Zpráva z RogueKiller:
RogueKiller V10.7.0.0 (x64) [May 25 2015] by Adlice Software
mail :
http://www.adlice.com/contact/Feedback :
http://forum.adlice.comWebová stránka :
http://www.adlice.com/softwares/roguekiller/Blog :
http://www.adlice.comOperační systém : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Spuštěno : Normální režim
Uživatel : el [Práva správce]
Started from : C:\Users\el\Desktop\RogueKillerX64.exe
Mód : Smazat -- Datum : 05/26/2015 17:57:29
¤¤¤ Procesy : 0 ¤¤¤
¤¤¤ Registry : 6 ¤¤¤
[PUM.SearchPage] (X86) HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main | Search Bar :
http://search.msn.com/spbasic.htm -> Nahrazeno (
http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X64) HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Internet Explorer\Main | Search Bar :
http://search.msn.com/spbasic.htm -> Nahrazeno (
http://search.msn.com/spbasic.htm)
[PUM.SearchPage] (X86) HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Internet Explorer\Main | Search Bar :
http://search.msn.com/spbasic.htm -> Nahrazeno (
http://search.msn.com/spbasic.htm)
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\CurrentControlSet\Services\Tcpip\Parameters\Interfaces\{DBD0C758-DF56-43F4-AC3B-942609D13414} | DhcpNameServer : 94.74.192.252 94.74.192.244 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet001\Services\Tcpip\Parameters\Interfaces\{DBD0C758-DF56-43F4-AC3B-942609D13414} | DhcpNameServer : 94.74.192.252 94.74.192.244 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
[PUM.Dns] (X64) HKEY_LOCAL_MACHINE\System\ControlSet002\Services\Tcpip\Parameters\Interfaces\{DBD0C758-DF56-43F4-AC3B-942609D13414} | DhcpNameServer : 94.74.192.252 94.74.192.244 [CZECH REPUBLIC (CZ)][CZECH REPUBLIC (CZ)] -> Nahrazeno ()
¤¤¤ Úlohy : 0 ¤¤¤
¤¤¤ Soubory : 0 ¤¤¤
¤¤¤ Soubor HOSTS : 0 ¤¤¤
¤¤¤ Antirootkit : 0 (Driver: Nahrán) ¤¤¤
¤¤¤ Webové prohlížeče : 0 ¤¤¤
¤¤¤ Kontrola MBR : ¤¤¤
+++++ PhysicalDrive0: WDC WD5000BPKT-08PK4T0 +++++
--- User ---
[MBR] e82d284f773d2e01515146a5cfc6679a
[BSP] 2b463bc5bbad775529967cc9a65af740 : Lenovo MBR Code
Partition table:
0 - [ACTIVE] NTFS (0x7) [VISIBLE] Offset (sectors): 2048 | Size: 1500 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
1 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 3074048 | Size: 457438 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
2 - [XXXXXX] NTFS (0x7) [VISIBLE] Offset (sectors): 939907072 | Size: 18000 MB [Windows Vista/7/8 Bootstrap | Windows Vista/7/8 Bootloader]
User = LL1 ... OK
User = LL2 ... OK
============================================
RKreport_SCN_05232015_180345.log - RKreport_SCN_05242015_020535.log - RKreport_DEL_05242015_025411.log - RKreport_DEL_05242015_025420.log
RKreport_DEL_05242015_025455.log - RKreport_DEL_05242015_025538.log - RKreport_DEL_05242015_025546.log - RKreport_DEL_05242015_025550.log
RKreport_DEL_05242015_025555.log - RKreport_DEL_05242015_025559.log - RKreport_DEL_05242015_025604.log - RKreport_DEL_05242015_025611.log
RKreport_DEL_05242015_030141.log - RKreport_DEL_05242015_030146.log - RKreport_DEL_05242015_030157.log - RKreport_DEL_05242015_030200.log
RKreport_DEL_05242015_030304.log - RKreport_SCN_05242015_034939.log - RKreport_DEL_05242015_040306.log - RKreport_DEL_05242015_040319.log
RKreport_DEL_05242015_040330.log - RKreport_DEL_05242015_040334.log - RKreport_SCN_05242015_042924.log - RKreport_SCN_05262015_175453.log
Log ze Zoek:
Zoek.exe v5.0.0.0 Updated 04-May-2015
Tool run by el on Łt 26.05.2015 at 17:58:59,45.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\el\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
