log

[Márty84]

At koukam jak koukam, nic nenaznacuje pritomnost nejake zakerne haveti.


Dejte logy podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=13&t=133100 - vypnete na chvili antivir, je mozne, ze to bude blokovat jako skodnou, ale pouzivame to porad, jedna se o falesny poplach

[dodo148]

nech robim čo robim neda sa mi FRSTLauncher.exe stiahnut lebo i tu stranku ani nenačita ...antivir je pritom vypnuty..
inac z toho softu mbar som vam poslal dva logy. ten prvy log ste ale nechceli, lenze ten mi niečo pridal do karanteny... a činnost počitaca sa zlepšila... a potom som ho odinstaloval tak ako ste kazali. ale tie sbory ostali v karantene.pri odinstalovani softu mbar subory u karanteny zmaže automaticky? mohli by sme preto upratať alebo ten frstlauncher mam stiahnut z ineho pc... ale to až zajtra by asa mi dalo.
Dakujem

[Márty84]

Pokud karantena zustala, uklidime ji pak na konci. Kazdopadne ty soubory, co byly/jsou v karantene, uz se ven nedostanou.

Tak dejte log jen z FRST, bez pouziti Launcheru. Je potreba to docistit.

[dodo148]

akurat som sa dostal k PC... hned vam to poslem

[dodo148]

Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 19-04-2015 01
Ran by jozef (administrator) on TILLKO on 20-04-2015 22:23:39
Running from C:\Users\jozef\Desktop
Loaded Profiles: jozef (Available profiles: jozef & Ján)
Platform: Windows 8.1 Pro (X64) OS Language: Angličtina (USA)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(Broadcom Corporation.) C:\Windows\System32\BtwRSupportService.exe
(Microsoft Corporation) C:\Windows\System32\dasHost.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\MsMpEng.exe
(Microsoft Corporation) C:\Program Files\Windows Defender\NisSrv.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Microsoft Corporation) C:\Program Files\Common Files\microsoft shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe
(Microsoft Corporation) C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe
(ESET) C:\Program Files\ESET\ESET Smart Security\egui.exe
(© 2015 Microsoft Corporation) C:\Users\jozef\AppData\Local\Microsoft\BingSvc\BingSvc.exe
(Microsoft Corporation) C:\Windows\System32\SettingSyncHost.exe
(Microsoft Corporation) C:\Windows\ImmersiveControlPanel\SystemSettings.exe
(Microsoft Corporation) C:\Windows\System32\dllhost.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\System32\LicensingUI.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Microsoft Corporation) C:\Windows\WinSxS\amd64_microsoft-windows-servicingstack_31bf3856ad364e35_6.3.9600.17477_none_fa2b7d3b9b36c7b4\TiWorker.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM\...\Run: [egui] => C:\Program Files\ESET\ESET Smart Security\egui.exe [5595848 2015-01-28] (ESET)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [BingSvc] => C:\Users\jozef\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Search Page = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Page_URL = www.google.com
HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Default_Search_URL = www.google.com
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL [2010-01-21] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL [2010-01-16] (Microsoft Corporation)
DPF: HKLM-x32 {7530BFB8-7293-4D34-9923-61A11451AFC5} http://download.eset.com/special/eos/OnlineScanner.cab
DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553512000} http://fpdownload2.macromedia.com/get/s ... wflash.cab
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Tcpip\Parameters: [DhcpNameServer] 213.151.222.34 192.168.0.1
StartMenuInternet: IEXPLORE.EXE - iexplore.exe

FireFox:
========
FF ProfilePath: C:\Users\jozef\AppData\Roaming\Mozilla\Firefox\Profiles\yt202180.default
FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-14] ()
FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-14] ()
FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> c:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll [2014-05-14] ( Microsoft Corporation)
FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation)
FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL [2010-01-10] (Microsoft Corporation)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.26.9\npGoogleUpdate3.dll [2015-02-05] (Google Inc.)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2014-12-03] (Adobe Systems Inc.)
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

Chrome:
=======
CHR HomePage: Profile 1 ->
CHR DefaultSuggestURL: Profile 1 -> {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&gs_ri={google:suggestRid}&xssi=t&q={searchTerms}&{google:inputType}{google:cursorPosition}{google:currentPageUrl}{google:pageClassification}{google:searchVersion}{google:sessionToken}{google:prefetchQuery}sugkey={google:suggestAPIKeyParameter}
CHR Profile: C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default
CHR Extension: (No Name) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-01-19]
CHR Extension: (Google Search) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-01-19]
CHR Extension: (High Contrast) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2015-01-29]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-01-31]
CHR Extension: (Google Sheets) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-01-19]
CHR Extension: (AdBlock) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-02]
CHR Extension: (Cryptocat) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\gonbigodpnfghidmnphnadhepmbabhij [2015-03-02]
CHR Extension: (PDFescape) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ioombffmiompnnfbajkmmghjaleclnjo [2015-03-02]
CHR Extension: (Ultimate User Agent Switcher, URL sniffer) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo [2015-03-02]
CHR Extension: (Google Wallet) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-01-19]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2015-03-02]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2015-03-02]
CHR Extension: (Click&Clean App) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-03-02]
CHR Extension: (Bitdefender QuickScan) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-03-02]
CHR Extension: (Gmail) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-01-19]
CHR Profile: C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1
CHR Extension: (Google Slides) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aapocclcgogkmnckokdopfmhonfmgoek [2015-03-06]
CHR Extension: (Google Docs) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\aohghmighlieiainnegkcijnfilokake [2015-03-06]
CHR Extension: (Google Drive) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-03-06]
CHR Extension: (YouTube) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-03-06]
CHR Extension: (Google Search) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-03-06]
CHR Extension: (High Contrast) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\djcfdncoelnlbldjfhinnjlhdjlikmph [2015-03-07]
CHR Extension: (ZenMate Security & Privacy VPN) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fdcgdnkidjaadafnichfpabhfomcebme [2015-03-07]
CHR Extension: (Google Sheets) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\felcaaldnbdncclmgdcncolpebgiejap [2015-03-06]
CHR Extension: (MSN Homepage) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\fkkcgfbgohboipdhliafmacjnhjbhmim [2015-04-20]
CHR Extension: (AdBlock) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom [2015-03-07]
CHR Extension: (Bookmark Manager) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik [2015-04-15]
CHR Extension: (Cryptocat) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gonbigodpnfghidmnphnadhepmbabhij [2015-03-07]
CHR Extension: (PDFescape) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ioombffmiompnnfbajkmmghjaleclnjo [2015-03-07]
CHR Extension: (Skype Click to Call) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-20]
CHR Extension: (Ultimate User Agent Switcher, URL sniffer) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\ljfpjnehmoiabkefmnjegmpdddgcdnpo [2015-03-07]
CHR Extension: (Google Wallet) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-03-06]
CHR Extension: (Docs PDF/PowerPoint Viewer (by Google)) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nnbmlagghjjcbdhgmkedmbmedengocbn [2015-03-07]
CHR Extension: (OneClick Cleaner for Chrome) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\oncckmaelaecccmaniihojgeopkcajfh [2015-03-07]
CHR Extension: (Click&Clean App) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdabfienifkbhoihedcgeogidfmibmhp [2015-03-07]
CHR Extension: (Bitdefender QuickScan) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pdnkcidphdcakpkheohlhocaicfamjie [2015-03-07]
CHR Extension: (Gmail) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-03-06]
CHR HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\SOFTWARE\Google\Chrome\Extensions\...\Chrome\Extension: [fkkcgfbgohboipdhliafmacjnhjbhmim] - https://clients2.google.com/service/update2/crx
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R2 BcmBtRSupport; C:\Windows\system32\BtwRSupportService.exe [2255064 2013-10-28] (Broadcom Corporation.)
S3 BthHFSrv; C:\Windows\System32\BthHFSrv.dll [324608 2014-10-29] (Microsoft Corporation)
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
R2 ekrn; C:\Program Files\ESET\ESET Smart Security\x86\ekrn.exe [1349576 2015-01-28] (ESET)
R3 WdNisSvc; C:\Program Files\Windows Defender\NisSrv.exe [366520 2015-02-04] (Microsoft Corporation)
R2 WinDefend; C:\Program Files\Windows Defender\MsMpEng.exe [23792 2015-02-04] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

