Zmizely mi rozšíření v chromu a nejdou zpět přidat

[Ukazovak]

Zdravím,
kocour mi občas spává na klávesnici a teď mi cosi v notebooku přenastavil (vážně si nevymýšlím ). Spustil nějaký program a možná naklikal, ať se k němu cosi stáhne, zkrátka a dobře objevily se mi nějaké okna reklam v prohlížeči, adblock je blokoval tak napůl, okna byla průhledná, ale bylo vidět, že tam jsou. Projel jsem to adwcleanerem, našel jednu věc, tak jsem odtušil, že to bude ten zádrhel, vyčistil jsem to a dal restart počítače.
Při příštím spuštění mi nejprve nešel vůbec spustit chrome, když jsem ho spustil, zmizely mi v něm věci jako shockwave, java, adblock a ještě jakési rozšíření, co jsem měl, abych si mohl přehrávat videa na webu Yahoo, co jdou spustit jen s IP adresou z USA.

Když teď přidám adblock, píše mi to Chyba, network_failed a nepřidá se. Proto prosím o kontrolu logu, případně i o radu, co s tím, děkuji.

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Cecko (administrator) on CECKO-PC on 21-05-2015 22:45:20
Running from C:\Users\Cecko\Desktop
Loaded Profiles: Cecko (Available profiles: Cecko)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Razer Inc.) D:\Programy\Razer\Razer Game Booster\RzKLService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Microsoft Corporation) C:\Windows\System32\taskmgr.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(forum.viry.cz) C:\Users\Cecko\Desktop\FRSTLauncher.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [357376 2009-09-16] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [Xvid] => C:\Programy\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [DellSystemDetect] => C:\Users\Cecko\AppData\Local\Apps\2.0\EY8Y7YLA.HM7\1ZCRG66M.W5Q\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [HotkeyP] => C:\Users\Cecko\Downloads\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [GoogleChromeAutoLaunch_0B286A6F5AA1809C7DE2AD42054FD681] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {99dbd8fb-40f0-11e4-8f3f-b8ac6f55ccb5} - H:\AutoRun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {e4284d93-de05-11e3-9b84-b8ac6f55ccb5} - G:\Autorun.exe
Startup: C:\Users\Cecko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk [2015-01-05]
ShortcutTarget: MultiSkypeLauncher.lnk -> D:\Programy\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: 127.0.0.1 nlsk.neulion.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Cecko\AppData\Roaming\Mozilla\Firefox\Profiles\tinxjr3p.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-06-29] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2153277708-1227587191-2765475175-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cecko\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2153277708-1227587191-2765475175-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-06-29] (Pando Networks)
FF Extension: Adblock Plus - C:\Users\Cecko\AppData\Roaming\Mozilla\Firefox\Profiles\tinxjr3p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-02]
StartMenuInternet: FIREFOX.EXE - C:\Programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Cecko\AppData\Local\Google\Chrome\User Data\Default

