Toshiba doma\AppData\Roaming\Mozilla\Firefox\Profiles\416ohgl9.default-1410809229315\Extensions\2@GX.net => moved successfully
Chrome HomePage => removed successfully
cpuz137 => service removed successfully
EagleX64 => service removed successfully
C:\Users\Toshiba doma\Desktop\FRST.txt => moved successfully
C:\AdwCleaner => moved successfully
C:\Users\Toshiba doma\Downloads\adwcleaner_5.029.exe => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job => moved successfully
C:\Windows\System32\Drivers\etc\hosts => moved successfully
Hosts restored successfully.
EmptyTemp: => 1.5 GB temporary data Removed.


The system needed a reboot.

==== End of Fixlog 23:39:42 ====

Jak se PC chova ted?

Kromě trhání, které sem ještě nezkoušel můžu říci, že došlo ke zlepšení

zamekhonza píše:Kromě trhání, které sem ještě nezkoušel

Nevim, co presne si pod timto predstavit. Vyzkousejte prosim, zda na PC nejake problemy pozorujete a treba behem zitrka dejte vedet