R1 A2DDA; C:\EEK\BIN\a2ddax64.sys [26176 2014-11-18] (Emsisoft GmbH)
S2 Aspi32; C:\Windows\SysWOW64\drivers\aspi32.sys [16877 2002-07-17] (Adaptec) [File not signed]
S3 bcbtums; C:\Windows\system32\drivers\bcbtums.sys [170712 2013-10-28] (Broadcom Corporation.)
R3 BCM43XX; C:\Windows\system32\DRIVERS\bcmwl63a.sys [8536752 2013-07-01] (Broadcom Corporation)
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-11-18] (Emsisoft GmbH)
R1 eamonm; C:\Windows\System32\DRIVERS\eamonm.sys [246000 2015-03-10] (ESET)
R0 edevmon; C:\Windows\System32\DRIVERS\edevmon.sys [241880 2015-03-10] (ESET)
R1 ehdrv; C:\Windows\system32\DRIVERS\ehdrv.sys [169792 2015-03-10] (ESET)
R2 epfw; C:\Windows\system32\DRIVERS\epfw.sys [222280 2015-03-10] (ESET)
R1 EpfwLWF; C:\Windows\system32\DRIVERS\EpfwLWF.sys [44632 2015-03-10] (ESET)
R0 epfwwfp; C:\Windows\System32\DRIVERS\epfwwfp.sys [64208 2015-03-10] (ESET)
S3 ESETCleanersDriver; C:\Windows\system32\Drivers\ESETCleanersDriver.sys [170280 2014-12-06] (ESET)
U3 TrueSight; C:\Windows\System32\drivers\TrueSight.sys [35064 2015-02-19] ()
R3 WdNisDrv; C:\Windows\System32\Drivers\WdNisDrv.sys [114496 2015-02-04] (Microsoft Corporation)
S3 WinDivert1.1; C:\Program Files\KMSpico\WinDivert.sys [35376 2014-11-14] (Basil Projects)
U0 Partizan; system32\drivers\Partizan.sys [X]

==================== NetSvcs (Whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