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Cecko\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-04-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Microsoft Office Groove Audit Service; D:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)
R2 RzKLService; D:\Programy\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-31] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-18] (Disc Soft Ltd)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 22:45 - 2015-05-21 22:46 - 00011207 _____ () C:\Users\Cecko\Desktop\FRST.txt
2015-05-21 21:40 - 2015-05-21 22:45 - 00000000 ____D () C:\FRST
2015-05-21 21:37 - 2015-05-21 21:37 - 00112640 _____ (forum.viry.cz) C:\Users\Cecko\Desktop\FRSTLauncher.exe
2015-05-21 21:35 - 2015-05-21 21:35 - 02108416 _____ (Farbar) C:\Users\Cecko\Desktop\FRST64.exe
2015-05-21 21:09 - 2015-05-21 21:09 - 02223104 _____ () C:\Users\Cecko\Downloads\adwcleaner_4.205 (1).exe
2015-05-21 20:50 - 2015-05-21 20:50 - 02223104 _____ () C:\Users\Cecko\Downloads\adwcleaner_4.205.exe
2015-05-21 09:49 - 2015-05-21 09:49 - 00000000 ____D () C:\Program Files (x86)\ModHeader
2015-05-20 20:04 - 2015-05-20 20:14 - 00067386 _____ () C:\Windows\War3Unin.dat
2015-05-20 20:04 - 2015-05-20 20:12 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2015-05-20 20:04 - 2015-05-20 20:12 - 00002829 _____ () C:\Windows\War3Unin.pif
2015-05-20 20:04 - 2015-05-20 20:12 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2015-05-20 20:04 - 2015-05-20 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2015-05-20 14:32 - 2015-05-20 14:32 - 00000000 ____D () C:\ProgramData\10424589449069144895
2015-05-18 23:33 - 2015-05-18 23:33 - 00124811 _____ () C:\Users\Cecko\Downloads\2015-05-18-replay.hbr
2015-05-18 12:45 - 2015-05-18 12:45 - 00028102 _____ () C:\Users\Cecko\Downloads\[katproxy.com]game.of.thrones.s05e06.hdtv.x264.asap.ettv.torrent
2015-05-18 05:31 - 2015-05-18 05:31 - 00022569 _____ () C:\Users\Cecko\Downloads\[katproxy.com]greys.anatomy.s11e24.hdtv.x264.lol.ettv.torrent
2015-05-17 19:54 - 2015-05-17 19:55 - 14056400 _____ () C:\Users\Cecko\ts3_recording_15_05_17_19_54_3.wav
2015-05-16 15:53 - 2015-05-16 15:53 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-15 21:34 - 2015-05-15 23:29 - 02421248 ____H () C:\Users\Cecko\Desktop\~WRL3705.tmp
2015-05-14 10:34 - 2015-05-14 10:34 - 00053649 _____ () C:\Users\Cecko\Downloads\Greys.Anatomy.S11E23.HDTV.x264-LOL.srt
2015-05-14 10:22 - 2015-05-14 10:22 - 00021544 _____ () C:\Users\Cecko\Downloads\[katproxy.com]greys.anatomy.s11e23.hdtv.x264.lol.ettv.torrent
2015-05-14 10:21 - 2015-05-14 10:21 - 00019913 _____ () C:\Users\Cecko\Downloads\[CzT]Vyplata_Paycheck_2003_CZ_.torrent
2015-05-13 18:00 - 2015-05-13 18:00 - 00001171 _____ () C:\Users\Cecko\Documents\napad-kniha-sen.txt
2015-05-12 17:11 - 2015-05-15 22:36 - 00000000 ____D () C:\Users\Cecko\Documents\Sophi
2015-05-11 20:50 - 2015-05-11 20:50 - 00046271 _____ () C:\Users\Cecko\Downloads\Game.of.Thrones.S05E05.HDTV.x264-ASAP.srt
2015-05-11 19:48 - 2015-05-11 19:49 - 00024905 _____ () C:\Users\Cecko\Downloads\[katproxy.com]game.of.thrones.s05e05.hdtv.x264.asap.ettv.torrent
2015-05-11 15:26 - 2015-05-11 15:27 - 00013142 _____ () C:\Users\Cecko\Downloads\[CzT]Minority_Report_2002_CZ_.torrent
2015-05-08 02:22 - 2015-05-08 02:23 - 00016364 _____ () C:\Users\Cecko\Downloads\Anvil.The.Story.of.Anvil.2008.LIMITED.BRRip.H264.AAC.Gopo.torrent
2015-05-06 07:04 - 2015-05-06 07:04 - 00011120 _____ () C:\Users\Cecko\Downloads\[katproxy.com]the.big.bang.theory.s08e23.hdtv.x264.lol.ettv.torrent
2015-05-06 07:02 - 2015-05-06 07:03 - 00020913 _____ () C:\Users\Cecko\Downloads\[katproxy.com]searching.for.sugar.man.2012.720p.brrip.x264.ac3.jyk.torrent
2015-05-04 02:07 - 2015-05-04 02:07 - 00035631 _____ () C:\Users\Cecko\Downloads\[katproxy.com]greys.anatomy.s11e22.hdtv.x264.killers.ettv.torrent
2015-05-02 01:36 - 2015-05-12 02:45 - 00000000 ____D () C:\Users\Cecko\Documents\OpenLieroX
2015-05-02 01:28 - 2015-05-02 01:28 - 00000000 ____D () C:\Users\Cecko\Downloads\OpenLieroX_0.58_rc3.win32
2015-05-02 00:41 - 2015-05-02 00:41 - 77892173 _____ () C:\Users\Cecko\Downloads\OpenLieroX_0.58_rc3.win32.zip
2015-05-01 05:26 - 2015-05-01 05:26 - 00010533 _____ () C:\Users\Cecko\Downloads\[katproxy.com]the.big.bang.theory.s08e22.hdtv.x264.lol.ettv.torrent
2015-04-30 16:16 - 2015-04-30 16:17 - 08098768 _____ () C:\Users\Cecko\Downloads\teeworlds-0.6.2-win64.zip
2015-04-28 21:48 - 2015-04-28 21:49 - 00105793 _____ () C:\Users\Cecko\Downloads\rumuni2015-04-28-replay.hbr
2015-04-27 19:26 - 2015-04-27 19:26 - 01541648 _____ (Dummy, Ltd.) C:\Users\Cecko\Downloads\worms armageddon 3.7.2.1 no cd crack_10924_i3072050_il345.exe
2015-04-27 19:21 - 2015-04-27 19:21 - 00000000 ____D () C:\Users\Cecko\Downloads\Worms-Armageddon-Patche-+-NO-CD-crack
2015-04-27 14:40 - 2015-04-27 14:40 - 00009755 _____ () C:\Users\Cecko\Downloads\WG.WGT
2015-04-25 15:26 - 2015-04-25 15:27 - 00016321 _____ () C:\Users\Cecko\Downloads\stažený soubor.htm
2015-04-24 13:21 - 2015-04-24 13:21 - 00021340 _____ () C:\Users\Cecko\Downloads\Greys.Anatomy.S11E21.HDTV.x264-LOL.torrent
2015-04-23 00:16 - 2015-04-23 00:16 - 01936909 _____ () C:\Users\Cecko\Downloads\crash.dmp
2015-04-23 00:09 - 2015-04-23 00:09 - 01679843 _____ () C:\Users\Cecko\Downloads\WA_update-3.7.0.0_Installer.exe
2015-04-21 12:01 - 2015-04-21 12:01 - 00102835 _____ () C:\Users\Cecko\Downloads\2015-04-19-replay.hbr