26.5.2015 18:00:32 Zoek.exe System Restore Point Created Successfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handled within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\Amazon deleted successfully
C:\PROGRA~2\GUM1DBD.tmp deleted successfully
C:\PROGRA~2\McAfee Security Scan deleted successfully
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~2\Seznam.cz deleted successfully
C:\PROGRA~2\Tremulous deleted successfully
C:\PROGRA~2\COMMON~1\Apple deleted successfully
C:\PROGRA~2\COMMON~1\PDF Architect deleted successfully
C:\Program Files\Google deleted successfully
C:\PROGRA~3\Oracle deleted successfully
C:\Users\el\AppData\Roaming\dlg deleted successfully
C:\Users\el\AppData\Roaming\ImperiaOnline deleted successfully
C:\Users\el\AppData\Local\CrashDumps deleted successfully
C:\Users\el\AppData\Local\VeriSign deleted successfully
C:\Users\el\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} deleted successfully
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8590886E-EC8C-43C1-A32C-E4C2B0B6395B} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6} deleted successfully
HKEY_CLASSES_ROOT\CLSID\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{C63CD127-A1CB-4D49-A4F7-D6F88A917BE6} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Services ======================
==== FireFox Fix ======================
Deleted from C:\Users\el\AppData\Roaming\Mozilla\Firefox\Profiles\wk6j8gor.default\prefs.js:
user_pref("browser.startup.homepage", "about:home"about:home);
user_pref("browser.search.defaultengine", "Seznam");
user_pref("browser.search.defaultenginename", "Seznam");
user_pref("browser.search.selectedEngine", "Seznam");
user_pref("browser.search.order.1", "Seznam");
Added to C:\Users\el\AppData\Roaming\Mozilla\Firefox\Profiles\wk6j8gor.default\prefs.js:
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Deleting Files \ Folders ======================
C:\PROGRA~2\Amazon not found
C:\PROGRA~2\GUM1DBD.tmp not found
C:\PROGRA~2\McAfee Security Scan not found
C:\PROGRA~2\Origin Games not found
C:\PROGRA~2\Seznam.cz not found
C:\PROGRA~2\Tremulous not found
C:\PROGRA~3\Špidla Data Processing, s.r.o not found
C:\PROGRA~2\PDF Password Remover v3.1 deleted
C:\PROGRA~2\Splashtop deleted
C:\LOGFILE.TXT deleted
C:\Users\el\AppData\Roaming\Error.log deleted
C:\Users\el\AppData\Roaming\pcouffin.log deleted
C:\Users\el\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Free Video Converter.lnk deleted
C:\windows\SysNative\Tasks\avastBCLRestartS-1-5-21-1036634796-3205486453-2887417223-1000 deleted
C:\Users\Public\AlexaNSISPlugin.5060.dll deleted
C:\Windows\SysNative\config\systemprofile\Searches deleted
==== Firefox Start and Search pages ======================
ProfilePath: C:\Users\el\AppData\Roaming\Mozilla\Firefox\Profiles\wk6j8gor.default
user_pref("browser.startup.homepage", "about:home");
user_pref("browser.newtab.url", "about:newtab");
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"VIP2X@verisign.com"="C:\Program Files (x86)\Symantec\VIP Access Client" [16.11.2014 14:22]
==== Firefox Extensions ======================
AppDir: C:\Program Files (x86)\Mozilla Firefox
- Default - %AppDir%\browser\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
- TrueSuite Website Logon - %AppDir%\distribution\bundles\websitelogon@truesuite.com
==== Firefox Plugins ======================
Profilepath: C:\Users\el\AppData\Roaming\Mozilla\Firefox\Profiles\wk6j8gor.default
9AE02005247DA91AB1743F5208DBEF76 - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_17_0_0_169.dll - Shockwave Flash
==== Chromium Look ======================