==================== One Month Created Files and Folders ========

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 22:23 - 2015-04-20 22:24 - 00018450 _____ () C:\Users\jozef\Desktop\FRST.txt
2015-04-20 22:19 - 2015-04-20 22:23 - 00000000 ____D () C:\FRST
2015-04-20 17:52 - 2015-04-20 17:52 - 00002729 _____ () C:\Users\Public\Desktop\Skype.lnk
2015-04-20 17:52 - 2015-04-20 17:52 - 00000000 ___RD () C:\Program Files (x86)\Skype
2015-04-20 17:52 - 2015-04-20 17:52 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
2015-04-20 17:45 - 2015-04-20 17:46 - 45765216 _____ (Skype Technologies S.A.) C:\Users\jozef\Downloads\SkypeSetupFull.exe
2015-04-20 17:45 - 2015-04-20 17:45 - 00003158 _____ () C:\Windows\System32\Tasks\{9454E94D-14F0-44E6-8F80-DF07B2331083}
2015-04-20 15:47 - 2015-04-20 15:47 - 00003638 _____ () C:\Windows\System32\Tasks\SDMsgUpdate (Local)
2015-04-20 15:47 - 2015-04-20 15:47 - 00003630 _____ () C:\Windows\System32\Tasks\SDMsgUpdate (TE)
2015-04-20 15:39 - 2015-04-20 15:39 - 00000615 _____ () C:\Users\Public\Desktop\SmartDraw CI.lnk
2015-04-20 15:39 - 2015-04-20 15:39 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SmartDraw CI
2015-04-20 15:37 - 2015-04-20 15:39 - 00000000 ____D () C:\SmartDraw CI
2015-04-20 15:26 - 2015-04-20 15:27 - 20989320 _____ (SmartDraw.com) C:\Users\jozef\Downloads\SmartDraw.exe
2015-04-20 12:53 - 2015-04-20 15:34 - 00000116 _____ () C:\Windows\setupact.log
2015-04-20 12:53 - 2015-04-20 12:53 - 00000000 _____ () C:\Windows\setuperr.log
2015-04-20 04:08 - 2015-04-20 05:28 - 00000000 ____D () C:\Users\jozef\AppData\Roaming\SmartDraw
2015-04-20 04:08 - 2015-04-20 04:08 - 00000000 ____D () C:\Users\jozef\Documents\SmartDraw
2015-04-20 04:08 - 2015-04-20 04:08 - 00000000 ____D () C:\Users\jozef\AppData\System
2015-04-20 04:08 - 2015-04-20 04:08 - 00000000 ____D () C:\Users\jozef\AppData\Local\SmartDraw
2015-04-20 04:06 - 2015-04-20 04:06 - 00507464 _____ () C:\Users\jozef\Downloads\smartdraw_ZL_105WLK_setup.exe
2015-04-20 03:57 - 2015-04-20 03:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\VALUE-CHAIN
2015-04-20 03:57 - 2015-04-20 03:57 - 00249856 ____N (Microsoft Corporation) C:\Windows\Setup1.exe
2015-04-20 03:57 - 2015-04-20 03:57 - 00073216 _____ (Microsoft Corporation) C:\Windows\ST6UNST.EXE
2015-04-20 03:55 - 2015-04-20 03:55 - 10240226 _____ () C:\Users\jozef\Downloads\VALUE-CHAIN.zip
2015-04-20 03:55 - 2010-05-21 13:18 - 00004866 _____ () C:\Users\jozef\Downloads\SETUP.LST
2015-04-20 03:55 - 2010-05-21 13:17 - 10169955 _____ () C:\Users\jozef\Downloads\VALUE-CHAIN.CAB
2015-04-20 03:55 - 2010-05-19 16:33 - 00000258 _____ () C:\Users\jozef\Downloads\README.txt
2015-04-20 03:55 - 2004-02-23 02:00 - 00139776 _____ (Microsoft Corporation) C:\Users\jozef\Downloads\setup.exe
2015-04-19 19:18 - 2015-04-19 19:19 - 02098176 _____ (Farbar) C:\Users\jozef\Desktop\FRST64.exe
2015-04-19 09:19 - 2015-04-19 09:59 - 00000000 ____D () C:\Users\jozef\Desktop\mbar
2015-04-19 09:19 - 2015-04-19 09:59 - 00000000 ____D () C:\ProgramData\Malwarebytes' Anti-Malware (portable)
2015-04-19 09:19 - 2015-04-19 09:19 - 00136408 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\MBAMSwissArmy.sys
2015-04-19 09:19 - 2015-04-19 09:19 - 00107736 _____ (Malwarebytes Corporation) C:\Windows\system32\Drivers\mbamchameleon.sys
2015-04-19 09:15 - 2015-04-19 09:16 - 16502728 _____ (Malwarebytes Corp.) C:\Users\jozef\Desktop\mbar-1.09.1.1004.exe
2015-04-19 09:04 - 2015-04-19 09:04 - 04197016 _____ (Kaspersky Lab ZAO) C:\Users\jozef\Desktop\tdsskiller.exe
2015-04-18 15:48 - 2015-04-18 15:48 - 03148854 _____ () C:\Users\jozef\Desktop\zaznam.bmp
2015-04-18 14:48 - 2015-04-18 14:48 - 21540440 _____ (Malwarebytes Corporation ) C:\Users\jozef\Downloads\mbam-setup-2.1.4.1018.exe
2015-04-18 14:35 - 2015-04-18 14:35 - 01548384 _____ (Skype Technologies S.A.) C:\Users\jozef\Downloads\SkypeSetup.exe
2015-04-18 13:49 - 2015-04-18 13:51 - 00000000 ____D () C:\AdwCleaner
2015-04-18 13:48 - 2015-04-18 13:49 - 02217984 _____ () C:\Users\jozef\Desktop\adwcleaner_4.201.exe
2015-04-18 10:50 - 2015-04-18 10:50 - 00000739 _____ () C:\Users\jozef\Desktop\Pracovná plocha.lnk
2015-04-18 08:03 - 2015-04-18 08:03 - 00000896 _____ () C:\Users\jozef\Downloads\Prevzaté súbory - odkaz.lnk
2015-04-18 03:21 - 2015-04-18 03:22 - 00000000 ____D () C:\rsit
2015-04-18 03:21 - 2015-04-18 03:21 - 01222144 _____ () C:\Users\jozef\Downloads\RSITx64.exe
2015-04-17 20:44 - 2015-04-17 20:44 - 00000017 _____ () C:\Users\Ján\AppData\Local\resmon.resmoncfg
2015-04-17 02:11 - 2015-04-19 12:27 - 00000000 ____D () C:\Users\jozef\Desktop\halaj
2015-04-16 19:59 - 2015-04-19 12:54 - 00000000 ____D () C:\Users\jozef\Desktop\nika
2015-04-16 16:39 - 2015-04-16 16:39 - 00000000 ____D () C:\Users\jozef\Tracing
2015-04-15 18:28 - 2015-01-06 05:01 - 00072192 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndproxy.sys
2015-04-15 18:28 - 2015-01-06 04:59 - 00080896 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\wanarp.sys
2015-04-15 18:28 - 2015-01-06 03:12 - 00185856 _____ (Microsoft Corporation) C:\Windows\system32\rascfg.dll
2015-04-15 18:28 - 2015-01-06 03:02 - 00164864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rascfg.dll
2015-04-15 17:21 - 2015-04-15 17:21 - 00001828 _____ () C:\Users\jozef\AppData\Roaming\Microsoft\Windows\Start Menu\NetBet Poker.lnk
2015-04-15 17:21 - 2015-04-15 17:21 - 00001826 _____ () C:\Users\jozef\Desktop\NetBet Poker.lnk
2015-04-15 17:20 - 2015-04-18 07:59 - 00000000 ____D () C:\Users\jozef\AppData\Local\NetBet Poker
2015-04-15 14:20 - 2015-03-23 23:59 - 07476032 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
2015-04-15 14:20 - 2015-03-23 23:59 - 01733952 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
2015-04-15 14:20 - 2015-03-23 23:59 - 00360480 _____ (Microsoft Corporation) C:\Windows\system32\sechost.dll
2015-04-15 14:20 - 2015-03-23 23:58 - 01498872 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
2015-04-15 14:20 - 2015-03-23 23:45 - 00257216 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sechost.dll
2015-04-15 14:20 - 2015-03-20 06:12 - 00246272 _____ (Microsoft Corporation) C:\Windows\system32\microsoft-windows-system-events.dll
2015-04-15 14:20 - 2015-03-20 06:10 - 00285184 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
2015-04-15 14:20 - 2015-03-20 06:10 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
2015-04-15 14:20 - 2015-03-20 05:17 - 00411648 _____ (Microsoft Corporation) C:\Windows\system32\tracerpt.exe
2015-04-15 14:20 - 2015-03-20 04:41 - 00369152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tracerpt.exe
2015-04-15 14:20 - 2015-03-20 04:40 - 00950784 _____ (Microsoft Corporation) C:\Windows\system32\tdh.dll
2015-04-15 14:20 - 2015-03-20 04:16 - 00749568 _____ (Microsoft Corporation) C:\Windows\SysWOW64\tdh.dll
2015-04-15 14:20 - 2015-03-13 06:32 - 24980480 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
2015-04-15 14:20 - 2015-03-13 05:50 - 06025216 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
2015-04-15 14:20 - 2015-03-13 05:42 - 19695616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
2015-04-15 14:20 - 2015-02-21 01:49 - 00780800 _____ (Microsoft Corporation) C:\Windows\system32\lsm.dll
2015-04-15 14:19 - 2015-03-13 06:08 - 00584192 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
2015-04-15 14:19 - 2015-03-13 06:07 - 02886144 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
2015-04-15 14:19 - 2015-03-13 05:53 - 00816128 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
2015-04-15 14:19 - 2015-03-13 05:28 - 00503296 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
2015-04-15 14:19 - 2015-03-13 05:26 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
2015-04-15 14:19 - 2015-03-13 05:22 - 02278400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
2015-04-15 14:19 - 2015-03-13 05:17 - 01032704 _____ (Microsoft Corporation) C:\Windows\system32\inetcomm.dll
2015-04-15 14:19 - 2015-03-13 05:16 - 00664064 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
2015-04-15 14:19 - 2015-03-13 05:08 - 00720384 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
2015-04-15 14:19 - 2015-03-13 05:07 - 00801280 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
2015-04-15 14:19 - 2015-03-13 05:00 - 14397440 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
2015-04-15 14:19 - 2015-03-13 04:50 - 00880128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcomm.dll
2015-04-15 14:19 - 2015-03-13 04:49 - 04305408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
2015-04-15 14:19 - 2015-03-13 04:45 - 02358784 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