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-21 22:43 - 2014-04-28 20:54 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\Skype
2015-05-21 22:30 - 2015-03-22 22:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-21 21:49 - 2014-04-28 20:16 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-21 21:16 - 2015-03-14 19:50 - 00020318 _____ () C:\Windows\setupact.log
2015-05-21 21:00 - 2009-07-14 06:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-21 21:00 - 2009-07-14 06:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-21 20:56 - 2014-04-28 18:33 - 01693163 _____ () C:\Windows\WindowsUpdate.log
2015-05-21 20:53 - 2014-04-28 20:16 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-21 20:53 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-21 20:52 - 2014-07-25 16:25 - 00000000 ____D () C:\AdwCleaner
2015-05-21 20:32 - 2009-07-14 07:08 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 11:11 - 2015-02-09 03:36 - 00000569 _____ () C:\Users\Cecko\Desktop\ukoly.txt
2015-05-21 07:20 - 2014-04-28 20:17 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-20 16:15 - 2014-11-06 01:04 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1398709478
2015-05-20 16:15 - 2014-04-28 20:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-20 16:14 - 2014-04-29 04:28 - 00671734 _____ () C:\Windows\system32\perfh005.dat
2015-05-20 16:14 - 2014-04-29 04:28 - 00142298 _____ () C:\Windows\system32\perfc005.dat
2015-05-20 16:14 - 2009-07-14 07:13 - 01590850 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 16:09 - 2015-03-14 19:50 - 00001740 _____ () C:\Windows\PFRO.log
2015-05-18 19:32 - 2014-05-10 17:48 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\uTorrent
2015-05-17 23:44 - 2014-04-28 20:16 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 23:44 - 2014-04-28 20:16 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 19:54 - 2014-04-28 18:37 - 00000000 ____D () C:\Users\Cecko
2015-05-17 00:31 - 2009-07-14 04:34 - 00000750 _____ () C:\Windows\win.ini
2015-05-16 16:02 - 2014-05-05 00:25 - 00000000 ____D () C:\Users\Cecko\Documents\Camtasia Studio
2015-05-16 15:54 - 2014-06-13 13:18 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-10 12:28 - 2014-05-16 17:54 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\BSplayer
2015-05-09 01:13 - 2014-06-01 03:29 - 00009216 _____ () C:\Users\Cecko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-08 21:49 - 2014-05-18 16:17 - 00000000 ____D () C:\Users\Cecko\Desktop\crack
2015-05-02 01:34 - 2015-04-11 10:50 - 00000964 _____ () C:\Users\Cecko\Documents\stranky-www.txt
2015-04-30 04:16 - 2014-10-19 01:07 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2014-06-01 03:29 - 2015-05-09 01:13 - 0009216 _____ () C:\Users\Cecko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-10 18:48 - 2015-02-04 07:05 - 0007607 _____ () C:\Users\Cecko\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Cecko\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Cecko\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Cecko\AppData\Local\Temp\Quarantine.exe
C:\Users\Cecko\AppData\Local\Temp\SIntf16.dll
C:\Users\Cecko\AppData\Local\Temp\SIntf32.dll
C:\Users\Cecko\AppData\Local\Temp\SIntfNT.dll
C:\Users\Cecko\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cecko\AppData\Local\Temp\sqlite3.dll
C:\Users\Cecko\AppData\Local\Temp\war3_Install.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-18 23:54




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:100 GB) (Free:31.31 GB) NTFS
Drive d: () (Fixed) (Total:365.66 GB) (Free:51.86 GB) NTFS

Available physical RAM: 1596.2 MB
Total physical RAM: 3956.52 MB
Percentage of memory in use: 59%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2C2B8104)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Cecko\Desktop" je 107 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter
"C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Cecko\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Zdravím!
Spusťte tuto utilitu:

Stáhněte AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Uložte na plochu
Ukončete všechny programy
Klikněte nejprve na >Scan< a pak na >Clean<.
Proběhne skenováni a pak se objeví log, který sem vložte.

[Ukazovak]

# AdwCleaner v4.205 - Log vytvořen 23/05/2015 v 04:34:35
# Aktualizováno 21/05/2015 by Xplode
# Databáze : 2015-05-21.2 [Server]
# Operační system : Windows 7 Home Premium Service Pack 1 (x64)
# Uživatelské jméno : Cecko - CECKO-PC
# Spuštěno z : C:\Users\Cecko\Desktop\adwcleaner_4.205 (2).exe
# Nastavení : Čištění

***** [ Služby ] *****


***** [ Soubory / Složky ] *****


***** [ Naplánované úlohy ] *****


***** [ Zástupci ] *****


***** [ Registry ] *****


***** [ Prohlížeče ] *****

-\\ Internet Explorer v11.0.9600.17496


-\\ Mozilla Firefox v35.0.1 (x86 cs)


-\\ Google Chrome v43.0.2357.65

[C:\Users\Cecko\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Smazáno [Search Provider] : hxxp://websearch.searchtotal.info/?l=1&q={searchTerms}&pid=2921&r=2015/05/21&hid=11801882996342342022&lg=EN&cc=CZ&unqvl=88

-\\ Comodo Dragon v


-\\ Opera v29.0.1795.60


-\\ Chrome Canary v


*************************

AdwCleaner[R0].txt - [1244 bytů] - [25/07/2014 16:26:00]
AdwCleaner[R10].txt - [2990 bytů] - [18/12/2014 04:35:07]
AdwCleaner[R11].txt - [2208 bytů] - [23/12/2014 20:24:30]
AdwCleaner[R12].txt - [2372 bytů] - [13/01/2015 21:47:50]
AdwCleaner[R13].txt - [2495 bytů] - [18/01/2015 21:26:59]
AdwCleaner[R14].txt - [2642 bytů] - [27/01/2015 21:45:29]
AdwCleaner[R15].txt - [2764 bytů] - [28/01/2015 21:27:40]
AdwCleaner[R16].txt - [3175 bytů] - [06/02/2015 10:33:19]
AdwCleaner[R17].txt - [3228 bytů] - [14/03/2015 19:46:25]
AdwCleaner[R18].txt - [3202 bytů] - [22/03/2015 21:53:30]
AdwCleaner[R19].txt - [22906 bytů] - [21/05/2015 20:50:57]
AdwCleaner[R1].txt - [7654 bytů] - [31/08/2014 21:51:18]
AdwCleaner[R20].txt - [3457 bytů] - [23/05/2015 04:33:15]
AdwCleaner[R2].txt - [1558 bytů] - [14/09/2014 21:31:39]
AdwCleaner[R3].txt - [1243 bytů] - [28/09/2014 02:03:54]
AdwCleaner[R4].txt - [1624 bytů] - [11/10/2014 22:58:32]
AdwCleaner[R5].txt - [1684 bytů] - [17/10/2014 23:05:00]
AdwCleaner[R6].txt - [1620 bytů] - [26/10/2014 05:12:59]
AdwCleaner[R7].txt - [1773 bytů] - [28/10/2014 16:09:37]
AdwCleaner[R8].txt - [2274 bytů] - [13/11/2014 00:29:59]
AdwCleaner[R9].txt - [2015 bytů] - [27/11/2014 17:43:17]
AdwCleaner[S0].txt - [1304 bytů] - [25/07/2014 16:27:13]
AdwCleaner[S10].txt - [3027 bytů] - [18/12/2014 04:43:20]
AdwCleaner[S11].txt - [2232 bytů] - [23/12/2014 20:27:08]
AdwCleaner[S12].txt - [2396 bytů] - [13/01/2015 21:49:36]
AdwCleaner[S13].txt - [2518 bytů] - [18/01/2015 21:29:15]
AdwCleaner[S14].txt - [2665 bytů] - [27/01/2015 21:48:19]
AdwCleaner[S15].txt - [2787 bytů] - [28/01/2015 21:29:00]
AdwCleaner[S16].txt - [3172 bytů] - [06/02/2015 10:35:24]
AdwCleaner[S17].txt - [3260 bytů] - [14/03/2015 19:48:29]
AdwCleaner[S18].txt - [3232 bytů] - [22/03/2015 21:58:39]
AdwCleaner[S19].txt - [15444 bytů] - [21/05/2015 20:52:12]
AdwCleaner[S1].txt - [7446 bytů] - [31/08/2014 21:55:12]
AdwCleaner[S20].txt - [2916 bytů] - [23/05/2015 04:34:35]
AdwCleaner[S2].txt - [1656 bytů] - [14/09/2014 21:35:55]
AdwCleaner[S3].txt - [1266 bytů] - [28/09/2014 02:06:37]
AdwCleaner[S4].txt - [1650 bytů] - [11/10/2014 23:02:45]
AdwCleaner[S5].txt - [1703 bytů] - [17/10/2014 23:12:18]
AdwCleaner[S6].txt - [1596 bytů] - [26/10/2014 05:31:24]
AdwCleaner[S7].txt - [1790 bytů] - [28/10/2014 18:06:18]
AdwCleaner[S8].txt - [2304 bytů] - [13/11/2014 00:33:29]
AdwCleaner[S9].txt - [2039 bytů] - [27/11/2014 17:46:37]

