Notebook - preventivka

Zpráva

H1Tm4N · #1 Příspěvek od **H1Tm4N** » 12 dub 2014 18:19

Dobrý deň! Poprosím o preventívnu kontrolu

Logfile of random's system information tool 1.09 (written by random/random)
Run by Julka at 2014-04-12 19:13:50
Microsoft Windows 7 Ultimate
System drive C: has 69 GB (69%) free of 100 GB
Total RAM: 3583 MB (56% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:14:42, on 12. 4. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ShowMyPCService\tvnserver.exe
C:\Users\Julka\AppData\Roaming\uTorrent\uTorrent.exe
C:\Users\Julka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Users\Julka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Users\Julka\Downloads\RSIT.exe
C:\Program Files\trend micro\Julka.exe
C:\Windows\system32\SearchFilterHost.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll
R3 - URLSearchHook: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Users\Julka\AppData\LocalLow\uTorrentControl_v6\prxtbuTo0.dll
O2 - BHO: CrossriderApp0050778 - {11111111-1111-1111-1111-110511071178} - C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: uTorrentControl_v6 - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Users\Julka\AppData\LocalLow\uTorrentControl_v6\prxtbuTo0.dll
O2 - BHO: Search Assistant BHO - {9b9dcae3-be34-424c-8d73-75e305a9e091} - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Toolbar BHO - {dc9051c2-8f55-479a-97a4-747980d9047f} - C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbar.dll
O3 - Toolbar: WeatherBlink - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - C:\Program Files\WeatherBlink\bar\1.bin\gcbar.dll
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: uTorrentControl_v6 Toolbar - {96f454ea-9d38-474f-b504-56193e00c1a5} - C:\Users\Julka\AppData\LocalLow\uTorrentControl_v6\prxtbuTo0.dll
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [WeatherBlink EPM Support] "C:\PROGRA~1\WEATHE~2\bar\1.bin\gcmedint.exe" T8EPMSUP.DLL,S
O4 - HKLM\..\Run: [WeatherBlink Home Page Guard 32 bit] "C:\PROGRA~1\WEATHE~2\bar\1.bin\AppIntegrator.exe"
O4 - HKLM\..\Run: [WeatherBlink Search Scope Monitor] "C:\PROGRA~1\WEATHE~2\bar\1.bin\gcsrchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [WeatherBlink Browser Plugin Loader] C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\ShowMyPCService\tvnserver.exe" -controlservice -slave
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Julka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Julka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Julka\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Julka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\ShowMyPCService\tvnserver.exe
O23 - Service: WeatherBlinkService - COMPANYVERS_NAME - C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbarsvc.exe

--
End of file - 9484 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
C:\Windows\tasks\Plus-HD-7.6-codedownloader.job
C:\Windows\tasks\Plus-HD-7.6-enabler.job
C:\Windows\tasks\Plus-HD-7.6-firefoxinstaller.job
C:\Windows\tasks\Plus-HD-7.6-updater.job
C:\Windows\tasks\Plus-HD-7.6-validator.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default

prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=UP97&ocid=UP97DHP"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WeatherBlink.com/Plugin]
"Description"=WeatherBlink Plugin
"Path"=C:\Program Files\WeatherBlink\bar\1.bin\NPgcStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default\extensions\
1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default\searchplugins\
bingp.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}]
Plus-HD-7.6 - C:\Program Files\Plus-HD-7.6\Plus-HD-7.6-bho.dll [2014-02-27 506216]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-27 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}]
uTorrentControl_v6 Toolbar - C:\Users\Julka\AppData\LocalLow\uTorrentControl_v6\prxtbuTo0.dll [2014-03-26 424224]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9b9dcae3-be34-424c-8d73-75e305a9e091}]
Search Assistant BHO - C:\Program Files\WeatherBlink\bar\1.bin\gcSrcAs.dll [2014-02-27 140360]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2013-11-20 4502400]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc9051c2-8f55-479a-97a4-747980d9047f}]
Toolbar BHO - C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbar.dll [2014-02-27 859720]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f20de5e0-2a6e-4c54-985f-1cf59551ce39} - WeatherBlink - C:\Program Files\WeatherBlink\bar\1.bin\gcbar.dll [2014-02-27 859720]
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-27 1143168]
{96f454ea-9d38-474f-b504-56193e00c1a5} - uTorrentControl_v6 Toolbar - C:\Users\Julka\AppData\LocalLow\uTorrentControl_v6\prxtbuTo0.dll [2014-03-26 424224]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-27 496960]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-02-27 7625248]
"WeatherBlink EPM Support"=C:\PROGRA~1\WEATHE~2\bar\1.bin\gcmedint.exe [2014-02-27 12872]
"WeatherBlink Home Page Guard 32 bit"=C:\PROGRA~1\WEATHE~2\bar\1.bin\AppIntegrator.exe []
"WeatherBlink Search Scope Monitor"=C:\PROGRA~1\WEATHE~2\bar\1.bin\gcsrchmn.exe [2014-02-27 55368]
"WeatherBlink Browser Plugin Loader"=C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe [2014-02-27 61512]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-02 3774312]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-11 13789728]
"tvncontrol"=C:\Program Files\ShowMyPCService\tvnserver.exe [2010-07-08 815704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Julka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Julka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Users\Julka\AppData\Roaming\uTorrent\uTorrent.exe [2014-04-02 1264984]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe

C:\Users\Julka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Julka\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMPCHelper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tvnserver]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-12 19:13:51 ----D---- C:\Program Files\trend micro
2014-04-12 19:13:50 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2014-04-12 19:14:42 ----D---- C:\Users\Julka\AppData\Roaming\Dropbox
2014-04-12 19:14:03 ----D---- C:\Windows\Prefetch
2014-04-12 19:13:55 ----D---- C:\Windows\Temp
2014-04-12 19:13:51 ----RD---- C:\Program Files
2014-04-12 19:13:12 ----D---- C:\Users\Julka\AppData\Roaming\uTorrent
2014-04-12 19:07:51 ----D---- C:\Windows\System32
2014-04-12 19:07:51 ----D---- C:\Windows\inf
2014-04-12 19:07:51 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-12 19:06:44 ----D---- C:\Users\Julka\AppData\Roaming\Seznam.cz
2014-04-12 19:01:56 ----D---- C:\Users\Julka\AppData\Roaming\Skype
2014-04-12 19:01:27 ----A---- C:\Windows\system32\rpcnetp.exe
2014-04-12 19:01:25 ----A---- C:\Windows\system32\rpcnet.dll
2014-04-09 12:36:36 ----SHD---- C:\System Volume Information
2014-04-08 21:03:26 ----SD---- C:\Users\Julka\AppData\Roaming\Microsoft
2014-04-07 23:41:36 ----D---- C:\Users\Julka\AppData\Roaming\vlc
2014-04-03 13:15:21 ----D---- C:\Windows\system32\config
2014-03-28 16:36:02 ----SHD---- C:\Windows\Installer
2014-03-17 19:10:44 ----RD---- C:\Program Files\Skype
2014-03-16 14:04:04 ----D---- C:\Windows\system32\drivers
2014-03-16 12:15:00 ----A---- C:\Windows\system32\rpcnetp.dll

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-27 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-27 180248]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-27 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-27 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-27 410784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-27 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-27 67824]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-27 64168]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2014-02-27 113664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-02-27 2735504]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2014-02-27 15872]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-06 1766592]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2014-02-27 6656]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-27 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-11 211488]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2014-02-27 69792]
R2 tvnserver;TightVNC Server; C:\Program Files\ShowMyPCService\tvnserver.exe [2010-07-08 815704]
R2 WeatherBlinkService;WeatherBlinkService; C:\PROGRA~1\WEATHE~2\bar\1.bin\gcbarsvc.exe [2014-02-27 88648]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-27 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#2 Příspěvek od **motji** » 13 dub 2014 11:05

Zdravím

Stáhněte Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
-Uložte program na plochu a spusťte . Pak se zobrazí se licenční podminky - potvrďte start libovolnou klávesou.
- vytvoří se záloha a proběhne skenování.
Po skončení skenování na Vás vyběhne log (bude uložen v c:\JRT jako JRT.txt) - zkopírujte jej sem

Stáhněte AdwCleaner http://www.bleepingcomputer.com/download/adwcleaner/
-Uložte program na plochu a ukončete všechny spuštěné programy .
-spusťte AdwCleaner, klikněte na Scan a po dokončení skenu na Clean
- provede se oprava, restartuje se pc - (případně restartujte) a objeví se log C:\AdwCleaner\AdwCleaner.txt , obsah logu zkopírujte zde.

Použijte CCleaner http://forum.viry.cz/viewtopic.php?f=46&t=7478
---------------------------------

H1Tm4N · #3 Příspěvek od **H1Tm4N** » 14 dub 2014 17:57

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.4 (04.06.2014:1)
OS: Windows 7 Ultimate x86
Ran by Julka on po 14. 04. 2014 at 18:47:31,21
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

~~~ Services