2015-04-15 14:19 - 2015-03-13 04:44 - 00689152 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
2015-04-15 14:19 - 2015-03-13 04:34 - 12825600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
2015-04-15 14:19 - 2015-03-13 04:33 - 01548288 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
2015-04-15 14:19 - 2015-03-13 04:22 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
2015-04-15 14:19 - 2015-03-13 04:20 - 01888256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
2015-04-15 14:19 - 2015-03-13 04:16 - 01311232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
2015-04-15 14:19 - 2015-03-13 04:14 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
2015-04-15 14:12 - 2015-03-13 04:58 - 00259072 _____ (Microsoft Corporation) C:\Windows\system32\pku2u.dll
2015-04-15 14:12 - 2015-03-13 04:37 - 00208896 _____ (Microsoft Corporation) C:\Windows\SysWOW64\pku2u.dll
2015-04-15 14:11 - 2015-03-23 00:45 - 00227328 _____ (Microsoft Corporation) C:\Windows\system32\aepdu.dll
2015-04-15 14:11 - 2015-03-23 00:09 - 01111552 _____ (Microsoft Corporation) C:\Windows\system32\aeinv.dll
2015-04-15 14:11 - 2015-03-23 00:09 - 00957440 _____ (Microsoft Corporation) C:\Windows\system32\appraiser.dll
2015-04-15 14:11 - 2015-03-23 00:09 - 00769024 _____ (Microsoft Corporation) C:\Windows\system32\invagent.dll
2015-04-15 14:11 - 2015-03-23 00:09 - 00726528 _____ (Microsoft Corporation) C:\Windows\system32\generaltel.dll
2015-04-15 14:11 - 2015-03-23 00:09 - 00419328 _____ (Microsoft Corporation) C:\Windows\system32\devinv.dll
2015-04-15 14:11 - 2015-03-23 00:09 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\acmigration.dll
2015-04-15 14:11 - 2015-03-14 10:54 - 00133256 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe
2015-04-15 14:11 - 2015-03-14 03:56 - 00066048 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll
2015-04-15 14:11 - 2015-03-14 03:56 - 00052224 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll
2015-04-15 14:11 - 2015-03-14 03:51 - 00015360 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll
2015-04-15 14:11 - 2015-03-14 03:37 - 00267264 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll
2015-04-15 14:11 - 2015-03-14 03:14 - 00027136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wups.dll
2015-04-15 14:11 - 2015-03-14 02:22 - 03678720 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll
2015-04-15 14:11 - 2015-03-14 02:12 - 00140288 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll
2015-04-15 14:11 - 2015-03-14 02:12 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe
2015-04-15 14:11 - 2015-03-14 02:09 - 00200192 _____ (Microsoft Corporation) C:\Windows\system32\storewuauth.dll
2015-04-15 14:11 - 2015-03-14 02:08 - 00408064 _____ (Microsoft Corporation) C:\Windows\system32\WUSettingsProvider.dll
2015-04-15 14:11 - 2015-03-14 02:08 - 00095744 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll
2015-04-15 14:11 - 2015-03-14 02:06 - 02373632 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll
2015-04-15 14:11 - 2015-03-14 02:06 - 00891392 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll
2015-04-15 14:11 - 2015-03-14 02:02 - 00124928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuwebv.dll
2015-04-15 14:11 - 2015-03-14 02:02 - 00029696 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapp.exe
2015-04-15 14:11 - 2015-03-14 01:59 - 00721920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wuapi.dll
2015-04-15 14:11 - 2015-03-14 01:59 - 00081920 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wudriver.dll
2015-04-15 14:11 - 2015-03-04 12:25 - 00377152 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\clfs.sys
2015-04-15 14:11 - 2015-03-04 05:04 - 00075264 _____ (Microsoft Corporation) C:\Windows\system32\clfsw32.dll
2015-04-15 14:11 - 2015-03-04 04:19 - 00058880 _____ (Microsoft Corporation) C:\Windows\SysWOW64\clfsw32.dll
2015-04-15 14:11 - 2015-02-24 10:32 - 00991552 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\http.sys
2015-04-14 22:59 - 2012-06-01 13:48 - 00000000 ____D () C:\Users\jozef\Downloads\word-cs-2010-01-25
2015-04-12 14:04 - 2015-04-12 14:04 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3797765252-2411825924-2723573438-1007
2015-04-12 13:16 - 2015-04-12 13:16 - 00000000 ____D () C:\Windows\%LOCALAPPDATA%
2015-04-12 12:59 - 2015-04-12 14:01 - 00000000 ____D () C:\Users\Ján\AppData\Local\Packages
2015-04-12 12:59 - 2015-04-12 12:59 - 00001446 _____ () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
2015-04-12 12:59 - 2015-04-12 12:59 - 00000000 ____D () C:\Users\Ján\AppData\Roaming\Adobe
2015-04-12 12:59 - 2015-04-12 12:59 - 00000000 ____D () C:\Users\Ján\AppData\Local\VirtualStore
2015-04-12 12:59 - 2015-04-12 12:59 - 00000000 ____D () C:\Users\Ján\AppData\Local\Google
2015-04-12 12:58 - 2015-04-18 07:59 - 00000000 ___RD () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-12 12:58 - 2015-04-18 07:59 - 00000000 ___RD () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-12 12:58 - 2015-04-18 07:59 - 00000000 ___RD () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-12 12:58 - 2015-04-18 07:59 - 00000000 ____D () C:\Users\Ján
2015-04-12 12:58 - 2015-04-12 12:58 - 00000020 ___SH () C:\Users\Ján\ntuser.ini
2015-04-12 12:58 - 2014-11-18 05:28 - 00000000 ____D () C:\Users\Ján\AppData\Local\Microsoft Help
2015-04-12 12:58 - 2014-11-17 02:34 - 00000000 ____D () C:\Users\Ján\AppData\Roaming\Macromedia
2015-04-12 12:58 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Pictures.lnk
2015-04-12 12:58 - 2014-02-22 06:37 - 00000369 _____ () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Documents.lnk
2015-04-12 12:58 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Ján\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-10 22:57 - 2015-04-10 22:57 - 00296211 _____ () C:\Users\jozef\Downloads\sablona_en.zip
2015-04-10 22:49 - 2015-04-10 22:49 - 00615129 _____ () C:\Users\jozef\Downloads\sablona_word.zip
2015-04-10 22:27 - 2015-04-10 22:27 - 00000000 ____D () C:\ProgramData\TEMP
2015-04-10 22:26 - 2015-04-10 22:27 - 05301800 _____ (Dll-Files.com ) C:\Users\jozef\Downloads\dff_fdp2-msvcp100.exe
2015-04-10 22:24 - 2015-04-10 22:24 - 00037888 _____ () C:\Users\jozef\Downloads\program-v-příkazovim-řádku-na-heslo.exe
2015-04-10 20:29 - 2015-04-20 22:09 - 01385399 _____ () C:\Windows\WindowsUpdate.log
2015-04-10 12:36 - 2015-04-18 07:54 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ESET
2015-04-10 12:36 - 2015-04-10 12:36 - 00000000 ____D () C:\ProgramData\ESET
2015-04-10 12:36 - 2015-04-10 12:36 - 00000000 ____D () C:\Program Files\ESET
2015-04-10 12:35 - 2015-04-10 12:35 - 00000000 ____D () C:\Windows\SysWOW64\temp
2015-04-10 12:26 - 2015-04-10 12:26 - 01892352 _____ () C:\Users\jozef\Downloads\seznam_kval_praci_1958_az_2008.xls
2015-04-04 16:22 - 2015-04-18 07:59 - 00000000 ___SD () C:\Windows\system32\GWX
2015-04-04 16:22 - 2015-04-04 16:22 - 00000000 ___SD () C:\Windows\SysWOW64\GWX
2015-04-04 16:22 - 2015-03-14 10:20 - 01385256 _____ (Microsoft Corporation) C:\Windows\system32\msctf.dll
2015-04-04 16:22 - 2015-03-14 10:13 - 01124352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msctf.dll
2015-04-02 16:27 - 2015-04-10 17:03 - 00000000 ____D () C:\Users\jozef\Desktop\TOMIAS
2015-03-29 12:47 - 2015-03-29 12:47 - 06214144 _____ () C:\Users\jozef\Downloads\PREZ_2013_PDS_II_1.ppt
2015-03-28 21:57 - 2015-04-17 16:54 - 00000000 ____D () C:\Users\jozef\AppData\Roaming\GIRDAC
2015-03-28 21:57 - 2015-03-28 21:57 - 00000000 ____D () C:\GIRDAC
2015-03-28 21:56 - 2015-03-28 21:57 - 03518602 _____ () C:\Users\jozef\Downloads\PDF-to-Word-Trial-Setup.zip
2015-03-28 01:43 - 2015-03-28 01:43 - 01041154 _____ () C:\Users\jozef\Downloads\text-spravy-o-hodnoteni-sprava-e.zip
2015-03-26 15:20 - 2015-03-26 15:20 - 01054912 _____ (Adobe) C:\Users\jozef\Downloads\install_flashplayer17x32au_mssd_aaa_aih.exe
2015-03-26 12:32 - 2015-03-26 12:32 - 00003098 _____ () C:\Windows\System32\Tasks\{12D5A815-3E29-4008-9163-69BC44959D38}
2015-03-25 19:57 - 2015-03-25 19:57 - 00086528 _____ () C:\Users\jozef\Downloads\ako citovat.ppt
2015-03-21 22:23 - 2015-03-21 22:23 - 01660616 _____ (ESET) C:\Users\jozef\Downloads\eset_smart_security_live_installer_ (2).exe
2015-03-21 22:01 - 2015-03-21 22:01 - 00000000 ____D () C:\Users\jozef\AppData\Roaming\ESET
2015-03-21 21:58 - 2015-03-21 21:59 - 01660616 _____ (ESET) C:\Users\jozef\Downloads\eset_smart_security_live_installer_ (1).exe
2015-03-21 21:41 - 2015-03-21 21:41 - 01660616 _____ (ESET) C:\Users\jozef\Downloads\eset_smart_security_live_installer_.exe