########## EOF - C:\AdwCleaner\AdwCleaner[S20].txt - [3439 bytů] ##########

[Rudy]

Dejte nový log FRST.

[Ukazovak]

Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 21-05-2015
Ran by Cecko (administrator) on CECKO-PC on 23-05-2015 12:00:04
Running from C:\Users\Cecko\Desktop
Loaded Profiles: Cecko (Available profiles: Cecko)
Platform: Windows 7 Home Premium Service Pack 1 (X64) OS Language: Čeština (Česká republika)
Internet Explorer Version 11 (Default browser: Chrome)
Boot Mode: Normal
Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/33 ... scan-tool/

==================== Processes (Whitelisted) =================

(If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

(AMD) C:\Windows\System32\atiesrxx.exe
(AMD) C:\Windows\System32\atieclxx.exe
(Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\Apoint.exe
(Dell Inc.) C:\Program Files\Dell\QuickSet\quickset.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApMsgFwd.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\hidfind.exe
(Alps Electric Co., Ltd.) C:\Program Files\DellTPad\ApntEx.exe
(Andrea Electronics Corporation) C:\Program Files\Realtek\Audio\HDA\AERTSr64.exe
(Razer Inc.) D:\Programy\Razer\Razer Game Booster\RzKLService.exe
(Piriform Ltd) C:\Program Files\CCleaner\CCleaner64.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
(Advanced Micro Devices Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM.exe
(ATI Technologies Inc.) C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jucheck.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(TeamSpeak Systems GmbH) C:\Program Files (x86)\TeamSpeak 3 Client\ts3client_win32.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Google Inc.) C:\Program Files (x86)\Google\Chrome\Application\chrome.exe
(Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
(forum.viry.cz) C:\Users\Cecko\Desktop\FRSTLauncher.exe


==================== Registry (Whitelisted) ==================

(If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

HKLM-x32\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [8158240 2009-10-09] (Realtek Semiconductor)
HKLM-x32\...\Run: [Apoint] => C:\Program Files\DellTPad\Apoint.exe [357376 2009-09-16] (Alps Electric Co., Ltd.)
HKLM-x32\...\Run: [QuickSet] => C:\Program Files\Dell\QuickSet\QuickSet.exe [3189016 2009-10-01] (Dell Inc.)
HKLM-x32\...\Run: [StartCCC] => C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [98304 2010-01-22] (Advanced Micro Devices, Inc.)
HKLM-x32\...\Run: [GrooveMonitor] => D:\Programy\Microsoft Office\Office12\GrooveMonitor.exe [31016 2006-10-27] (Microsoft Corporation)
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [1022152 2014-12-19] (Adobe Systems Incorporated)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [Xvid] => C:\Programy\Xvid\CheckUpdate.exe [8192 2011-01-17] ()
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [DellSystemDetect] => C:\Users\Cecko\AppData\Local\Apps\2.0\EY8Y7YLA.HM7\1ZCRG66M.W5Q\dell..tion_e30b47f5d4a30e9e_0005.000e_4ab3a7332dd76702\DellSystemDetect.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [CCleaner Monitoring] => C:\Program Files\CCleaner\CCleaner64.exe [7394584 2014-12-12] (Piriform Ltd)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [HotkeyP] => C:\Users\Cecko\Downloads\hotkeyp\HotkeyP.exe [147456 2012-11-20] (Petr Laštovička)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\Run: [GoogleChromeAutoLaunch_0B286A6F5AA1809C7DE2AD42054FD681] => C:\Program Files (x86)\Google\Chrome\Application\chrome.exe [813896 2015-05-13] (Google Inc.)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {99dbd8fb-40f0-11e4-8f3f-b8ac6f55ccb5} - H:\AutoRun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {e4284d93-de05-11e3-9b84-b8ac6f55ccb5} - G:\Autorun.exe
Startup: C:\Users\Cecko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MultiSkypeLauncher.lnk [2015-01-05]
ShortcutTarget: MultiSkypeLauncher.lnk -> D:\Programy\MultiSkypeLauncher\MultiSkypeLauncher.exe (IM-history)
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

==================== Internet (Whitelisted) ====================

(If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Start Page = http://www.google.com
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> D:\Programy\Microsoft Office\Office12\GrooveShellExtensions.dll [2006-10-27] (Microsoft Corporation)
BHO-x32: Java(tm) Plug-In SSV Helper -> {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\ssv.dll [2015-02-06] (Oracle Corporation)
BHO-x32: Java(tm) Plug-In 2 SSV Helper -> {DBC80044-A445-435b-BC74-9C25C1C588A9} -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\jp2ssv.dll [2015-02-06] (Oracle Corporation)
Handler-x32: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - D:\Programy\Microsoft Office\Office12\GrooveSystemServices.dll [2006-10-27] (Microsoft Corporation)
Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll [2014-05-02] (Skype Technologies)
Hosts: 127.0.0.1 nlsk.neulion.com
Tcpip\Parameters: [DhcpNameServer] 192.168.0.1