~~~ Registry Values

~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\installedbrowserextensions
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\crossrider
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\pricegong
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.BHO
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.BHO.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.Sandbox
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CrossriderApp0050778.Sandbox.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{22222222-2222-2222-2222-220522072278}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{55555555-5555-5555-5555-550555075578}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{66666666-6666-6666-6666-660566076678}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\TypeLib\{44444444-4444-4444-4444-440544074478}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.BHO
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.BHO.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.Sandbox
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\CrossriderApp0050778.Sandbox.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3289075
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{55555555-5555-5555-5555-550555075578}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Interface\{66666666-6666-6666-6666-660566076678}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\TypeLib\{44444444-4444-4444-4444-440544074478}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{11111111-1111-1111-1111-110511071178}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{68C45E36-0600-4897-8053-19C4F320938C}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{91B459CD-5AE4-4D4F-AB78-C75AD5F4A2BC}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{597b1823-7ff0-4cd3-8095-9d8cba514992}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9B9DCAE3-BE34-424C-8D73-75E305A9E091}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{96f454ea-9d38-474f-b504-56193e00c1a5}
Failed to delete: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{96f454ea-9d38-474f-b504-56193e00c1a5}

~~~ Files

Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-codedownloader
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-enabler
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-firefoxinstaller
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-updater
Successfully deleted: [File] C:\Windows\System32\Tasks\Plus-HD-7.6-validator
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-codedownloader.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-enabler.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-firefoxinstaller.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-updater.job
Successfully deleted: [File] C:\Windows\Tasks\Plus-HD-7.6-validator.job
Successfully deleted: [File] "C:\end"

~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\Julka\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\Julka\appdata\locallow\iac"
Successfully deleted: [Folder] "C:\Users\Julka\appdata\locallow\pricegong"
Successfully deleted: [Folder] "C:\Users\Julka\appdata\locallow\weatherblink"
Successfully deleted: [Folder] "C:\Program Files\conduit"
Failed to delete: [Folder] "C:\Program Files\weatherblink"

~~~ FireFox

Successfully deleted the following from C:\Users\Julka\AppData\Roaming\mozilla\firefox\profiles\wkb4qm3c.default\prefs.js