==================== One Month Modified Files and Folders =======

(If an entry is included in the fixlist, the file\folder will be moved.)

2015-04-20 22:23 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppReadiness
2015-04-20 22:13 - 2014-11-15 14:47 - 00000000 ____D () C:\Users\jozef\AppData\Roaming\Skype
2015-04-20 22:00 - 2015-01-19 08:26 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job
2015-04-20 22:00 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sru
2015-04-20 21:48 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\NDF
2015-04-20 21:39 - 2014-11-14 21:29 - 00000830 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-04-20 21:26 - 2014-11-14 18:42 - 00003598 _____ () C:\Windows\System32\Tasks\Optimize Start Menu Cache Files-S-1-5-21-3797765252-2411825924-2723573438-1001
2015-04-20 21:21 - 2014-11-14 18:38 - 00000000 __RDO () C:\Users\jozef\SkyDrive
2015-04-20 19:10 - 2015-02-14 01:25 - 00000000 ____D () C:\Users\jozef\Desktop\ivet
2015-04-20 18:37 - 2014-11-15 19:59 - 01100288 ___SH () C:\Users\jozef\Desktop\Thumbs.db
2015-04-20 17:52 - 2014-11-15 14:47 - 00000000 ____D () C:\ProgramData\Skype
2015-04-20 15:37 - 2015-02-22 19:30 - 00000000 ____D () C:\Users\jozef\AppData\Local\CrashDumps
2015-04-20 15:37 - 2014-11-14 19:38 - 00000000 ____D () C:\Users\jozef\Documents\Franto
2015-04-20 15:34 - 2013-08-22 16:45 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-04-19 14:18 - 2014-11-14 18:32 - 00000000 ____D () C:\Users\jozef
2015-04-19 10:18 - 2013-08-22 15:25 - 00262144 ___SH () C:\Windows\system32\config\BBI
2015-04-19 09:19 - 2015-02-17 01:35 - 00000000 ____D () C:\ProgramData\Malwarebytes
2015-04-19 09:03 - 2014-11-16 15:19 - 00000000 ____D () C:\Users\jozef\AppData\Roaming\uTorrent
2015-04-18 19:17 - 2014-11-16 17:43 - 00000000 ____D () C:\Users\jozef\AppData\Roaming\.purple
2015-04-18 15:35 - 2015-01-24 23:22 - 00000000 ___RD () C:\Users\jozef\Desktop\ 
2015-04-18 13:59 - 2014-11-14 18:35 - 00863592 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-04-18 07:59 - 2015-02-02 02:59 - 00000000 ____D () C:\Users\jozef\.umplayer
2015-04-18 07:59 - 2015-02-02 02:59 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\UMPlayer
2015-04-18 07:59 - 2015-02-02 02:59 - 00000000 ____D () C:\Program Files (x86)\UMPlayer
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\System Tools
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ___RD () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessibility
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-18 07:59 - 2013-08-22 17:36 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
2015-04-18 07:55 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\registration
2015-04-18 07:54 - 2014-12-15 20:10 - 00000000 ____D () C:\Program Files (x86)\Microsoft Office
2015-04-18 07:54 - 2014-11-18 04:46 - 00000000 ____D () C:\EEK
2015-04-18 07:54 - 2014-11-17 02:34 - 00000000 ____D () C:\Users\Default\AppData\Roaming\Macromedia
2015-04-18 07:54 - 2014-11-17 02:34 - 00000000 ____D () C:\Users\Default User\AppData\Roaming\Macromedia
2015-04-18 07:54 - 2013-08-22 15:36 - 00000000 __RHD () C:\Users\Default
2015-04-18 06:12 - 2014-11-14 18:27 - 00000000 __SHD () C:\Recovery
2015-04-18 03:22 - 2015-02-19 03:57 - 00000000 ____D () C:\Program Files\trend micro
2015-04-17 17:00 - 2015-01-12 16:28 - 00000000 ____D () C:\ProgramData\Nero
2015-04-17 03:17 - 2015-03-13 14:13 - 00000000 ____D () C:\Users\jozef\Desktop\zvolensky
2015-04-17 02:32 - 2015-02-10 19:07 - 00000000 ____D () C:\Users\jozef\Desktop\katka
2015-04-17 01:45 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\rescache
2015-04-16 20:26 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\AppCompat
2015-04-16 20:13 - 2013-08-22 17:20 - 00000000 ____D () C:\Windows\CbsTemp
2015-04-15 23:55 - 2015-02-22 13:55 - 00000000 ____D () C:\Users\jozef\Desktop\zelkaa
2015-04-15 19:19 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\SysWOW64\sk-SK
2015-04-15 19:19 - 2013-08-22 17:36 - 00000000 ____D () C:\Windows\system32\sk-SK
2015-04-15 18:55 - 2014-11-14 19:21 - 00000000 ____D () C:\ProgramData\Microsoft Help
2015-04-15 18:54 - 2014-11-15 02:58 - 00000000 ____D () C:\Windows\system32\MRT
2015-04-15 18:38 - 2014-11-15 02:58 - 128913832 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
2015-04-15 18:33 - 2013-08-22 15:25 - 00000167 _____ () C:\Windows\win.ini
2015-04-15 18:23 - 2014-12-11 02:49 - 00000000 ____D () C:\Windows\system32\appraiser
2015-04-15 18:23 - 2014-11-15 19:02 - 00000000 ___SD () C:\Windows\system32\CompatTel
2015-04-15 17:38 - 2015-01-19 08:26 - 00002215 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-04-14 18:40 - 2014-11-14 21:29 - 00003718 _____ () C:\Windows\System32\Tasks\Adobe Flash Player Updater
2015-04-14 01:24 - 2014-12-11 02:55 - 00792056 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
2015-04-14 01:24 - 2014-12-11 02:55 - 00178168 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
2015-04-12 13:12 - 2014-11-14 18:37 - 00000000 ____D () C:\Windows\System32\Tasks\WPD
2015-04-10 22:28 - 2011-06-11 02:58 - 00421200 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msvcp100.dll
2015-04-10 22:28 - 2011-06-11 02:15 - 00608080 _____ (Microsoft Corporation) C:\Windows\system32\msvcp100.dll
2015-03-30 02:13 - 2014-11-14 23:56 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
2015-03-29 18:43 - 2014-11-14 18:29 - 00000000 ____D () C:\Windows\softwaredistribution.bak
2015-03-26 12:32 - 2014-11-14 19:58 - 00000000 ____D () C:\Users\jozef\AppData\Local\Adobe
2015-03-26 00:49 - 2015-02-27 13:46 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
2015-03-24 23:37 - 2015-02-14 01:25 - 00000000 ____D () C:\Users\jozef\Desktop\petra
2015-03-24 12:45 - 2015-02-13 18:34 - 00000000 ____D () C:\Windows\Minidump

==================== Files in the root of some directories =======

2014-12-07 07:55 - 2014-12-07 07:55 - 0000017 _____ () C:\Users\jozef\AppData\Local\resmon.resmoncfg
2014-11-19 15:02 - 2014-11-19 15:02 - 0000057 _____ () C:\ProgramData\Ament.ini
2015-03-11 06:48 - 2015-03-11 06:48 - 0005039 _____ () C:\ProgramData\wmzddnmb.cix

Some content of TEMP:
====================
C:\Users\jozef\AppData\Local\Temp\BSvcProcessor.exe
C:\Users\jozef\AppData\Local\Temp\BSvcUpdater.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-04-19 10:09

==================== End Of Log ============================

[dodo148]

Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-04-2015 01
Ran by jozef at 2015-04-20 22:26:12
Running from C:\Users\jozef\Desktop
Boot Mode: Normal
==========================================================


==================== Security Center ========================

(If an entry is included in the fixlist, it will be removed.)