FireFox:
========
FF ProfilePath: C:\Users\Cecko\AppData\Roaming\Mozilla\Firefox\Profiles\tinxjr3p.default
FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_17_0_0_169.dll [2015-04-15] ()
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll [2015-04-15] ()
FF Plugin-x32: @adobe.com/ShockwavePlayer -> C:\Windows\SysWOW64\Adobe\Director\np32dsw_1217157.dll [2015-02-16] (Adobe Systems, Inc.)
FF Plugin-x32: @java.com/DTPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\dtplugin\npDeployJava1.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @java.com/JavaPlugin,version=11.31.2 -> C:\Program Files (x86)\Java\jre1.8.0_31\bin\plugin2\npjp2.dll [2015-02-06] (Oracle Corporation)
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-06-29] (Pando Networks)
FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.27.5\npGoogleUpdate3.dll [2015-05-17] (Google Inc.)
FF Plugin-x32: @videolan.org/vlc,version=2.1.5 -> C:\Program Files (x86)\VideoLAN\VLC\npvlc.dll [2014-07-23] (VideoLAN)
FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-05-01] (Adobe Systems Inc.)
FF Plugin HKU\S-1-5-21-2153277708-1227587191-2765475175-1000: @unity3d.com/UnityPlayer,version=1.0 -> C:\Users\Cecko\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll [2014-07-07] (Unity Technologies ApS)
FF Plugin HKU\S-1-5-21-2153277708-1227587191-2765475175-1000: pandonetworks.com/PandoWebPlugin -> C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll [2014-06-29] (Pando Networks)
FF Extension: Adblock Plus - C:\Users\Cecko\AppData\Roaming\Mozilla\Firefox\Profiles\tinxjr3p.default\Extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}.xpi [2015-01-02]
StartMenuInternet: FIREFOX.EXE - C:\Programy\Mozilla Firefox\firefox.exe

Chrome:
=======
CHR dev: Chrome dev build detected! <======= ATTENTION
CHR Profile: C:\Users\Cecko\AppData\Local\Google\Chrome\User Data\Default

Opera:
=======
OPR Extension: (Adblock Plus) - C:\Users\Cecko\AppData\Roaming\Opera Software\Opera Stable\Extensions\oidhhegpmlfpoeialbgcdocjalghfpkp [2014-04-28]

==================== Services (Whitelisted) =================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 Microsoft Office Groove Audit Service; D:\Programy\Microsoft Office\Office12\GrooveAuditService.exe [65824 2006-10-27] (Microsoft Corporation)
R2 RzKLService; D:\Programy\Razer\Razer Game Booster\RzKLService.exe [105448 2013-11-22] (Razer Inc.)
R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2013-05-27] (Microsoft Corporation)

==================== Drivers (Whitelisted) ====================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)

S3 DDDriver; C:\Windows\System32\drivers\DDDriver64Dcsa.sys [23760 2015-01-31] (Dell Computer Corporation)
S3 DellProf; C:\Windows\System32\drivers\DellProf.sys [23312 2015-01-31] (Dell Computer Corporation)
R1 dtsoftbus01; C:\Windows\System32\DRIVERS\dtsoftbus01.sys [283064 2014-05-18] (Disc Soft Ltd)

==================== NetSvcs (Whitelisted) ===================

(If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)


