Prosím o kontrolu logu

[jkmaxfli]

RogueKiller V10.5.7.0 (x64) [Mar 22 2015] by Adlice Software
mail : http://www.adlice.com/contact/
Feedback : http://forum.adlice.com
Webová stránka : http://www.adlice.com/softwares/roguekiller/
Blog : http://www.adlice.com

Operační systém : Windows 7 (6.1.7600 ) 64 bits version
Spuštěno : Normální režim
Uživatel : jkmaxfli [Práva správce]
Started from : C:\Users\jkmaxfli\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 03/27/2015 18:20:09

¤¤¤ Procesy : 0 ¤¤¤

¤¤¤ Registry : 28 ¤¤¤
[Suspicious.Path] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : expstart.exe [-] -> Smazáno
[Suspicious.Path] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows NT\CurrentVersion\Winlogon | Shell : expstart.exe -> ERROR [2]
[PUM.Policies] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.Policies] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System | ConsentPromptBehaviorAdmin : 0 -> Nahrazeno (2)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyDocs : 2 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyGames : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyMusic : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowHelp : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowMyPics : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowUser : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_ShowSetProgramAccessAndDefaults : 0 -> Nahrazeno (1)
[PUM.StartMenu] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\Advanced | Start_TrackProgs : 0 -> Nahrazeno (1)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\ClassicStartMenu | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {20D04FE0-3AEA-1069-A2D8-08002B30309D} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {59031a47-3f72-44a7-89c5-5595fe6b30ee} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X64) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)
[PUM.DesktopIcons] (X86) HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Windows\CurrentVersion\Explorer\HideDesktopIcons\NewStartPanel | {645FF040-5081-101B-9F08-00AA002F954E} : 1 -> Nahrazeno (0)

¤¤¤ Úlohy : 0 ¤¤¤

¤¤¤ Soubory : 0 ¤¤¤

¤¤¤ Soubor HOSTS : 1 ¤¤¤
[C:\Windows\System32\drivers\etc\hosts] 127.0.0.1 localhost -> Smazáno

¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤

¤¤¤ Webové prohlížeče : 25 ¤¤¤
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : MEGA extension [firefox@mega.co.nz] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Download Manager (S3) [s3download@statusbar] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Status-4-Evar [status4evar@caligonstudios.com] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Adblock Plus [{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : YouTube High Definition [{7b1bf0b6-a1b9-42b0-b75d-252036438bdc}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : YouTube Enhancer Plus [firefoxaddon@youtubeenhancer.com] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Easy Youtube Video Downloader Express [{b9acf540-acba-11e1-8ccb-001fd0e08bd4}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Google Translator for Firefox [translator@zoli.bod] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : FireGestures [firegestures@xuldev.org] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Restartless Restart [restartless.restart@erikvold.com] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Black Youtube Theme [{2c93446d-612b-416d-9af0-b7355797b611}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : NetVideoHunter - YouTube Video Downloader [netvideohunter@netvideohunter.com] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Google Search by Image [google@hitachi.com] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Multirow Bookmarks Toolbar [{FBF6D7FB-F305-4445-BB3D-FEF66579A033}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Multirow Bookmarks Toolbar Plus [{4c7097f7-08f2-4ef2-9b9f-f95fa4cbb064}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : BookmarkViewer [{158dd7da-f542-494f-b843-a2da74190740}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Stylish [{46551EC9-40F0-4e47-8E18-8E5CF550CFB8}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Classic Theme Restorer (Customize UI) [ClassicThemeRestorer@ArisT2Noia4dev] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : ColorfulTabs [{0545b830-f0aa-4d7e-8820-50a4629a56fe}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Disable Add-on Compatibility Checks [check-compatibility@dactyl.googlecode.com] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : SmoothWheel [{5F590AA2-1221-4113-A6F4-A4BB62414FAC}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Yet Another Smooth Scrolling [yetanothersmoothscrolling@kataho] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : RealDownloader [{34712C68-7391-4c47-94F3-8F88D49AD632}] -> Smazáno
[FIREFX:Addon] 0zx64ihw.default-1360574067865 : Logitech SetPoint [{F003DA68-8256-4b37-A6C4-350FA04494DF}] -> Smazáno
[PUM.HomePage][FIREFX:Config] 0zx64ihw.default-1360574067865 : user_pref("browser.startup.homepage", "seznam.cz"); -> Nahrazeno (about:home)

¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: ATA Samsung SSD 850 SCSI Disk Device +++++
--- User ---
[MBR] fbe8de6b379b36f6523c17cdafe2fc58
[BSP] 27e5efb94d65a403d54877f2dcdfe93e : Windows Vista/7/8 MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 114471 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive1: ATA WDC WD2500BEVT-6 SCSI Disk Device +++++
--- User ---
[MBR] 808c75498b10a3a60c0d40ac82e816f6
[BSP] 33f7cdd365e413b2ed60f05adf15286d : Unknown MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 238473 MB [Unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive2: ATA WDC WD2500AAKS-0 SCSI Disk Device +++++
--- User ---
[MBR] c041f823ade59cac000eaa3b0e2717e8
[BSP] 15f7ff38f380a9afdb1507444b739d40 : Unknown MBR Code
Partition table:
0 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 100 MB [Unknown Bootstrap | Unknown Bootloader]
1 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 206848 | Size: 102800 MB [Unknown Bootstrap | Unknown Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 210741248 | Size: 135572 MB [Unknown Bootstrap | Unknown Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive3: ATA WDC WD5000AAKS-0 SCSI Disk Device +++++
--- User ---
[MBR] 13f002a0dbd7d58ae6dda718009bb35f
[BSP] 3b52d6ad7352884bddb49cc34c89e6e4 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 476937 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK

+++++ PhysicalDrive4: ATA WDC WD6400AADS-0 SCSI Disk Device +++++
--- User ---
[MBR] b7ad58b9a546f725c67845e993a90070
[BSP] 4815ce2e5a079ab8d948e9e6228a1931 : Windows Vista/7/8 MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 610478 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK


============================================
RKreport_SCN_03272015_114157.log - RKreport_SCN_03272015_181005.log - RKreport_SCN_03272015_181558.log

[Reklama]

[jkmaxfli]

Zoek.exe v5.0.0.0 Updated 26-March-2015
Tool run by jkmaxfli on p  27.03.2015 at 18:22:21,70.
Microsoft Windows 7 Ultimate 6.1.7600 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\jkmaxfli\Desktop\zoek.exe [Scan all users] [Script inserted]

==== System Restore Info ======================

27.3.2015 18:23:04 Zoek.exe System Restore Point Created Successfully.

==== Reset Hosts File ======================

# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost

==== Empty Folders Check ======================

C:\Program Files\WinZip deleted successfully
C:\Users\jkmaxfli\AppData\Roaming\COWON deleted successfully
C:\Users\jkmaxfli\AppData\Roaming\GlarySoft deleted successfully
C:\Users\jkmaxfli\AppData\Roaming\Seznam Browser deleted successfully
C:\Users\jkmaxfli\AppData\Local\Mediatek deleted successfully
C:\Users\jkmaxfli\AppData\Local\VirtualStore deleted successfully

==== Deleting CLSID Registry Keys ======================

HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{281AA26E-B9F3-4B4B-9A3C-94FD15F426B7} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3FE9F487-E84D-47BE-8AA3-63F49871D5C5} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{5FE0AF6F-B093-464B-9F39-4234B09AF649} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7F4B9273-2BA6-4690-A027-5AEE4C30D62B} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A956C363-C889-4C7C-AB5E-785A2FB769A} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C2C9E26D-7143-42A7-B2A9-EABDBEF1B8D7} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c55e8837-c1fb-4909-9c9f-5ae6883c51bd} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca4420eb-c5d4-40be-b1f0-2d58e8c36cf4} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FACC1D67-82BF-4E18-97BC-A7237212B829} deleted successfully
HKEY_USERS\S-1-5-21-1418575231-3307983708-1122877094-1000\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{FC3C94E3-1B32-4C08-BAF-815EB1B989E3} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{c55e8837-c1fb-4909-9c9f-5ae6883c51bd} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{ca4420eb-c5d4-40be-b1f0-2d58e8c36cf4} deleted successfully

==== Deleting CLSID Registry Values ======================


==== Deleting Services ======================


==== FireFox Fix ======================

Deleted from C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\prefs.js:
user_pref("browser.newtab.url", "");
user_pref("browser.search.selectedEngine", "Google");
user_pref("browser.search.useDBForOrder", true);

Added to C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Deleting Files \ Folders ======================