AV: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
AS: ESET Smart Security 8.0 (Enabled - Up to date) {A2447E4A-A5AC-AE9D-7C6B-2EC29C58E834}
FW: ESET Personálny Firewall (Enabled) {211E1E8B-C9F9-A04B-6D84-BC85190CE5F2}

==================== Installed Programs ======================

(Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

µTorrent (HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\uTorrent) (Version: 3.4.2.35702 - BitTorrent Inc.)
Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 2.0.2.12610 - Adobe Systems Inc.)
Adobe Flash Player 17 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 17.0.0.169 - Adobe Systems Incorporated)
Adobe Reader XI (11.0.10) - Czech (HKLM-x32\...\{AC76BA86-7AD7-1029-7B44-AB0000000001}) (Version: 11.0.10 - Adobe Systems Incorporated)
CCleaner (HKLM\...\CCleaner) (Version: 4.19 - Piriform)
EA Download Manager (HKLM-x32\...\EA Download Manager) (Version: 6.0.4.124 - Electronic Arts, Inc.)
EA Download Manager UI (HKLM-x32\...\com.ea.Vault.919CACB699904AC5D41B606703500DD39747C02D.1) (Version: 6.0.4.124 - Electronic Arts)
EA Download Manager UI (x32 Version: 6.0.4 - Electronic Arts) Hidden
ESET Smart Security (HKLM\...\{420F27A7-A46B-4D90-97C9-57C08037761B}) (Version: 8.0.312.3 - ESET, spol s r. o.)
Google Chrome (HKLM-x32\...\Google Chrome) (Version: 42.0.2311.90 - Spoločnosť Google Inc.)
Google Update Helper (x32 Version: 1.3.25.11 - Google Inc.) Hidden
Google Update Helper (x32 Version: 1.3.26.9 - Google Inc.) Hidden
HP Deskjet 1050 J410 series Basic Device Software (HKLM\...\{F294770E-F869-400F-81C3-614B5F13CA54}) (Version: 28.0.1313.0 - Hewlett-Packard Co.)
KMSpico v9.1.3 (HKLM\...\KMSpico_is1) (Version: 9.1.3 - )
Microsoft Office Excel Viewer (HKLM-x32\...\{95120000-003F-041B-0000-0000000FF1CE}) (Version: 12.0.6612.1000 - Microsoft Corporation)
Microsoft Office Professional Plus 2010 (HKLM-x32\...\Office14.PROPLUS) (Version: 14.0.4734.1000 - Microsoft Corporation)
Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (HKLM\...\{8220EEFE-38CD-377E-8595-13398D740ACE}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
Mozilla Firefox 36.0.1 (x86 sk) (HKLM-x32\...\Mozilla Firefox 36.0.1 (x86 sk)) (Version: 36.0.1 - Mozilla)
Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 33.1 - Mozilla)
Need for Speed(TM) Hot Pursuit (HKLM-x32\...\{83A606F5-BF6F-42ED-9F33-B9F74297CDED}) (Version: 1.0.0.0 - Electronic Arts)
NetBet Poker (HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Netbet Poker) (Version: - )
Pidgin (HKLM-x32\...\Pidgin) (Version: 2.10.10 - )
pidgin-otr 4.0.1 (HKLM-x32\...\pidgin-otr) (Version: 4.0.1 - Cypherpunks CA)
R for Windows 3.1.2 (HKLM\...\R for Windows 3.1.2_is1) (Version: 3.1.2 - R Core Team)
Skype Click to Call (HKLM-x32\...\{6D1221A9-17BF-4EC0-81F2-27D30EC30701}) (Version: 7.3.16540.9015 - Microsoft Corporation)
Skype™ 7.3 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.3.101 - Skype Technologies S.A.)
UMPlayer 0.98 [Athlon] (HKLM-x32\...\UMPlayer) (Version: 0.98 - Ori Rejwan)
WinRAR 5.11 (32-bit) (HKLM-x32\...\WinRAR archiver) (Version: 5.11.0 - win.rar GmbH)

==================== Custom CLSID (selected items): ==========================

(If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)


==================== Restore Points =========================

03-04-2015 11:04:11 Scheduled Checkpoint
10-04-2015 12:33:54 Nainštalované: ESET Smart Security
15-04-2015 18:21:39 Windows Update
17-04-2015 16:58:53 Removed Nero 9 Lite 4.4.9.0
17-04-2015 17:19:59 Odstránené Microsoft Office Excel Viewer
18-04-2015 02:02:24 ok
18-04-2015 14:19:37 Removed Skype™ 7.3
18-04-2015 14:21:10 Removed Skype Click to Call

==================== Hosts content: ==========================

(If needed Hosts: directive could be included in the fixlist to reset Hosts.)

2015-03-02 19:36 - 2015-03-02 19:36 - 00000000 ____A C:\Windows\system32\Drivers\etc\hosts

==================== Scheduled Tasks (whitelisted) =============

(If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

Task: {0C5F72A0-A79C-4DFC-B9D9-DB9501C36C45} - System32\Tasks\Microsoft\Windows\Setup\gwx\launchtrayprocess => C:\Windows\system32\GWX\GWX.exe [2015-03-24] (Microsoft Corporation)
Task: {246570E7-CEA0-4EDB-9A09-92AB01452098} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {2A5FDC88-58F6-4B51-85DC-133BEC46238C} - System32\Tasks\{9454E94D-14F0-44E6-8F80-DF07B2331083} => Chrome.exe http://www.skype.com/go/downloading?sou ... tError=404
Task: {323C0E38-EC51-47D5-9605-6D2F6A65E365} - System32\Tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {3DDF4976-23E6-4C2D-9B30-2A863392A1BB} - System32\Tasks\{F4799F63-8382-4EDF-B23E-E466509C3D27} => Chrome.exe http://ui.skype.com/ui/0/7.2.73.103.456 ... page=tsWLM
Task: {59E8B3C4-01DC-426B-A8EB-40B81034807B} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14] (Adobe Systems Incorporated)
Task: {5EECAF57-3904-4891-B60A-6CF552FDA9CF} - \AutoKMS No Task File <==== ATTENTION
Task: {686A8D28-887A-4DFE-B8E1-82BFC6184408} - System32\Tasks\Microsoft\Windows\RemovalTools\MRT_HB => C:\Windows\system32\MRT.exe [2015-04-15] (Microsoft Corporation)
Task: {6AE24406-D331-465B-ADD0-DEB9507F5439} - System32\Tasks\SDMsgUpdate (Local) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {6C5C5B47-1F8A-4DAB-9E5F-28FC5380CB00} - System32\Tasks\AutoPico Daily Restart => C:\Program Files\KMSpico\AutoPico.exe
Task: {7B72FA1E-B985-4F72-ADC9-FC41A17F4F6A} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19] (Google Inc.)
Task: {81094174-C325-480C-9117-D43440E85794} - System32\Tasks\{12D5A815-3E29-4008-9163-69BC44959D38} => Chrome.exe http://ui.skype.com/ui/0/7.2.73.103.456 ... page=tsWLM
Task: {8110EA24-292F-4AFF-9490-79602F6F6D52} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxconfig => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {81242251-0CAE-436A-B7BE-3CDF3246B0D3} - System32\Tasks\Microsoft\Windows\Setup\gwx\runappraiser => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {87B077DD-6BA0-43D0-B796-8DD3977409A8} - System32\Tasks\Microsoft\Windows\Setup\gwx\refreshgwxcontent => C:\Windows\system32\GWX\GWXConfigManager.exe [2015-03-24] (Microsoft Corporation)
Task: {8E1122D2-3783-448B-99BC-BC93014C5A79} - System32\Tasks\{3D59A568-10E4-4C5A-88F7-D3CBC3A3685A} => Iexplore.exe http://ui.skype.com/ui/0/6.22.73.107.45 ... rogressBar
Task: {CA14D869-11C4-4A22-921E-92157899930A} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
Task: {D4AF57DF-D4ED-4452-A149-37CA113D6AEC} - System32\Tasks\SDMsgUpdate (TE) => C:\SmartDraw CI\Messages\SDNotify.exe [2012-08-13] ()
Task: {E0D5D7B4-CC48-41D9-A2F8-0404D05E1326} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-10-23] (Piriform Ltd)
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Loaded Modules (whitelisted) ==============