==================== One Month Created files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 12:00 - 2015-05-23 12:00 - 00011846 _____ () C:\Users\Cecko\Desktop\FRST.txt
2015-05-23 04:32 - 2015-05-23 04:32 - 02223104 _____ () C:\Users\Cecko\Desktop\adwcleaner_4.205 (2).exe
2015-05-22 21:32 - 2015-05-22 21:32 - 00008419 _____ () C:\Users\Cecko\Desktop\Addition.rar
2015-05-22 17:42 - 2015-05-22 17:42 - 00000000 ____D () C:\Users\Cecko\Downloads\2015-05-21_CZ_vs_HUN_(Hun_3_Cze_2_Golden_Goal)
2015-05-22 17:41 - 2015-05-22 17:41 - 00189166 _____ () C:\Users\Cecko\Downloads\2015-05-21_CZ_vs_HUN_(Hun_3_Cze_2_Golden_Goal).zip
2015-05-21 21:40 - 2015-05-23 12:00 - 00000000 ____D () C:\FRST
2015-05-21 21:37 - 2015-05-21 21:37 - 00112640 _____ (forum.viry.cz) C:\Users\Cecko\Desktop\FRSTLauncher.exe
2015-05-21 21:35 - 2015-05-21 21:35 - 02108416 _____ (Farbar) C:\Users\Cecko\Desktop\FRST64.exe
2015-05-21 21:09 - 2015-05-21 21:09 - 02223104 _____ () C:\Users\Cecko\Downloads\adwcleaner_4.205 (1).exe
2015-05-21 20:50 - 2015-05-21 20:50 - 02223104 _____ () C:\Users\Cecko\Downloads\adwcleaner_4.205.exe
2015-05-21 09:49 - 2015-05-21 09:49 - 00000000 ____D () C:\Program Files (x86)\ModHeader
2015-05-20 20:04 - 2015-05-20 20:14 - 00067386 _____ () C:\Windows\War3Unin.dat
2015-05-20 20:04 - 2015-05-20 20:12 - 00139264 _____ (Blizzard Entertainment) C:\Windows\War3Unin.exe
2015-05-20 20:04 - 2015-05-20 20:12 - 00002829 _____ () C:\Windows\War3Unin.pif
2015-05-20 20:04 - 2015-05-20 20:12 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Warcraft III
2015-05-20 20:04 - 2015-05-20 20:12 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Warcraft III
2015-05-20 14:32 - 2015-05-20 14:32 - 00000000 ____D () C:\ProgramData\10424589449069144895
2015-05-18 23:33 - 2015-05-18 23:33 - 00124811 _____ () C:\Users\Cecko\Downloads\2015-05-18-replay.hbr
2015-05-18 12:45 - 2015-05-18 12:45 - 00028102 _____ () C:\Users\Cecko\Downloads\[katproxy.com]game.of.thrones.s05e06.hdtv.x264.asap.ettv.torrent
2015-05-18 05:31 - 2015-05-18 05:31 - 00022569 _____ () C:\Users\Cecko\Downloads\[katproxy.com]greys.anatomy.s11e24.hdtv.x264.lol.ettv.torrent
2015-05-17 19:54 - 2015-05-17 19:55 - 14056400 _____ () C:\Users\Cecko\ts3_recording_15_05_17_19_54_3.wav
2015-05-16 15:53 - 2015-05-16 15:53 - 00003886 _____ () C:\Windows\System32\Tasks\Adobe Acrobat Update Task
2015-05-15 21:34 - 2015-05-15 23:29 - 02421248 ____H () C:\Users\Cecko\Desktop\~WRL3705.tmp
2015-05-14 10:34 - 2015-05-14 10:34 - 00053649 _____ () C:\Users\Cecko\Downloads\Greys.Anatomy.S11E23.HDTV.x264-LOL.srt
2015-05-14 10:22 - 2015-05-14 10:22 - 00021544 _____ () C:\Users\Cecko\Downloads\[katproxy.com]greys.anatomy.s11e23.hdtv.x264.lol.ettv.torrent
2015-05-14 10:21 - 2015-05-14 10:21 - 00019913 _____ () C:\Users\Cecko\Downloads\[CzT]Vyplata_Paycheck_2003_CZ_.torrent
2015-05-13 18:00 - 2015-05-13 18:00 - 00001171 _____ () C:\Users\Cecko\Documents\napad-kniha-sen.txt
2015-05-12 17:11 - 2015-05-15 22:36 - 00000000 ____D () C:\Users\Cecko\Documents\Sophi
2015-05-11 20:50 - 2015-05-11 20:50 - 00046271 _____ () C:\Users\Cecko\Downloads\Game.of.Thrones.S05E05.HDTV.x264-ASAP.srt
2015-05-11 19:48 - 2015-05-11 19:49 - 00024905 _____ () C:\Users\Cecko\Downloads\[katproxy.com]game.of.thrones.s05e05.hdtv.x264.asap.ettv.torrent
2015-05-11 15:26 - 2015-05-11 15:27 - 00013142 _____ () C:\Users\Cecko\Downloads\[CzT]Minority_Report_2002_CZ_.torrent
2015-05-08 02:22 - 2015-05-08 02:23 - 00016364 _____ () C:\Users\Cecko\Downloads\Anvil.The.Story.of.Anvil.2008.LIMITED.BRRip.H264.AAC.Gopo.torrent
2015-05-06 07:04 - 2015-05-06 07:04 - 00011120 _____ () C:\Users\Cecko\Downloads\[katproxy.com]the.big.bang.theory.s08e23.hdtv.x264.lol.ettv.torrent
2015-05-06 07:02 - 2015-05-06 07:03 - 00020913 _____ () C:\Users\Cecko\Downloads\[katproxy.com]searching.for.sugar.man.2012.720p.brrip.x264.ac3.jyk.torrent
2015-05-04 02:07 - 2015-05-04 02:07 - 00035631 _____ () C:\Users\Cecko\Downloads\[katproxy.com]greys.anatomy.s11e22.hdtv.x264.killers.ettv.torrent
2015-05-02 01:36 - 2015-05-12 02:45 - 00000000 ____D () C:\Users\Cecko\Documents\OpenLieroX
2015-05-02 01:28 - 2015-05-02 01:28 - 00000000 ____D () C:\Users\Cecko\Downloads\OpenLieroX_0.58_rc3.win32
2015-05-02 00:41 - 2015-05-02 00:41 - 77892173 _____ () C:\Users\Cecko\Downloads\OpenLieroX_0.58_rc3.win32.zip
2015-05-01 05:26 - 2015-05-01 05:26 - 00010533 _____ () C:\Users\Cecko\Downloads\[katproxy.com]the.big.bang.theory.s08e22.hdtv.x264.lol.ettv.torrent
2015-04-30 16:16 - 2015-04-30 16:17 - 08098768 _____ () C:\Users\Cecko\Downloads\teeworlds-0.6.2-win64.zip
2015-04-28 21:48 - 2015-04-28 21:49 - 00105793 _____ () C:\Users\Cecko\Downloads\rumuni2015-04-28-replay.hbr
2015-04-27 19:26 - 2015-04-27 19:26 - 01541648 _____ (Dummy, Ltd.) C:\Users\Cecko\Downloads\worms armageddon 3.7.2.1 no cd crack_10924_i3072050_il345.exe
2015-04-27 19:21 - 2015-04-27 19:21 - 00000000 ____D () C:\Users\Cecko\Downloads\Worms-Armageddon-Patche-+-NO-CD-crack
2015-04-27 14:40 - 2015-04-27 14:40 - 00009755 _____ () C:\Users\Cecko\Downloads\WG.WGT
2015-04-25 15:26 - 2015-04-25 15:27 - 00016321 _____ () C:\Users\Cecko\Downloads\stažený soubor.htm
2015-04-24 13:21 - 2015-04-24 13:21 - 00021340 _____ () C:\Users\Cecko\Downloads\Greys.Anatomy.S11E21.HDTV.x264-LOL.torrent
2015-04-23 00:16 - 2015-04-23 00:16 - 01936909 _____ () C:\Users\Cecko\Downloads\crash.dmp
2015-04-23 00:09 - 2015-04-23 00:09 - 01679843 _____ () C:\Users\Cecko\Downloads\WA_update-3.7.0.0_Installer.exe

==================== One Month Modified files and folders ========

(If an entry is included in the fixlist, the file/folder will be moved.)