Google Chrome Version: 43.0.2357.65
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
cdkedefaddcdlpmiafhicjnkbogjiogj - C:\Program Files\Lenovo Fingerprint Reader\x86\tschrome.crx[14.03.2012 07:31]
gomekmidlodglbbmalcneegieacbdmki - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx[25.05.2015 20:57]
AdBlock - el\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom
Bookmark Manager - el\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik
==== Chromium Startpages ======================
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences
tocol_str":"quic"}],"network_stats":{"srtt":31759},"supports_spdy":true},"www.google-analytics.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":52868},"supports_spdy":true},"www.google.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.cz:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":80645},"supports_spdy":true},"www.google.cz:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.google.sk:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googleadservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":49636},"supports_spdy":true},"www.googleadservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":39236}},"www.googleapis.com:443":{"supports_spdy":true},"www.googletagmanager.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":4740},"supports_spdy":true},"www.googletagmanager.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.googletagservices.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":47376},"supports_spdy":true},"www.googletagservices.com:80":{"alternative_service":[{"port":80,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":11643}},"www.gstatic.com:443":{"network_stats":{"srtt":33809},"supports_spdy":true},"www.i-moda.cz:443":{"supports_spdy":true},"www.mall.cz:443":{"supports_spdy":true},"www.researchgate.net:443":{"supports_spdy":true},"www.snapengage.com:443":{"supports_spdy":true},"www.snapengage.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"www.youtube-nocookie.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":24177},"supports_spdy":true},"www.youtube.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":603940},"supports_spdy":true},"www.youtube.com:80":{"alternative_service":[{"port":80,"probability":0.0,"protocol_str":"quic"}]},"yt3.ggpht.com:443":{"alternative_service":[{"port":443,"probability":1.0,"protocol_str":"quic"}],"network_stats":{"srtt":657733},"supports_spdy":true}},"supports_quic":{"address":"192.168.0.100","used_quic":true},"version":3}},"ntp":{"app_page_names":["Aplikace"]},"partition":{"per_host_zoom_levels":{"2166136261":{"data:text/html,chromewebdata":0.5227586988632231,"www.google.cz":0.5227586988632231,"www.topvip.cz":0.5227586988632231}}},"password_bubble":{"nopes":1},"plugins":{"migrated_to_pepper_flash":true,"plugins_list":[],"removed_old_component_pepper_flash_settings":true},"printing":{"print_preview_sticky_settings":{"appState":"{\"version\":2,\"isGcpPromoDismissed\":false,\"selectedDestinationId\":\"Samsung SCX-4300 Series\",\"selectedDestinationOrigin\":\"local\",\"selectedDestinationAccount\":\"\",\"selectedDestinationCapabilities\":{\"printer\":{\"collate\":{},\"color\":{\"option\":[{\"is_default\":true,\"type\":\"STANDARD_COLOR\",\"vendor_id\":\"2\"}]},\"copies\":{},\"dpi\":{\"option\":[{\"horizontal_dpi\":600,\"is_default\":true,\"vertical_dpi\":600},{\"horizontal_dpi\":300,\"vertical_dpi\":300}]},\"media_size\":{\"option\":[{\"custom_display_name\":\"Letter\",\"height_microns\":279400,\"name\":\"NA_LETTER\",\"vendor_id\":\"1\",\"width_microns\":215900},{\"custom_display_name\":\"Legal\",\"height_microns\":355600,\"name\":\"NA_LEGAL\",\"vendor_id\":\"5\",\"width_microns\":215900},{\"custom_display_name\":\"Executive\",\"height_microns\":266700,\"name\":\"NA_EXECUTIVE\",\"vendor_id\":\"7\",\"width_microns\":184100},{\"custom_display_name\":\"A4\",\"height_microns\":296900,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":209900},{\"custom_display_name\":\"A5\",\"height_microns\":209900,\"name\":\"ISO_A5\",\"vendor_id\":\"11\",\"width_microns\":147900},{\"custom_display_name\":\"JIS