user_pref("extensions.crossrider.bic", "1447444aa01d5c0db40d74fe9a908d05");

~~~ Event Viewer Logs were cleared

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on po 14. 04. 2014 at 18:50:35,01
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

# AdwCleaner v3.023 - Report created 14/04/2014 at 18:55:16
# Updated 01/04/2014 by Xplode
# Operating System : Windows 7 Ultimate (32 bits)
# Username : Julka - JULKA-PC
# Running from : C:\Users\Julka\Desktop\AdwCleaner.exe
# Option : Scan

***** [ Services ] *****

***** [ Files / Folders ] *****

File Found : C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default\searchplugins\bingp.xml
File Found : C:\Windows\System32\Tasks\BackgroundContainer Startup Task
Folder Found : C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default\Extensions\1079a15c-f3ae-4d92-b473-c51c7f3bc6de@63449f71-c434-4007-828c-7025ecf04b05.com
Folder Found C:\Program Files\Plus-HD-7.6
Folder Found C:\Program Files\uTorrentControl_v6
Folder Found C:\Users\Julka\AppData\Local\Conduit
Folder Found C:\Users\Julka\AppData\Local\Temp\uTorrentControl_v6
Folder Found C:\Users\Julka\AppData\LocalLow\uTorrentControl_v6

***** [ Shortcuts ] *****

***** [ Registry ] *****

Key Found : HKCU\Software\AppDataLow\Software\BackgroundContainer
Key Found : HKCU\Software\AppDataLow\Software\Plus-HD-7.6
Key Found : HKCU\Software\AppDataLow\Software\uTorrentControl_v6
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{96F454EA-9D38-474F-B504-56193E00C1A5}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{70D88A0D-3D18-4B0C-926C-41FB6323606C}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{7fda7a93-03c5-4b8d-af9a-0463a0fccbae}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A6A42E23-3D3A-4A76-B187-D6CB74D0718E}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{e49d544d-7f3f-4301-ac99-844234b08e42}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\BackgroundContainer Startup Task
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B059D884-739E-43E6-8CBC-F1AB28093A9D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{B059D884-739E-43E6-8CBC-F1AB28093A9D}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{CD90659F-D5B2-4104-9504-7CA36E6532DF}
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Plus-HD-7.6
Key Found : HKLM\Software\Plus-HD-7.6
Key Found : HKLM\Software\uTorrentControl_v6
Value Found : HKCU\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{96F454EA-9D38-474F-B504-56193E00C1A5}]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WeatherBlink Browser Plugin Loader]
Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [WeatherBlink Search Scope Monitor]

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.7600.16385

Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages] - hxxp://home.tb.ask.com/index.jhtml?n=77FD35DB&p2=^XN^xdm246^YYA^sk&ptb=D6B4E55F-E890-488B-AA9F-2205F11B4307&si=CH_WEAT_INTL_SLO_35

-\\ Mozilla Firefox v27.0.1 (cs)

[ File : C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default\prefs.js ]

Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.InstallationThankYouPage", false);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.InstallationTime", 1393460618);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778_dbWasSet", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778_dbWasSet_FF25_FIX", true[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.active", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.addressbar", "NA");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.addressbarenhanced", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncdb.was_copied", "true");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncdb_dbWasSet", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncdb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncinternaldb.was_copied", "true");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncinternaldb_dbWasSet", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.asyncinternaldb_dbWasSet_FF25_FIX", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.backgroundver", 1);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.certdomaininstaller", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.changeprevious", false);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallationTime.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallationTime.value", "%221393460618%22");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.InstallerParams.value", "%7B%22source_id%22%3A%22001133%22%2C%22sub_id%22%3A%220%22%2C%22uz[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.previous_page.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.previous_page.value", "%22hxxp%3A//www.msn.com/%3Fpc%3DUP97%26ocid%3DUP97DHP%22");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.user_id.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.cookie.user_id.value", "%221447444aa01d5c0db40d74fe9a908d05%22");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.description", "Turn YouTube videos to High Definition by default");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.domain", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.enablesearch", false);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.homepage", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.iframe", false);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerIdentifiers.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerIdentifiers.value", "%7B%22installer_bic%22%3A%220DA969525F4F47C9B93D45A8F6CDA[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParams.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParams.value", "%7B%22source_id%22%3A%22001133%22%2C%22sub_id%22%3A%220%22%2C%[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParamsCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerParamsCache.value", "%7B%22source_id%22%3A%22001133%22%2C%22sub_id%22%3A%220%2[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerUserIdentifiersCache.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.InstallerUserIdentifiersCache.value", "%7B%22installer_bic%22%3A%220DA969525F4F47C9B93D[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_appVer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_appVer.value", "41");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_lastVersion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_lastVersion.value", "1");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_meta.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_meta.value", "%7B%7D");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_nextCheck.expiration", "Sun Apr 13 2014 01:12:48 GMT+0200");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_nextCheck.value", "true");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_queue.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_queue.value", "%7B%7D");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_remote_resources.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.Resources_remote_resources.value", "%7B%22remoteId%22%3A0%7D");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__global_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__global_rules.value", "%5B%7B%22rules%22%3A%7B%22delay_between_ads_in_s[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__global_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__global_rules_verion.value", "2");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__is_send_log.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__is_send_log.value", "false");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__last_impression_time.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100")[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__last_impression_time.value", "1395853957653");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__marketing_rules.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__marketing_rules.value", "%7B%22rules%22%3A%5B%7B%22ad_type%22%3A%22sit[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__marketing_rules_verion.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__marketing_rules_verion.value", "25");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__pages_visited_count.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__pages_visited_count.value", "17");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__pagevies_count_10.3.2014.expiration", "Sun Apr 20 2014 05:00:00 GMT+02[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__pagevies_count_10.3.2014.value", "1");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__send_log_percent.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__ICM_DOWNLOADS__send_log_percent.value", "0.0005");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__defualt_browser__.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.__defualt_browser__.value", "%22opera%22");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb._country_code_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb._country_code_.value", "%22SK%22");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.installer.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.installer.value", "%7B%22InstallerIdentifiers%22%3A%7B%22installer_bic%22%3A%220DA96952[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_bundledUrls.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_bundledUrls.value", "%7B%22dealply_s%22%3A%7B%22urls%22%3A%5B%22ssf[...]