2010-01-09 21:17 - 2010-01-09 21:17 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
2015-04-15 17:37 - 2015-04-13 23:55 - 01252680 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libglesv2.dll
2015-04-15 17:37 - 2015-04-13 23:55 - 00080712 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\libegl.dll
2015-04-15 17:37 - 2015-04-13 23:55 - 14980424 _____ () C:\Program Files (x86)\Google\Chrome\Application\42.0.2311.90\PepperFlash\pepflashplayer.dll

==================== Alternate Data Streams (whitelisted) =========

(If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)

AlternateDataStreams: C:\Users\jozef\SkyDrive:ms-properties

==================== Safe Mode (whitelisted) ===================

(If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\CleanHlp.sys => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp => ""="Driver"
HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\CleanHlp.sys => ""="Driver"

==================== EXE Association (whitelisted) ===============

(If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


==================== Other Areas ============================

(Currently there is no automatic fix for this section.)

HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Control Panel\Desktop\\Wallpaper ->
DNS Servers: 213.151.222.34 - 192.168.0.1

==================== MSCONFIG/TASK MANAGER disabled items ==

(Currently there is no automatic fix for this section.)

HKLM\...\StartupApproved\Run32: => "BCSSync"
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\StartupApproved\Run: => "CCleaner Monitoring"
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\StartupApproved\Run: => "Optimizer Pro"
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\StartupApproved\Run: => "DAEMON Tools Lite"
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\StartupApproved\Run: => "OfficeSyncProcess"

==================== Accounts: =============================

Administrator (S-1-5-21-3797765252-2411825924-2723573438-500 - Administrator - Disabled)
Guest (S-1-5-21-3797765252-2411825924-2723573438-501 - Limited - Disabled)
HomeGroupUser$ (S-1-5-21-3797765252-2411825924-2723573438-1009 - Limited - Enabled)
jozef (S-1-5-21-3797765252-2411825924-2723573438-1001 - Administrator - Enabled) => C:\Users\jozef
Ján (S-1-5-21-3797765252-2411825924-2723573438-1007 - Limited - Enabled) => C:\Users\Ján

==================== Faulty Device Manager Devices =============


==================== Event log errors: =========================

Application errors:
==================
Error: (04/20/2015 10:10:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (04/20/2015 10:09:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (04/20/2015 10:09:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/20/2015 10:09:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/20/2015 09:53:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0xC004F074
Command-line arguments:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (04/20/2015 09:21:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2147024891 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (04/20/2015 09:21:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2147024891 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (04/20/2015 09:21:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2147024891 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.

Error: (04/20/2015 09:20:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: License Activation (slui.exe) failed with the following error code:
hr=0x8007139F
Command-line arguments:
RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/20/2015 07:28:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: Aktivácia aplikácie microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1 zlyhala pre chybu: -2147024891 Ďalšie informácie nájdete v denníku Microsoft-Windows-TWinUI/Operational.


System errors:
=============
Error: (04/20/2015 09:21:29 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 09:21:29 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 09:21:29 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 07:27:58 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 07:27:58 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 07:04:23 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 07:04:23 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 06:39:49 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 06:34:23 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable

Error: (04/20/2015 06:34:23 PM) (Source: DCOM) (EventID: 10001) (User: TILLKO)
Description: "C:\Program Files\WindowsApps\microsoft.windowscommunicationsapps_17.5.9600.20689_x64__8wekyb3d8bbwe\LiveComm.exe" -ServerName:Microsoft.WindowsLive.Platform.Server5Microsoft.WindowsLive.Mail.AppXj3e9v0xw9sf8t58nqr15tqqb2yq4zsfg.mcaUnavailableUnavailable


Microsoft Office Sessions:
=========================
Error: (04/20/2015 10:10:09 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (04/20/2015 10:09:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkQuarantineRetry

Error: (04/20/2015 10:09:48 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/20/2015 10:09:27 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/20/2015 09:53:00 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0xC004F074RuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=UserLogon;SessionId=2

Error: (04/20/2015 09:21:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (04/20/2015 09:21:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (04/20/2015 09:21:34 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891

Error: (04/20/2015 09:20:42 PM) (Source: Software Protection Platform Service) (EventID: 8198) (User: )
Description: hr=0x8007139FRuleId=dca14e37-0c5c-444f-9b35-1e2f161f5ac3;Action=AutoActivate;AppId=55c92734-d682-4d71-983e-d6ec3f16059f;SkuId=c06b6981-d7fd-4a35-b7b4-054742b7af67;NotificationInterval=1440;Trigger=NetworkAvailable

Error: (04/20/2015 07:28:03 PM) (Source: Microsoft-Windows-Immersive-Shell) (EventID: 5973) (User: TILLKO)
Description: microsoft.windowscommunicationsapps_8wekyb3d8bbwe!ppleae38af2e007f4358a809ac99a64a67c1-2147024891


CodeIntegrity Errors:
===================================
Date: 2015-04-20 19:30:58.959
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 19:30:58.404
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:11.203
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:10.750
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:10.313
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:09.813
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:09.234
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:08.594
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:08.138
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.

Date: 2015-04-20 17:55:07.468
Description: Code Integrity determined that a process (\Device\HarddiskVolume1\Program Files\Windows Defender\MsMpEng.exe) attempted to load \Device\HarddiskVolume1\Program Files\Microsoft Silverlight\xapauthenticodesip.dll that did not meet the Custom 3 / Antimalware signing level requirements.


==================== Memory info ===========================

Processor: AMD Athlon(tm) II P320 Dual-Core Processor
Percentage of memory in use: 58%
Total physical RAM: 3834.89 MB
Available physical RAM: 1579.82 MB
Total Pagefile: 4570.89 MB
Available Pagefile: 1910.34 MB
Total Virtual: 131072 MB
Available Virtual: 131071.8 MB

==================== Drives ================================

Drive c: () (Fixed) (Total:297.75 GB) (Free:209.69 GB) NTFS ==>[Drive with boot components (obtained from BCD)]

==================== MBR & Partition Table ==================

========================================================
Disk: 0 (MBR Code: Windows 7 or 8) (Size: 298.1 GB) (Disk ID: 3C928CC0)
Partition 1: (Active) - (Size=297.7 GB) - (Type=07 NTFS)

==================== End Of Log ============================

[Márty84]

Bezi vam tam dva antiviry. Eset a Defender. Jeden musi pryc!