B5\",\"height_microns\":256900,\"name\":\"JIS_B5\",\"vendor_id\":\"13\",\"width_microns\":181900},{\"custom_display_name\":\"US Folio\",\"height_microns\":330200,\"name\":\"JIS_EXEC\",\"vendor_id\":\"14\",\"width_microns\":215900},{\"custom_display_name\":\"Obál.č.10\",\"height_microns\":241300,\"name\":\"NA_NUMBER_10\",\"vendor_id\":\"20\",\"width_microns\":104700},{\"custom_display_name\":\"Obálka DL\",\"height_microns\":219900,\"name\":\"ISO_DL\",\"vendor_id\":\"27\",\"width_microns\":109900},{\"custom_display_name\":\"Obálka C5\",\"height_microns\":228900,\"name\":\"ISO_C5\",\"vendor_id\":\"28\",\"width_microns\":161900},{\"custom_display_name\":\"Obálka C6\",\"height_microns\":162000,\"name\":\"ISO_C6\",\"vendor_id\":\"31\",\"width_microns\":113900},{\"custom_display_name\":\"ISO B5\",\"height_microns\":249900,\"name\":\"ISO_B5\",\"vendor_id\":\"34\",\"width_microns\":175900},{\"custom_display_name\":\"Ob.Monarch\",\"height_microns\":190500,\"name\":\"NA_MONARCH\",\"vendor_id\":\"37\",\"width_microns\":98300},{\"custom_display_name\":\"A6\",\"height_microns\":147900,\"name\":\"ISO_A6\",\"vendor_id\":\"70\",\"width_microns\":104900},{\"custom_display_name\":\"Oficio\",\"height_microns\":342900,\"vendor_id\":\"190\",\"width_microns\":215900},{\"custom_display_name\":\"Vlastnà formát\",\"height_microns\":297000,\"name\":\"ISO_A4\",\"vendor_id\":\"256\",\"width_microns\":210000}]},\"page_orientation\":{\"option\":[{\"is_default\":true,\"type\":\"PORTRAIT\"},{\"type\":\"LANDSCAPE\"},{\"type\":\"AUTO\"}]},\"supported_content_type\":[{\"content_type\":\"application/pdf\"}]},\"version\":\"1.0\"},\"selectedDestinationName\":\"Samsung SCX-4300 Series\",\"selectedDestinationExtensionId\":\"\",\"dpi\":{\"horizontal_dpi\":600,\"is_default\":true,\"vertical_dpi\":600},\"mediaSize\":{\"custom_display_name\":\"A4\",\"height_microns\":296900,\"is_default\":true,\"name\":\"ISO_A4\",\"vendor_id\":\"9\",\"width_microns\":209900}}"}},"profile":{"avatar_bubble_tutorial_shown":1,"avatar_index":0,"content_settings":{"exceptions":{"app_banner":{},"auto_select_certificate":{},"automatic_downloads":{},"cookies":{},"fullscreen":{"https://www.youtube.com:443,https://www.facebook.com:443":{"setting":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"setting":1}},"geolocation":{"http://www.drmax.cz:80,http://www.drmax.cz:80":{"last_used":1432509125.470669,"setting":1}},"images":{},"javascript":{},"media_stream":{},"media_stream_camera":{},"media_stream_mic":{},"metro_switch_to_desktop":{},"midi_sysex":{},"mixed_script":{},"mouselock":{},"notifications":{},"plugins":{},"popups":{},"ppapi_broker":{},"protocol_handlers":{},"push_messaging":{},"ssl_cert_decisions":{}},"pattern_pairs":{"https://www.youtube.com:443,https://www.facebook.com:443":{"fullscreen":1},"https://www.youtube.com:443,https://www.youtube.com:443":{"fullscreen":1}},"pref_version":1},"default_content_settings":{},"exit_type":"Normal","exited_cleanly":true,"icon_version":3,"managed_user_id":"","migrated_content_settings_exceptions":true,"migrated_default_content_settings":true,"migrated_default_media_stream_content_settings":true,"name":"Osoba 