zde log po fixu z FRST:
Fix result of Farbar Recovery Scan Tool (x64) Version:05-03-2016 01
Ran by Dlabal (2016-04-01 19:07:47) Run:1
Running from C:\Users\Dlabal\Desktop
Loaded Profiles: Dlabal (Available Profiles: Dlabal & Kuba a Jindra)
Boot Mode: Normal
==============================================
fixlist content:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [335232 2015-04-10] (Oracle Corporation)
HKU\S-1-5-21-4012046027-2663729122-3567796052-1000\...\Run: [BingSvc] => C:\Users\Dlabal\AppData\Local\Microsoft\BingSvc\BingSvc.exe [144008 2016-01-24] (© 2015 Microsoft Corporation)
C:\Users\Dlabal\AppData\Local\Microsoft\BingSvc
GroupPolicyUsers\S-1-5-21-4012046027-2663729122-3567796052-1001\User: Restriction <======= ATTENTION
BHO: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer x64\skypeieplugin.dll [2016-01-08] (Microsoft Corporation)
c:\Program Files (x86)\Skype\Toolbars
BHO-x32: Skype Click to Call for Internet Explorer -> {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} -> C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
Handler-x32: skypec2c - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2016-01-08] (Microsoft Corporation)
FF SearchEngineOrder.3: Bing
FF SelectedSearchEngine: Bing
FF Keyword.URL: hxxp://
www.bing.com/search?FORM=SK2MDF&PC=SK2M&q=
FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
R2 c2cautoupdatesvc; C:\Program Files (x86)\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [1433216 2016-01-08] (Microsoft Corporation)
R2 c2cpnrsvc; C:\Program Files (x86)\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [1773696 2016-01-08] (Microsoft Corporation)
U3 akvj0ugn; C:\Windows\System32\Drivers\akvj0ugn.sys [0 ] (Advanced Micro Devices) <==== ATTENTION (zero byte File/Folder)
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12ea4da294a63.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f217b38ee02c.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e21f1ae9be8c.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15eb5714bcc8.job
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e21f1c003f8c.job
C:\Users\Dlabal\AppData\Local\Temp
Task: {144D9369-C32B-41DB-8D9D-761FE6C7F6D9} - System32\Tasks\AutoKMS => C:\Windows\AutoKMS\AutoKMS.exe [2015-04-28] ()
C:\Windows\AutoKMS
End
*****************
HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value not found.
HKU\S-1-5-21-4012046027-2663729122-3567796052-1000\Software\Microsoft\Windows\CurrentVersion\Run\\BingSvc => value not found.
C:\Users\Dlabal\AppData\Local\Microsoft\BingSvc => moved successfully
C:\Windows\system32\GroupPolicyUsers\S-1-5-21-4012046027-2663729122-3567796052-1001\User => moved successfully
C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
c:\Program Files (x86)\Skype\Toolbars => moved successfully
"HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}" => key removed successfully
"HKCR\Wow6432Node\PROTOCOLS\Handler\skypec2c" => key removed successfully
"HKCR\Wow6432Node\CLSID\{91774881-D725-4E58-B298-07617B9B86A8}" => key removed successfully
Firefox SearchEngineOrder.3 removed successfully
Firefox SelectedSearchEngine removed successfully
Firefox "Keyword.URL" removed successfully
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => key removed successfully
c2cautoupdatesvc => Service stopped successfully.
c2cautoupdatesvc => service removed successfully
c2cpnrsvc => Service stopped successfully.
c2cpnrsvc => service removed successfully
akvj0ugn => service not found.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d12ea4da294a63.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0f217b38ee02c.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore1d0e21f1ae9be8c.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d15eb5714bcc8.job => moved successfully
C:\Windows\Tasks\GoogleUpdateTaskMachineUA1d0e21f1c003f8c.job => moved successfully
"C:\Users\Dlabal\AppData\Local\Temp" folder move:
Could not move "C:\Users\Dlabal\AppData\Local\Temp" => Scheduled to move on reboot.
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{144D9369-C32B-41DB-8D9D-761FE6C7F6D9} => key not found.
C:\Windows\System32\Tasks\AutoKMS => moved successfully
"HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tree\AutoKMS" => key removed successfully
C:\Windows\AutoKMS => moved successfully
Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2016-04-01 19:09:30)
C:\Users\Dlabal\AppData\Local\Temp => moved successfully
==== End of Fixlog 19:09:30 ====