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_bundledWithHash.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_bundledWithHash.value", "null");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_notBundledArr_.expiration", "Fri Feb 01 2030 00:00:00 GMT+0100");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.internaldb.monetization_plugin_notBundledArr_.value", "%5B%5D");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.lastDailyReport", "1397322764186");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.lastUpdate", "1397322768565");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.manifesturl", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.name", "Plus-HD-7.6");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.newtab", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.opensearch", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.pluginsurl", "hxxps://w9u6a2p6.ssl.hwcdn.net/plugin/apps/50778/plugins/094/ff/plugins.json");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.pluginsversion", 37);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.publisher", "Plus HD");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.searchstatus", 0);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.setnewtab", false);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.thankyou", "");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.updateinterval", 360);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.50778.ver", 41);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.FilesValidatorDueTime", "1397059330164");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.apps", "50778");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.bic", "1447444aa01d5c0db40d74fe9a908d05");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.cid", 50778);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.firstrun", false);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.hadappinstalled", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.installationdate", 1393520061);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.modetype", "production");
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.reportInstall", true);
Line Found : user_pref("extensions.a1079a15cf3ae4d92b473c51c7f3bc6de63449f71c4344007828c7025ecf04b05com50778.statsDailyCounter", 17);

-\\ Google Chrome v34.0.1847.116

[ File : C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\preferences ]

*************************

AdwCleaner[R0].txt - [22555 octets] - [14/04/2014 18:55:16]

########## EOF - C:\AdwCleaner\AdwCleaner[R0].txt - [22616 octets] ##########

#4 Příspěvek od **motji** » 14 dub 2014 19:52

¨Ještě použijte MBAM
http://forum.viry.cz/viewtopic.php?f=29&t=115222

H1Tm4N · #5 Příspěvek od **H1Tm4N** » 15 dub 2014 14:01

Malwarebytes Anti-Malware
www.malwarebytes.org

Scan Date: 15. 4. 2014
Scan Time: 14:54:30
Logfile: 66.txt
Administrator: Yes

Version: 2.00.1.1004
Malware Database: v2014.04.15.05
Rootkit Database: v2014.03.27.01
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Chameleon: Disabled

OS: Windows 7
CPU: x86
File System: NTFS
User: Julka

Scan Type: Threat Scan
Result: Completed
Objects Scanned: 218846
Time Elapsed: 22 min, 22 sec

Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Shuriken: Enabled
PUP: Enabled
PUM: Enabled

Processes: 0
(No malicious items detected)

Modules: 0
(No malicious items detected)

Registry Keys: 2
PUP.Optional.AudioToAudioToolBar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\WeatherBlinkService, Quarantined, [a8f935f5daa11e185a57a392a75904fc],
PUP.Optional.PlusHD.A, HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\Plus-HD-7.6, Quarantined, [049dda50b9c2fb3b05fd3b328d7545bb],

Registry Values: 0
(No malicious items detected)

Registry Data: 0
(No malicious items detected)

Folders: 36
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075, Quarantined, [cfd232f8cdae5adc7739ce8e8280748c],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\userCode, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\icons, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\icons\actions, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\popupResource, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\fonts, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Program Files\WeatherBlink, Delete-on-Reboot, [cfd27baf6a112115c8d068fe9d6509f7],
PUP.Optional.MindSpark.A, C:\Program Files\WeatherBlink\bar, Delete-on-Reboot, [cfd27baf6a112115c8d068fe9d6509f7],
PUP.Optional.MindSpark.A, C:\Program Files\WeatherBlink\bar\1.bin, Delete-on-Reboot, [cfd27baf6a112115c8d068fe9d6509f7],

Files: 295
PUP.Optional.AudioToAudioToolBar.A, C:\Program Files\WeatherBlink\bar\1.bin\gcbarsvc.exe, Delete-on-Reboot, [a8f935f5daa11e185a57a392a75904fc],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\utt8185.tmp.exe, Quarantined, [bce52505df9ce056a431150941bf4cb4],
Heuristics.Shuriken, C:\Users\Julka\AppData\Local\Temp\plus-hd-7-6row.exe, Quarantined, [ffffffffffffffffffffffffffffffff],
PUP.Optional.Somoto, C:\Users\Julka\AppData\Local\Temp\nsfD877.tmp, Quarantined, [544da288bcbfa3931505ac0dce35ae52],
PUP.Optional.Somoto, C:\Users\Julka\AppData\Local\Temp\bitool.dll, Quarantined, [e8b99793fa8152e480470febdc25bb45],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075\ctbe.exe, Quarantined, [b0f1101a99e205315f1fce500cf4ab55],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075\ieLogic.exe, Quarantined, [b6eb82a87506e84e9a5734e2c04160a0],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075\statisticsStub.exe, Quarantined, [dcc555d5b9c27eb87402f809df2238c8],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075\stub.exe, Quarantined, [1d84ad7d0e6da29485939a931be57c84],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075\chromeid.txt, Quarantined, [cfd232f8cdae5adc7739ce8e8280748c],
PUP.Optional.Conduit.A, C:\Users\Julka\AppData\Local\Temp\ct3289075\setup.ini.txt, Quarantined, [cfd232f8cdae5adc7739ce8e8280748c],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\background.html, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\chromeCoreFilesIndex.txt, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\crossriderManifest.json, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\manifest.json, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\popup.html, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\manifest.xml, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins.json, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\207_dbWrapper.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\102_dealply_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\103_intext_5_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\104_jollywallet_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\108_icm_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\119_similar_web_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\123_intext_adv_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\13_CrossriderAppUtils.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\14_CrossriderUtils.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\155_ibario_pops_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\177_crossriderDashboard.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\178_revizer_ws_dynamic_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\179_revizer_p_dynamic_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\21_debug.