1","per_host_zoom_levels":{}},"protection":{"macs":{}},"savefile":{"default_directory":"C:\\Downloads\\Dropbox\\Aktuálně"},"selectfile":{"last_directory":"C:\\Users\\el\\Desktop"},"session":{"restore_on_startup_migrated":true,"startup_urls_migration_time":"13068547079736870"},"translate_accepted_count":{"en":0,"sk":0},"translate_blocked_languages":[],"translate_denied_count":{"en":1,"sk":1},"translate_last_denied_time":1424183095004.425,"translate_site_blacklist":[],"translate_too_often_denied":true,"translate_whitelists":{},"zerosuggest":{"cachedresults":""}}
onStartup","runtime.onSuspend","storage.onChanged"],"from_bookmark":false,"from_webstore":false,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13048535946225006","location":5,"manifest":{"background":{"persistent":false,"scripts":["utility.js","cards.js","background.js"]},"description":"Integrates Google Now into Chrome.","icons":{"128":"images/icon128.png","16":"images/icon16.png","48":"images/icon48.png"},"key":"MIIBIjANBgkqhkiG9w0BAQEFAAOCAQ8AMIIBCgKCAQEAkhqJr32OFD/bMXW4Md7jMfd7LbwHXVc6x5bBQG5U+dloofoxrICDR20yur/40mQ8O//0sS1b8srvbab1CRlSrxoNCr9T80NAkfzx0gHyVS+p1Zow+1FzLMu9PiGwwFyN80HIB7GI/dIa0wC9K/2OrrzcHEhVH96DacTtWQqjfDVtZPjT7Xwv23dgoWcpbkRC86jMJot3dmX9xnn0KzoVc9gDOHSIkBLbkkr6Sp3LGXCCM4L0DJgxdFwaLr5WBzgC3y5x0/wwPIwN4PtIaK3BhH6njlksfnKwwIJ9iRT41V4BqbWu4mszO/7VJ3HJyw2DBpIc2grU9ZRRxrV3fRQG4wIDAQAB","manifest_version":2,"name":"Google Now","oauth2":{"auto_approve":true,"scopes":["https://www.googleapis.com/auth/googlenow"]},"optional_permissions":["background"],"permissions":["alarms","identity","metricsPrivate","notifications","pushMessaging","storage","tabs","webstorePrivate","\u003Call_urls>"],"version":"1.2.0.1"},"path":"C:\\Program Files (x86)\\Google\\Chrome\\Application\\35.0.1916.153\\resources\\google_now","preferences":{},"regular_only_preferences":{},"was_installed_by_default":false,"was_installed_by_oem":false},"pbjikboenpfhbbejgkoklgkhjpfogcam":{"ack_external":true,"active_permissions":{"api":["bookmarks","clipboardRead","geolocation","management","notifications","storage","tabs","webRequest","webRequestBlocking"],"explicit_host":["http://*/*","https://*/*"],"manifest_permissions":[],"scriptable_host":["*://*.amazon.ca/*","*://*.amazon.cn/*","*://*.amazon.co.jp/*","*://*.amazon.co.uk/*","*://*.amazon.com/*","*://*.amazon.de/*","*://*.amazon.es/*","*://*.amazon.fr/*","*://*.amazon.it/*"]},"commands":{},"content_settings":[],"creation_flags":9,"disable_reasons":1,"events":[],"external_first_run":true,"from_bookmark":false,"from_webstore":true,"incognito_content_settings":[],"incognito_preferences":{},"initial_keybindings_set":true,"install_time":"13065792478818937","lastpingday":"13065782402983998","location":3,"manifest":{"background":{"page":"main.html","persistent":true},"browser_action":{"default_icon":"images/asmile_16.png","default_popup":"popup.html","default_title":"Amazon"},"content_scripts":[{"js":["page_messaging.js"],"matches":["*://*.amazon.co.uk/*","*://*.amazon.de/*","*://*.amazon.cn/*","*://*.amazon.it/*","*://*.amazon.com/*","*://*.amazon.es/*","*://*.amazon.co.jp/*","*://*.amazon.ca/*","*://*.amazon.fr/*","*://*.amazon.com/*"],"run_at":"document_start"}],"current_locale":"cs","default_locale":"en","description":"This is an official Amazon extension for Chrome","icons":{"128":"images/asmile_128.png","16":"images/asmile_16.png","48":"images/asmile_48.png"},"key":"MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDKG0WaGRpHAruDLb/KOzlSPd2R4/6Ll6DRZ/EPR93yIRiExTUZJaUg4jmBNs7jXP2FPjgXm4STlz3WYInHttYuCdEGDB1ky+w5B5S+a8kVFkSJBZ3AJR0WQWqbUFKt0WlLdITEjUlbB5iI9PGbuyjqvlyYB+sn8F15wfevfPD4tQIDAQAB","manifest_version":2,"name":"Amazon 