Otevrete si poznamkovy blok a zkopirujte do nej tento skript

Kód: Vybrat vše

Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [BingSvc] => C:\Users\jozef\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)

HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

CHR Extension: (Skype Click to Call) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-11-18] (Emsisoft GmbH)

Task: {5EECAF57-3904-4891-B60A-6CF552FDA9CF} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End

Vlevo nahore kliknete na napis Soubor
Kliknete na napis Ulozit jako...
Napiste spravne ten cerveny nazev fixlist a ulozte na plochu.
Vypnete antivir i dalsi pripadne zabezpeceni.
Spustte FRST jako spravce, kliknete na napis Fix a program vykona prikazy.
Po restartu pc by se mel objevit novy log - s nazvem fixlog, ten mi sem zase zkopirujte.

[dodo148]

nech sa páči

Fix result of Farbar Recovery Tool (FRST written by Farbar) (x64) Version: 20-04-2015
Ran by jozef at 2015-04-21 21:24:54 Run:1
Running from C:\Users\jozef\Desktop
Loaded Profiles: jozef (Available profiles: jozef & Ján)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
CloseProcesses:
CreateRestorePoint:

HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [6501656 2014-10-23] (Piriform Ltd)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [OfficeSyncProcess] => C:\Program Files (x86)\Microsoft Office\Office14\MSOSYNC.EXE [717696 2010-01-16] (Microsoft Corporation)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [31682144 2015-03-25] (Skype Technologies S.A.)
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\...\Run: [BingSvc] => C:\Users\jozef\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2015-04-07] (© 2015 Microsoft Corporation)

HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)
Handler: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2014-07-14] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-07-14] (Microsoft Corporation)

FF Homepage: hxxp://www.msn.com/?pc=SK2M&ocid=SK2MDHP&osmkt=en-ww
FF Extension: Skype Click to Call - C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi [2014-07-14]

CHR Extension: (Skype Click to Call) - C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl [2015-04-20]
CHR HKLM-x32\...\Chrome\Extension: [lifbcibllhkdhoafpjfnlhfpfgnpldfl] - C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx [2014-07-14]

R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1390176 2014-07-14] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1767520 2014-07-14] (Microsoft Corporation)
U0 Partizan; system32\drivers\Partizan.sys [X]
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe [2014-12-03 81088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2015-02-18 315488]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2015-04-14 268464]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2015-01-19 107912]
S3 cleanhlp; C:\EEK\bin\cleanhlp64.sys [57024 2014-11-18] (Emsisoft GmbH)

Task: {5EECAF57-3904-4891-B60A-6CF552FDA9CF} - \AutoKMS No Task File <==== ATTENTION
Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

Hosts:
EmptyTemp:
Reboot:
End
*****************

Processes closed successfully.
Error: (0) Failed to create a restore point.
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Windows\CurrentVersion\Run\\CCleaner Monitoring => value deleted successfully.
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Windows\CurrentVersion\Run\\OfficeSyncProcess => value deleted successfully.
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Windows\CurrentVersion\Run\\Skype => value deleted successfully.
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value deleted successfully.
HKU\S-1-5-21-3797765252-2411825924-2723573438-1001\Software\Microsoft\Internet Explorer\Main\\Start Page => Value was restored successfully.
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => Key deleted successfully.
"HKCR\PROTOCOLS\Handler\skypec2c" => Key deleted successfully.
"HKCR\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c => Key not found.
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => Key deleted successfully.
Firefox homepage deleted successfully.
C:\Program Files (x86)\Mozilla Firefox\browser\extensions\{82AF8DCA-6DE9-405D-BD5E-43525BDAD38A}.xpi => Moved successfully.
C:\Users\jozef\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl directory not found.
"HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\lifbcibllhkdhoafpjfnlhfpfgnpldfl" => Key deleted successfully.
C:\Program Files (x86)\Skype\Toolbars\ChromeExtension\skype_chrome_extension.crx => Moved successfully.
c2cautoupdatesvc => Service deleted successfully.
c2cpnrsvc => Service deleted successfully.
Partizan => Service deleted successfully.
AdobeARMservice => Service deleted successfully.
gupdate => Service deleted successfully.
SkypeUpdate => Service deleted successfully.
AdobeFlashPlayerUpdateSvc => Service deleted successfully.
gupdatem => Service deleted successfully.
cleanhlp => Service deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Boot\{5EECAF57-3904-4891-B60A-6CF552FDA9CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{5EECAF57-3904-4891-B60A-6CF552FDA9CF}" => Key deleted successfully.
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => Key deleted successfully.
C:\Windows\Tasks\Adobe Flash Player Updater.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d033b0cef2f68a.job => Moved successfully.
"C:\Windows\System32\Drivers\etc\hosts" => Could not move.
Could not reset Hosts.
EmptyTemp: => Removed 434.8 MB temporary data.


The system needed a reboot.

==== End of Fixlog 21:32:35 ====

[Márty84]

Vsechny tyto programy - vcetne pripadne instalace - spoustejte jako spravce (kliknete na ne pravym mysidlem a zvolte - Spustit jako spravce)

DelFix https://toolslib.net/downloads/finish/2/

• Stahnete a spustte
• Ponechte zatrzitkou pouze u volby Remove disinfection tools
• Kliknete na Run

Stahnete Ccleaner http://www.filehippo.com/download_ccleaner a spustte.
Pri instalaci pozor na toolbar (ci jine doplnky), jestli vam nabidne jeho instalaci, tak zruste zatrzitko.
Po spusteni se ocitnete ve funkci Cistic. Vlevo je spousta zatrzitek. Pozor dejte hlavne na kos, pokud nechate zatrzene, vzdy ho vysype.
Dale, podle toho jak je nastaven, smaze vsechna hesla ulozena na netu!!! Takze jestli mate nastavene, at si pocitac hesla pamatuje (coz neni pro bezpecnost dobre), budete je muset pak napsat znova rucne (napr mail, facebook, ruzna fora atd.)
Kliknete na Analyzovat a az dokonci analyzu, kliknete na Spustit Cleaner.
Potom kliknete vlevo na funkci Registry
Kliknete na Hledej problemy, kdyz najde, kliknete na Opravit problemy. Nabidne Vam zalohu, tu udelejte a ulozte ji tak, at ji v pripade potreby najdete.
Funkce Nastroje umoznuje odinstalovani programu. Je dukladnejsi nez samotny windows!
(Pokud je v pc vice uzivatelskych uctu, pouzijte program i v nich)

Defragmentujte disk(y) (SSD Disky ne!)
Stahnete program Defraggler https://www.piriform.com/defraggler/download/standard
Pri instalaci opet pozor na toolbar a dalsi nesmysly.
Po nainstalovani program spustte a kliknete na Analyzovat, po analyze kliknete na Defragmentovat a programek odvede svou praci.




Pak napiste, jak je na tom pc.

[dodo148]

nuz musime počkat 22 hod na dokoncenie defrag. ale uz teraz to vyzera

[Márty84]

Tak pak pc chvili testujte a dejte vedet. Snad to pobezi bez potizi

[dodo148]

zdravim. vydržal som nejaky čas a znovu sa objavuju problemy. ktorý log potrebujete vidiet?
Dakujem

[Márty84]

Zdravim.

Zadny, uz to resite zde http://forum.viry.cz/viewtopic.php?f=30&t=144183

[dodo148]

nevedel som ze to takto funguje
tak ja teda prajem prijemny zvyšok dna

[Márty84]

Je treba si precist pravidla fora, tam je to napsano. 1pc = 1tema. Kdyz uz jste zalozil nove a tam uz se vas nekdo ujal, ja uz do toho vstupovat nebudu.

Takze tady

Mejte se