2015-05-23 11:57 - 2014-04-28 20:54 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\Skype
2015-05-23 11:53 - 2015-03-14 19:50 - 00020878 _____ () C:\Windows\setupact.log
2015-05-23 11:49 - 2014-04-28 20:16 - 00000952 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
2015-05-23 11:30 - 2015-03-22 22:25 - 00000914 _____ () C:\Windows\Tasks\Adobe Flash Player Updater.job
2015-05-23 11:26 - 2014-04-28 18:33 - 01697795 _____ () C:\Windows\WindowsUpdate.log
2015-05-23 04:43 - 2009-07-14 06:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
2015-05-23 04:43 - 2009-07-14 06:45 - 00014240 ____H () C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
2015-05-23 04:41 - 2014-04-28 20:24 - 00000000 ____D () C:\Program Files (x86)\Opera
2015-05-23 04:36 - 2014-04-28 20:16 - 00000948 _____ () C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
2015-05-23 04:36 - 2009-07-14 07:08 - 00000006 ____H () C:\Windows\Tasks\SA.DAT
2015-05-23 04:34 - 2014-07-25 16:25 - 00000000 ____D () C:\AdwCleaner
2015-05-23 01:58 - 2009-07-14 04:34 - 00000750 _____ () C:\Windows\win.ini
2015-05-21 20:32 - 2009-07-14 07:08 - 00032624 _____ () C:\Windows\Tasks\SCHEDLGU.TXT
2015-05-21 11:11 - 2015-02-09 03:36 - 00000569 _____ () C:\Users\Cecko\Desktop\ukoly.txt
2015-05-21 07:20 - 2014-04-28 20:17 - 00002183 _____ () C:\Users\Public\Desktop\Google Chrome.lnk
2015-05-20 16:15 - 2014-11-06 01:04 - 00003830 _____ () C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1398709478
2015-05-20 16:14 - 2014-04-29 04:28 - 00671734 _____ () C:\Windows\system32\perfh005.dat
2015-05-20 16:14 - 2014-04-29 04:28 - 00142298 _____ () C:\Windows\system32\perfc005.dat
2015-05-20 16:14 - 2009-07-14 07:13 - 01590850 _____ () C:\Windows\system32\PerfStringBackup.INI
2015-05-20 16:09 - 2015-03-14 19:50 - 00001740 _____ () C:\Windows\PFRO.log
2015-05-18 19:32 - 2014-05-10 17:48 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\uTorrent
2015-05-17 23:44 - 2014-04-28 20:16 - 00003948 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
2015-05-17 23:44 - 2014-04-28 20:16 - 00003696 _____ () C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
2015-05-17 19:54 - 2014-04-28 18:37 - 00000000 ____D () C:\Users\Cecko
2015-05-16 16:02 - 2014-05-05 00:25 - 00000000 ____D () C:\Users\Cecko\Documents\Camtasia Studio
2015-05-16 15:54 - 2014-06-13 13:18 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
2015-05-10 12:28 - 2014-05-16 17:54 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\BSplayer
2015-05-09 01:13 - 2014-06-01 03:29 - 00009216 _____ () C:\Users\Cecko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2015-05-08 21:49 - 2014-05-18 16:17 - 00000000 ____D () C:\Users\Cecko\Desktop\crack
2015-05-02 01:34 - 2015-04-11 10:50 - 00000964 _____ () C:\Users\Cecko\Documents\stranky-www.txt
2015-04-30 04:16 - 2014-10-19 01:07 - 00000000 ____D () C:\Users\Cecko\AppData\Roaming\vlc

==================== Files in the root of some directories =======

2014-06-01 03:29 - 2015-05-09 01:13 - 0009216 _____ () C:\Users\Cecko\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
2014-11-10 18:48 - 2015-02-04 07:05 - 0007607 _____ () C:\Users\Cecko\AppData\Local\Resmon.ResmonCfg

Some files in TEMP:
====================
C:\Users\Cecko\AppData\Local\Temp\CmdLineExt02.dll
C:\Users\Cecko\AppData\Local\Temp\jre-8u45-windows-au.exe
C:\Users\Cecko\AppData\Local\Temp\Quarantine.exe
C:\Users\Cecko\AppData\Local\Temp\SIntf16.dll
C:\Users\Cecko\AppData\Local\Temp\SIntf32.dll
C:\Users\Cecko\AppData\Local\Temp\SIntfNT.dll
C:\Users\Cecko\AppData\Local\Temp\SkypeSetup.exe
C:\Users\Cecko\AppData\Local\Temp\sqlite3.dll
C:\Users\Cecko\AppData\Local\Temp\war3_Install.exe


==================== Bamital & volsnap Check =================

(There is no automatic fix for files that do not pass verification.)

C:\Windows\System32\winlogon.exe => File is digitally signed
C:\Windows\System32\wininit.exe => File is digitally signed
C:\Windows\SysWOW64\wininit.exe => File is digitally signed
C:\Windows\explorer.exe => File is digitally signed
C:\Windows\SysWOW64\explorer.exe => File is digitally signed
C:\Windows\System32\svchost.exe => File is digitally signed
C:\Windows\SysWOW64\svchost.exe => File is digitally signed
C:\Windows\System32\services.exe => File is digitally signed
C:\Windows\System32\User32.dll => File is digitally signed
C:\Windows\SysWOW64\User32.dll => File is digitally signed
C:\Windows\System32\userinit.exe => File is digitally signed
C:\Windows\SysWOW64\userinit.exe => File is digitally signed
C:\Windows\System32\rpcss.dll => File is digitally signed
C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


LastRegBack: 2015-05-18 23:54




===***===***===***=== Extract of Additional scan result of Farbar Recovery Scan Tool ===***===***===***===

==================== Drive and Memory info ===================

Drive c: () (Fixed) (Total:100 GB) (Free:31.28 GB) NTFS
Drive d: () (Fixed) (Total:365.66 GB) (Free:51.85 GB) NTFS

Available physical RAM: 1005.19 MB
Total physical RAM: 3956.52 MB
Percentage of memory in use: 74%

==================== MBR and Partition Table ==================

Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 2C2B8104)
Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
Partition 2: (Not Active) - (Size=100 GB) - (Type=07 NTFS)
Partition 3: (Not Active) - (Size=365.7 GB) - (Type=07 NTFS)

==================== Scheduled Tasks (whitelisted) ==================

Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe

==================== Alternate Data Streams (whitelisted) ==================


==================== Security Center ==================

AS: Windows Defender (Enabled - Out of date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}



===***===***===***=== Supplementary Scan createdy by FRSTLauncher ===***===***===***===
Posledni aktualizace FRSTLauncheru: 25_11_2013 (01)
Posledni aktualizace Modifikacniho skriptu: 30_09_2013 (01)


***** Velikost "Plochy" *****

Velikost slozky "C:\Users\Cecko\Desktop" je 109 MB.