1Button App for Chrome","permissions":["tabs","storage","http://*/*","https://*/*","notifications","tabs","bookmarks","management","clipboardRead","geolocation","webRequest","webRequestBlocking"],"update_url":"https://clients2.google.com/service/update2/crx","version":"4.2015.106.0","web_accessible_resources":["page_messaging.js"]},"path":"pbjikboenpfhbbejgkoklgkhjpfogcam\\4.2015.106.0_0","preferences":{},"regular_only_preferences":{},"state":2,"was_installed_by_default":false,"was_installed_by_oem":false}}},"pinned_tabs":[],"protection":{"macs":{"browser":{"show_home_button":"C60F95ED5797FEBBEB95F27D93EC2DA9A17CECFA55EBBA14BC8698D673D773D8"},"default_search_provider":{"keyword":"5EB862F3DA0612BC01B2A48040161205677B9A6E51B595B4EBB9D5A8168A5088","name":"090B35FE425742C38A0180994BB92944CAADBE63C9677B01229AC06FA0D2E02C","search_url":"4DCC9F463C2FE5E40EF2A02C05F6E9AD3B5E0CF266EAF56E1B4B154F5B5D3A1C"},"default_search_provider_data":{"template_url_data":"37AD170E5A233A2DEA640D7524CC3507389F825654A7833D0B7759FC5EFAC80D"},"extensions":{"settings":{"ahfgeienlihckogmohjhadlkjgocpleb":"021036B7340E40173D1FCC42FEB4325E39E9FE7D4727C33E694FC9168B5E8F95","bepbmhgboaologfdajaanbcjmnhjmhfn":"4DED38F778CC5FA2D1DCDDDFC143C2B734FAE6BBA6940BE47443C1205D0707BC","cdkedefaddcdlpmiafhicjnkbogjiogj":"15778B31A94A1193A0BD883A02087C5EB8CD89BBD12914945494B14F58845288","eemcgdkfndhakfknompkggombfjjjeno":"3D56E7FD37E856315888E394F66B5259B7DB19CAEF84E39152E879B3CF6997D9","ennkphjdgehloodpbhlhldgbnhmacadg":"DF4805034F65C0450AAE6B4C6B0019367F59C584783490F16FB800B9C084F7B1","gfdkimpbcpahaombhbimeihdjnejgicl":"62301DFC385708352D220131D235B8994C8CAD9B3F5280DFF6C0B21E88CAC291","gighmmpiobklfepjocnamgkkbiglidom":"3C7D01BA85B18A4BD16363FA95A1CEACD0BD87EEEAD37E9070B8E9887E554D68","gmlllbghnfkpflemihljekbapjopfjik":"1AF8E9545D49BAF92710D4F7FC9CACAD2FC20B1D2CFC1D93D4DF76E8E00BB576","gomekmidlodglbbmalcneegieacbdmki":"E37219C9AFC25E2F6D2AE9890F6588D4179A294A78D58932C4D07107360503CE","kmendfapggjehodndflmmgagdbamhnfd":"88199001C6F36AEFE32CE75987F27819D3B96740D9D17E3C88D6E47160302422","lifbcibllhkdhoafpjfnlhfpfgnpldfl":"D9669A48F11633B460EC3E6A449A134EAD7CA3FCF25ED250A8FB818ECB700AF3","mfehgcgbbipciphmccgaenjidiccnmng":"1482F6BA89E97936CA6FAD41DC8A2E06DFB2EF81139B0216ACB9806964DA31ED","mgndgikekgjfcpckkfioiadnlibdjbkf":"CE5828CC9B61E59A61CF5696BA5941477E4958F7665ACF6E1E9C11A5D7E8B6AF","mhjfbmdgcfjbbpaeojofohoefgiehjai":"2276B723FC47DB71F865265E0E33FB7C931A2B1616F592E7AD0AAB06C0E5D4F1","neajdppkdcdipfabeoofebfddakdcjhd":"5D5F89F9F64133C365D69A33F0AC6B3959F91B7CBED07FE1E4572AF451F807E4","nkeimhogjdpnpccoofpliimaahmaaome":"088B2F85BF323349E1CBFDB99FA1EFC92DFDCC3D43282ECD0B14F33425E27F2C","nmmhkkegccagdldgiimedpiccmgmieda":"8C7ED3387389BAB9439B3C45DD2D3024AE9D550A0DB33A0DE5FEFCEC995106AC","pafkbggdmjlpgkdkcbjmhmfcdpncadgh":"B2F8D11691A9B2FF7309357D6557CB30AB000C44FE16762AEC7054EBD76F15C5","pbjikboenpfhbbejgkoklgkhjpfogcam":"946540F368EE346F6EAE5E93F6957AF8F8D943911ADDDECB59D49D76CE14FAA3"}},"google":{"services":{"last_username":"24BB508312284BD74DC0BD921CF2FC93B48BD11E661671CD30A20B5DF810F505","username":"0F42E4F9E9318B49C5B380226BCA491F18B55468828FBAA84037D9880F3AEABD"}},"homepage":"104721C8EDFC6E6324C4BEB0305F5E40B24221F5C0F8ABDACF4310318A277400","homepage_is_newtabpage":"2798F1E027864AC3C8BFFB11E9CA6F4ECCE26A2CEF06D177D46175B46273397F","pinned_tabs":"C330851EF8C4B5863978BD14250EE9FB376F364C16B5DFFBA65B01591CD4B450","prefs":{"preference_reset_time":"00916744E3C9101418E068D82DE19D57507B0DD3451297