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\220_icm_base_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\221_icm_downloads_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\223_imonomy_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\22_resources.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\28_initializer.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\47_resources_background.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\4_jquery_1_7_1.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\64_appApiMessage.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\72_appApiValidation.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\78_CrossriderInfo.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\7_hooks.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\80_CHPopupAppAPI.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\87_ginyas_wrapper.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\91_monetizationLoader.js.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\93_superfish_no_coupons_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\97_resourceApiWrapper.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\9_search_engine_hook.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\17_jQuery.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\180_bpo_serp_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\182_openUrl.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\183_tabsWrapper.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\184_noproblemppc_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\190_pops_5_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\191_ciuvo_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\195_icm_convertmedia_m.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\19_CHAppAPIWrapper.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\plugins\1_base.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\userCode\background.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\extensionData\userCode\extension.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\icons\icon128.png, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\icons\icon16.png, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\icons\icon48.png, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\icons\actions\1.png, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\background.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\main.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\platformVersion.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api\chrome.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api\cookie.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api\message.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api\monitor.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api\pageAction.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\api\pageActionBG.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\app_api.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\bg_app_api.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\consts.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\cookie_store.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\crossriderAPI.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\delegate.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\events.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\extensionDataStore.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\installer.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\logFile.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\logging.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\onBGDocumentLoad.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\reports.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\storageWrapper.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\updateManager.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\util.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\xhr.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\popupResource\newPopup.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.TVShows.A, C:\Users\Julka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogpnmalfbjmndgkplccigakhbphkefol\16189.2744.8498_0\js\lib\popupResource\popup.js, Quarantined, [c5dcdd4dfc7f32045e30e87a7092c33d],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\UrlFolderExtension.uf1, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\UrlFolderExtension.ufm, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\App.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\Background.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\ChromeReview.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\lang-default.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\manifest.json, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\css\App.min.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\css\reset.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\css\reset.min.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\css\WeatherBlink.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\fonts\cabin.eot, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\fonts\cabin.woff, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\close.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\icon.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\icon.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\MainIcon.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\MainIcon.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\minimize.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\rateUISprite.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\rate_WB.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\search.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\WBlogo.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfRain.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfRain.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfRain_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfRain_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfSnow.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfSnow.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfSnow_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfSnow_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfStorm.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfStorm.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfStorm_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfTstorm.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfTstorm.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfTstorm_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfTstorm_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Cloudy.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Cloudy.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Cloudy_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Dust.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Dust.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Dust_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Dust_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Fog.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Fog.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Fog_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Fog_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Ice.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Ice.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Ice_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Ice_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MainIcon.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MainIcon.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misc.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misc.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misc_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misc_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misty.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misty.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misty_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Misty_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlyCloudy.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlyCloudy_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlyCloudy_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlySunny.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlySunny.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlySunny_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlySunny_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Rain.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Rain.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Rain_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\SevereWeatherAdvisory.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\SevereWeatherAdvisory.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\SevereWeatherWarning.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\SevereWeatherWarning.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\SevereWeatherWatch.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\SevereWeatherWatch.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Showers.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Showers.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Showers_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\ChanceOfStorm_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Cloudy_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\MostlyCloudy.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Rain_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Showers_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sleet.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sleet.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sleet_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sleet_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Snow.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Snow.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Snow_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Snow_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sunny.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sunny.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sunny_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Sunny_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Thunderstorm.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Thunderstorm.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Thunderstorm_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Thunderstorm_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Windy.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Windy.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Windy_60x60.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\images\weather\Windy_90x90.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\js\Background.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\js\Review.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\js\Widget.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\anemone-1.2.7.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\ChromeReview.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\EventManager.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\hogan-2.0.0.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\i18nImporter.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\jquery-1.8.2.min.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\jquery.browser.min.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\json2.min.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\reset.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\underscore-1.4.4.min.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\36474d12d503217e28c8036a67691aec261995af\1.2.0\libs\widget-api-1.4.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\App.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\Background.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\lang-en.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\manifest.json, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\Player.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\App.min.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\css\reset.min.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.eot, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.ttf, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Bold.woff, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.eot, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.ttf, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Medium.woff, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.eot, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.ttf, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\font\Roboto-Regular.woff, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayBttn.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\BlackBK.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Breakouts_2.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_closed.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_open.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_ScrollHandle.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_BK.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\DD_Scroll_handleAlt.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\favicon.ico, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Listen.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\PlayMusic.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_BK.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Break.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Scroll_Thumb.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\Selection_Break.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\SettingsBreak.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\StationBreak.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\images\temp_blue.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Background.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Player.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\705d46d8b2604edccc9306042209718003e77462\1.0.3\js\Widget.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\background.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\hidden-window.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\lang-en.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\manifest.json, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\window.html, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\css\App.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\css\App.min.css, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\favicon.ico, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\FBwidget_sprite.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icon.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icon.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\loading.gif, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F0.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F0.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F1.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F1.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F10.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F10.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F2.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F2.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F3.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F3.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F4.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F4.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F5.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F5.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F6.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F6.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F7.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F7.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F8.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F8.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F9.bmp, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\images\icons\F9.png, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js\Background.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js\Hidden.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Users\Julka\AppData\Local\WeatherBlink\e3218e48d1719369996c8da5c4a3d28d11afeaab\1.3.2\js\Widget.js, Quarantined, [f4ad4edc03786dc96e2970f6e41eb44c],
PUP.Optional.MindSpark.A, C:\Program Files\WeatherBlink\bar\1.bin\gcbrmon.exe, Quarantined, [cfd27baf6a112115c8d068fe9d6509f7],
PUP.Optional.MindSpark.A, C:\Program Files\WeatherBlink\bar\1.bin\T8RES.DLL, Quarantined, [cfd27baf6a112115c8d068fe9d6509f7],

Physical Sectors: 0
(No malicious items detected)

(end)