***** Startup Programs *****

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Adobe ARM
"C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\CCleaner Monitoring
"C:\Program Files\CCleaner\CCleaner64.exe" /MONITOR [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\DAEMON Tools Lite
"D:\Programy\DAEMON Tools Lite\DTLite.exe" -autorun [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\dellsupportcenter
"C:\Program Files (x86)\Dell Support Center\bin\sprtcmd.exe" /P dellsupportcenter [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq
C:\Users\Cecko\AppData\Roaming\ICQM\icq.exe -CU [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\LogMeIn Hamachi Ui
"C:\Programy\LogMeIn Hamachi\hamachi-2-ui.exe" --auto-start [x]

HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^Adobe Gamma Loader.lnk
C:\PROGRA~2\COMMON~1\Adobe\CALIBR~1\ADOBEG~1.EXE


***** Firewall rules *****

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x1

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
DisableNotifications REG_DWORD 0x0
EnableFirewall REG_DWORD 0x0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]


***** System Restore *****

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"Generalize_DisableSR"=dword:00000000


==================== End Of Log ==============================

[Rudy]

Otevřte poznámkový blok a zkopírujte do něj:

Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {99dbd8fb-40f0-11e4-8f3f-b8ac6f55ccb5} - H:\AutoRun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {e4284d93-de05-11e3-9b84-b8ac6f55ccb5} - G:\Autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Cecko\AppData\Local\Temp

Resethosts:
End

Uložte na plochu jako fixlist.txt. Spusťte znovu FRST a klikněte na >Fix<. Po skončení akce se objeví log, který sem zkopírujte.

[Ukazovak]

Fix result of Farbar Recovery Scan Tool (x64) Version: 21-05-2015
Ran by Cecko at 2015-05-23 13:26:51 Run:1
Running from C:\Users\Cecko\Desktop
Loaded Profiles: Cecko (Available profiles: Cecko)
Boot Mode: Normal
==============================================

Content of fixlist:
*****************
Start
HKLM-x32\...\Run: [SunJavaUpdateSched] => C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [508800 2014-12-17] (Oracle Corporation)
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: G - G:\Autorun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {99dbd8fb-40f0-11e4-8f3f-b8ac6f55ccb5} - H:\AutoRun.exe
HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\...\MountPoints2: {e4284d93-de05-11e3-9b84-b8ac6f55ccb5} - G:\Autorun.exe
GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL =
FF Plugin: @microsoft.com/GENUINE -> disabled No File
FF Plugin-x32: @microsoft.com/GENUINE -> disabled No File
CHR dev: Chrome dev build detected! <======= ATTENTION
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore
C:\Users\Cecko\AppData\Local\Temp

Resethosts:
End
*****************

HKLM\Software\WOW6432Node\Microsoft\Windows\CurrentVersion\Run\\SunJavaUpdateSched => value Deleted successfully.
"HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\G" => Key Deleted successfully.
"HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{99dbd8fb-40f0-11e4-8f3f-b8ac6f55ccb5}" => Key Deleted successfully.
HKCR\CLSID\{99dbd8fb-40f0-11e4-8f3f-b8ac6f55ccb5} => Key not found.
"HKU\S-1-5-21-2153277708-1227587191-2765475175-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{e4284d93-de05-11e3-9b84-b8ac6f55ccb5}" => Key Deleted successfully.
HKCR\CLSID\{e4284d93-de05-11e3-9b84-b8ac6f55ccb5} => Key not found.
C:\Windows\system32\GroupPolicy\Machine => Moved successfully.
C:\Windows\system32\GroupPolicy\GPT.ini => Moved successfully.
C:\Windows\SysWOW64\GroupPolicy\GPT.ini => Moved successfully.
"HKLM\SOFTWARE\Policies\Google" => Key Deleted successfully.
HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Deleted successfully.
HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Deleted successfully.
HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value Deleted successfully.
"HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
"HKLM\Software\Wow6432Node\MozillaPlugins\@microsoft.com/GENUINE" => Key Deleted successfully.
CHR dev: Chrome dev build detected! <======= ATTENTION => Error: No automatic fix found for this entry.
C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => Moved successfully.
C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineUA => Moved successfully.
C:\Windows\System32\Tasks\GoogleUpdateTaskMachineCore => Moved successfully.

"C:\Users\Cecko\AppData\Local\Temp" directory move:

Could not move "C:\Users\Cecko\AppData\Local\Temp" directory. => Scheduled to move on reboot.

Resethosts: => Error: No automatic fix found for this entry.

Result of scheduled files to move (Boot Mode: Normal) (Date&Time: 2015-05-23 13:29:10)<=

C:\Users\Cecko\AppData\Local\Temp => Moved successfully.

==== End of Fixlog 13:29:10 ====

[Rudy]

OK. Nastala nějaká změna?

[Ukazovak]

Ne, ale díky .
Zkusím reinstalovat prohlížeč a uvidím.
Já se jen bál, jestli se mi zaráz k tomu netáhl nějaký vir, což už by v těch lozích asi bylo vidět, ne?

[Rudy]

To zkuste, ale musíte smazat i složky, která jsou ve vašem profilu. Lze to udělat pomocí ChromeBackup: http://www.stahuj.centrum.cz/internet_a ... me-backup/ . Po reinstalu Chrome pak nakopírujete zpět pouze záložky a hesla.