F3E9355016EC2176D8"},"profile":{"reset_prompt_memento":"683B67C143BEB05CF75465A8BBDF818455EB651175B12C437A94A635D3E7E5B1"},"safebrowsing":{"incidents_sent":"76B8B147C30FD69B06219072F6D1A64469484D2DD992D083FA800E523C338DCE"},"search_provider_overrides":"8996B8E63921B38EF88C3A2093058628BF54409096F2B557927F7E7BB7C4071B","session":{"restore_on_startup":"80431D98171931FA2379FD6F3FA207DAF9DD8E2E67DE3454361E5A2EB715141B","startup_urls":"3A5874EA9D6913DC3A11DAAA8F6A38DD8C3BA96D49F04EB44BA1ECF1BEA0A14C"},"software_reporter":{"prompt_reason":"5A75817B5C490B4FA005679F28880681764D23B1BC6613BF9D54A71D1B59C261","prompt_seed":"E03855839672CB153AF42F37D1F2DC60C8F9F924DD544A5A4BF2E42AC0663475","prompt_version":"2D38455D527B9FE2D0730ADB1BB0B582012C4DADD604E6B7E88BFD6FE57A27AA"},"sync":{"remaining_rollback_tries":"4B3D0ABC0645F05ADC7C59F31602D40AD43F8C04E4F511A786895B49176D77DC"}},"super_mac":"B1C83C113B628C21142523B1E264F4E2D05E424779DE1D9378ECC29E86E293A6"},"session":{"restore_on_startup":4,"startup_urls":["https://www.google.com/"]},"sync":{"remaining_rollback_tries":0}}
==== Chromium Fix ======================
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gighmmpiobklfepjocnamgkkbiglidom deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\gmlllbghnfkpflemihljekbapjopfjik deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Extensions\nmmhkkegccagdldgiimedpiccmgmieda deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-devtools_devtools_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_eemcgdkfndhakfknompkggombfjjjeno_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_gighmmpiobklfepjocnamgkkbiglidom_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\chrome-extension_pafkbggdmjlpgkdkcbjmhmfcdpncadgh_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_email.seznam.cz_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_email.seznam.cz_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_login.szn.cz_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_login.szn.cz_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_ls.hit.gemius.pl_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_ls.hit.gemius.pl_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_plus.google.com_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_plus.google.com_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.facebook.com_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.facebook.com_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.google.com_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.google.cz_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.google.cz_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.seznam.cz_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\https_www.seznam.cz_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ls.hit.gemius.pl_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_ls.hit.gemius.pl_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.novinky.cz_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.novinky.cz_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.super.cz_0.localstorage deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Storage\http_www.super.cz_0.localstorage-journal deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\databases\https_www.google.com_0 deleted successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Local Extension Settings\pafkbggdmjlpgkdkcbjmhmfcdpncadgh deleted successfully
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://www.google.com"
"Search Page"="http://www.google.com"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Search Page"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