C:\Users\jkmaxfli\AppData\LocalLow\{51D1EBB3-747F-294D-21AB-7607AEBF9AC0} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{A7949BD2-EBA2-B9DA-DF02-3A330572FA24} deleted
C:\Users\jkmaxfli\AppData\Local\Packages\windows_ie_ac_001\AC\{51D1EBB3-747F-294D-21AB-7607AEBF9AC0} deleted
C:\Users\jkmaxfli\AppData\Local\Packages\windows_ie_ac_001\AC\{A7949BD2-EBA2-B9DA-DF02-3A330572FA24} deleted
C:\PROGRA~3\5844120408962759527 deleted
C:\Users\jkmaxfli\.android deleted
C:\PROGRA~2\Your Uninstaller 2010 deleted
C:\PROGRA~2\COMMON~1\Wondershare deleted
C:\PROGRA~3\ProductData deleted
C:\PROGRA~3\InstallMate deleted
C:\PROGRA~3\Package Cache deleted
C:\Users\jkmaxfli\AppData\Local\Wondershare deleted
C:\Users\jkmaxfli\AppData\Local\cache deleted
C:\Users\jkmaxfli\AppData\Local\CrashRpt deleted
C:\Users\jkmaxfli\AppData\LocalLow\{923C4A15-865B-4F11-800F-0F349FF75A73} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{9765EF38-2B5F-ED31-DAAE-FF75979D8F30} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{9A04397A-DA02-AE54-2EA3-A64EA3CD52AC} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{AC425F1D-40BA-9DC5-FCB2-0C85D602C492} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{B4A6AE07-F36C-2389-1931-32A61E3CBBCC} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{BB32DB81-A2C8-89C2-8A34-701D48D78AF9} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{E0E92BC8-D094-604B-6D71-507368F4115C} deleted
C:\Users\jkmaxfli\AppData\LocalLow\{FD37206D-71AD-FA4A-094C-F79AA6415F9A} deleted
C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\Invalidprefs.js deleted
C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\.autoreg deleted
C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\jetpack deleted
"C:\Users\jkmaxfli\AppData\Roaming\Shuame\.clientid" deleted
"C:\Users\jkmaxfli\AppData\Roaming\Shuame" deleted

==== Firefox Start and Search pages ======================

ProfilePath: C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");

==== Firefox Extensions Registry ======================

[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"{F003DA68-8256-4b37-A6C4-350FA04494DF}"="C:\Program Files\Logitech\SetPointP\LogiSmoothFirefoxExt" [25.02.2015 16:54]

==== Firefox Extensions ======================

ProfilePath: C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865
- esk slovnk pro kontrolu pravopisu - %ProfilePath%\extensions\cs@dictionaries.addons.mozilla.org
- LavaFox V2-Blue - %ProfilePath%\extensions\djziggy@gmail.com
- FT DeepDark - %ProfilePath%\extensions\{77d2ed30-4cd2-11e0-b8af-0800200c9a66}
- NASA Night Launch - %ProfilePath%\extensions\nasanightlaunch@example.com.xpi
- Metal Lion Australis Graphite - %ProfilePath%\extensions\{F6D83238-A31E-451d-8BCB-28F6BAFECF10}.xpi

AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}

==== Firefox Plugins ======================

Profilepath: C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865
43583AB4DFD406F4C188342F41B1F91C - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_134.dll - Shockwave Flash
FEF9ECECFA177AEC0F7564A08394D2C8 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlchromebrowserrecordext.dll - RealNetworks(tm) RealDownloader Chrome Background Extension Plug-In (32-bit)
0ABF093757E9C827E30EC652868E5FAC - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlpepperflashvideoshim.dll - RealNetworks(tm) RealDownloader PepperFlashVideoShim Plug-In (32-bit)
06E140A567B8DC7900173197FD059EE5 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\MozillaPlugins\nprndlhtml5videoshim.dll - RealNetworks(tm) RealDownloader HTML5VideoShim Plug-In (32-bit)
558270B968CB82196CB8D045D13B0FF6 - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\npdlplugin.dll - RealDownloader Plugin


==== Fake Chromium Profiles Check ======================

Fake profile C:\Users\jkmaxfli\AppData\Local\Google\Chrome SxS deleted
Fake profile C:\Users\jkmaxfli\AppData\Local\Comodo\Dragon deleted

==== Chromium Look ======================

HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
idhngdhcfkoamngbedgpaokgjbnpdiji - C:\ProgramData\RealNetworks\RealDownloader\BrowserPlugins\Chrome\Ext\realdownloader.crx[29.11.2012 20:35]

==== Set IE to Default ======================

Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=8&ar=msnhome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"

New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.microsoft.com/isapi/redir.dll?prd=ie&pver=8&ar=msnhome"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="about:newtab"

==== All HKCU SearchScopes ======================

HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"

==== Reset Google Chrome ======================

Nothing found to reset

==== Deleting Registry Keys ======================

HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\6006eece-0b97-4a84-9eda-edb08400a46b deleted successfully
HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\6160aa96-867b-4fa1-bbea-890df2bb816f deleted successfully
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully

==== Empty IE Cache ======================

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jkmaxfli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\jkmaxfli\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot
C:\Windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\index.dat will be deleted at reboot

==== Empty FireFox Cache ======================

C:\Users\jkmaxfli\AppData\Local\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\cache2 emptied successfully
C:\Users\jkmaxfli\AppData\Roaming\Mozilla\Firefox\Profiles\0zx64ihw.default-1360574067865\personas\cache emptied successfully

==== Empty Chrome Cache ======================

No Chrome Cache found

==== Empty All Flash Cache ======================

Flash Cache Emptied Successfully

==== Empty All Java Cache ======================

Java Cache cleared successfully

==== C:\zoek_backup content ======================

[jaro3]

Doinstaluj si SP1!

Vlož nový log z HJT + informuj o problémech.