"Old Start Page"="http://go.microsoft.com/fwlink/p/?LinkId=255141"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{0633EE93-D776-472f-A0FF-E1416B8B2E3A}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{0633EE93-D776-472f-A0FF-E1416B8B2E3A} Bing Url="http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC"
{33BB0A4E-99AF-4226-BDF6-49120163DE86} Unknown Url="Not_Found"
{E9410C70-B6AE-41FF-AB71-32F4B279EA5F} Google Url="https://www.google.com/search?trackid=sp-006&q={searchTerms}"
==== Reset Google Chrome ======================
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences was reset successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Preferences.bad was reset successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Secure Preferences was reset successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data was reset successfully
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Web Data-journal was reset successfully
==== Deleting CLSID Registry Keys ======================
HKEY_USERS\S-1-5-21-1036634796-3205486453-2887417223-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86} deleted successfully
==== Deleting CLSID Registry Values ======================
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\Software\wow6432node\Policies\Google deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\APSDaemon deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Badoo Desktop deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\BitComet deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Gadwin PrintScreen Pro (64-bit) deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\icq deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\Intel AppUp(R) center deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\iTunesHelper deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\PCSpeedUp deleted successfully
HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\StudentDOG deleted successfully
==== Empty IE Cache ======================
C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\el\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Cache found
==== Empty Chrome Cache ======================
C:\Users\el\AppData\Local\Google\Chrome\User Data\Profile 1\Cache emptied successfully
==== Empty All Flash Cache ======================
No Flash Cache Found
==== Empty All Java Cache ======================
Java Cache cleared successfully
==== C:\zoek_backup content ======================
C:\zoek_backup (files=420 folders=218 21878577 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\el\AppData\Local\Temp will be emptied at reboot
C:\Windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\Windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\Windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\Windows\Temp successfully emptied
C:\Users\el\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on Łt 26.05.2015 at 18:25:39,23 ======================
Při mazání v RogueKilleru jsem měla problém se smazáním výsledků v záložce AntiRootkit - k položkám nešla dát zatržítka. U všech těchto položek je info "The item is clean. Only shown for information.", ale zobrazují se znovu při každém spuštění programu.
Dále jak jsem psala minule, že po použití AdwCleaneru zmizely ze Správce úloh některé procesy bez popisu a zůstaly už jen dvě, po restartu se objevily znovu všechny a jedna dokonce přibyla - rundll.32.exe se někdy objevuje dvakrát a stejně jako ostatní nelze vypnout. V současné chvíli jsou tam stále a všechny problémy přetrvávají.