#6 Příspěvek od **motji** » 15 dub 2014 20:08

Vše smažte

H1Tm4N · #7 Příspěvek od **H1Tm4N** » 16 dub 2014 18:24

Zmazané

Logfile of random's system information tool 1.09 (written by random/random)
Run by Julka at 2014-04-16 19:23:25
Microsoft Windows 7 Ultimate
System drive C: has 74 GB (74%) free of 100 GB
Total RAM: 3583 MB (46% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 19:23:31, on 16. 4. 2014
Platform: Windows 7 (WinNT 6.00.3504)
MSIE: Internet Explorer v8.00 (8.00.7600.16385)
Boot mode: Normal

Running processes:
C:\Windows\system32\Dwm.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskhost.exe
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\Program Files\Elantech\ETDCtrl.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\AVAST Software\Avast\avastui.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\ShowMyPCService\tvnserver.exe
C:\Users\Julka\AppData\Roaming\uTorrent\uTorrent.exe
C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
C:\Program Files\RocketDock\RocketDock.exe
C:\Program Files\Skype\Phone\Skype.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Program Files\SRS Labs\SRS Premium Sound Control Panel\SRSPremiumPanel.exe
C:\Users\Julka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Users\Julka\AppData\Roaming\Dropbox\bin\Dropbox.exe
C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Program Files\Google\Chrome\Application\chrome.exe
C:\Windows\system32\SearchFilterHost.exe
C:\Users\Julka\Downloads\RSIT (1).exe
C:\Program Files\trend micro\Julka.exe

R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://www.seznam.cz/?clid=13415
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/?LinkId=69157
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: (no name) - {8ba2cfef-a1bc-4964-aadc-33be1ae5a33c} - (no file)
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: (no name) - {dc9051c2-8f55-479a-97a4-747980d9047f} - (no file)
O3 - Toolbar: (no name) - {f20de5e0-2a6e-4c54-985f-1cf59551ce39} - (no file)
O3 - Toolbar: avast! Online Security - {CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O4 - HKLM\..\Run: [ETDWare] C:\Program Files\Elantech\ETDCtrl.exe
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\Windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [tvncontrol] "C:\Program Files\ShowMyPCService\tvnserver.exe" -controlservice -slave
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Julka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Julka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [uTorrent] "C:\Users\Julka\AppData\Roaming\uTorrent\uTorrent.exe" /MINIMIZED
O4 - HKCU\..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] "C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe"
O4 - HKCU\..\Run: [RocketDock] "C:\Program Files\RocketDock\RocketDock.exe"
O4 - HKCU\..\Run: [Skype] "C:\Program Files\Skype\Phone\Skype.exe" /minimized /regrun
O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: Dropbox.lnk = C:\Users\Julka\AppData\Roaming\Dropbox\bin\Dropbox.exe
O4 - Global Startup: SRS Premium Sound.lnk = ?
O8 - Extra context menu item: E&xportovať do programu Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odoslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&oslať do programu OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: NBService - Nero AG - C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe
O23 - Service: NMIndexingService - Nero AG - C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\Windows\system32\nvvsvc.exe
O23 - Service: Remote Procedure Call (RPC) Net (rpcnet) - Absolute Software Corp. - C:\Windows\system32\rpcnet.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: TightVNC Server (tvnserver) - GlavSoft LLC. - C:\Program Files\ShowMyPCService\tvnserver.exe

--
End of file - 8367 bytes

======Scheduled tasks folder======

C:\Windows\tasks\Adobe Flash Player Updater.job
C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
C:\Windows\tasks\GoogleUpdateTaskMachineUA.job

=========Mozilla firefox=========

ProfilePath - C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default

prefs.js - "browser.startup.homepage" - "http://www.msn.com/?pc=UP97&ocid=UP97DHP"
prefs.js - "keyword.URL" - "http://www.bing.com/search?FORM=UP97DF&PC=UP97&q="

"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.23.9\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@videolan.org/vlc,version=2.1.3]
"Description"=VLC Multimedia Plugin
"Path"=C:\Program Files\VideoLAN\VLC\npvlc.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@WeatherBlink.com/Plugin]
"Description"=WeatherBlink Plugin
"Path"=C:\Program Files\WeatherBlink\bar\1.bin\NPgcStub.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll

C:\Users\Julka\AppData\Roaming\Mozilla\Firefox\Profiles\wkb4qm3c.default\extensions\
{ea614400-e918-4741-9a97-7a972ff7c30b}

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-27 1143168]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{dc9051c2-8f55-479a-97a4-747980d9047f}]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{f20de5e0-2a6e-4c54-985f-1cf59551ce39}
{CC1A175A-E45B-41ED-A30C-C9B1D7A0C02F} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2014-02-27 1143168]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"ETDWare"=C:\Program Files\Elantech\ETDCtrl.exe [2014-02-27 496960]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2014-02-27 7625248]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"AvastUI.exe"=C:\Program Files\AVAST Software\Avast\AvastUI.exe [2014-04-02 3774312]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-12-21 959904]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"NeroFilterCheck"=C:\Program Files\Common Files\Ahead\Lib\NeroCheck.exe [2006-01-12 155648]
"NvCplDaemon"=C:\Windows\system32\NvCpl.dll [2009-06-11 13789728]
"tvncontrol"=C:\Program Files\ShowMyPCService\tvnserver.exe [2010-07-08 815704]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"DAEMON Tools Lite"=C:\Program Files\DAEMON Tools Lite\DTLite.exe [2013-10-28 3675352]
"cz.seznam.software.autoupdate"=C:\Users\Julka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Julka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"uTorrent"=C:\Users\Julka\AppData\Roaming\uTorrent\uTorrent.exe [2014-04-02 1264984]
"BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}"=C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe [2007-01-15 147456]
"RocketDock"=C:\Program Files\RocketDock\RocketDock.exe [2007-09-02 495616]
"Skype"=C:\Program Files\Skype\Phone\Skype.exe [2014-02-10 20922016]
"Sidebar"=C:\Program Files\Windows Sidebar\sidebar.exe [2009-07-14 1173504]

C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
SRS Premium Sound.lnk - C:\Windows\Installer\{D42F84B6-3709-4A50-8502-6719D16AE6C8}\NewShortcut4_E9C83B3EDF9141A39DA5EC05C79BBB91.exe

C:\Users\Julka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Dropbox.lnk - C:\Users\Julka\AppData\Roaming\Dropbox\bin\Dropbox.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED}

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\SMPCHelper]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\tvnserver]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*

======List of files/folders created in the last 1 month======

2014-04-15 14:31:01 ----A---- C:\Windows\system32\drivers\MBAMSwissArmy.sys
2014-04-15 14:30:33 ----D---- C:\ProgramData\Malwarebytes
2014-04-15 14:30:33 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-04-15 14:30:33 ----A---- C:\Windows\system32\drivers\mwac.sys
2014-04-15 14:30:33 ----A---- C:\Windows\system32\drivers\mbamchameleon.sys
2014-04-15 14:30:33 ----A---- C:\Windows\system32\drivers\mbam.sys
2014-04-14 18:55:14 ----D---- C:\AdwCleaner
2014-04-14 18:47:28 ----D---- C:\Windows\ERUNT
2014-04-12 19:13:51 ----D---- C:\Program Files\trend micro
2014-04-12 19:13:50 ----D---- C:\rsit

======List of files/folders modified in the last 1 month======

2014-04-16 19:23:31 ----D---- C:\Users\Julka\AppData\Roaming\uTorrent
2014-04-16 19:23:28 ----D---- C:\Windows\Temp
2014-04-16 19:12:41 ----D---- C:\Users\Julka\AppData\Roaming\Skype
2014-04-16 19:12:39 ----A---- C:\Windows\system32\rpcnetp.exe
2014-04-16 16:51:41 ----D---- C:\Windows\Prefetch
2014-04-16 16:38:45 ----D---- C:\Windows\System32
2014-04-16 16:38:45 ----D---- C:\Windows\inf
2014-04-16 16:38:45 ----A---- C:\Windows\system32\PerfStringBackup.INI
2014-04-16 16:38:16 ----D---- C:\Users\Julka\AppData\Roaming\Seznam.cz
2014-04-16 16:34:45 ----D---- C:\Users\Julka\AppData\Roaming\Dropbox
2014-04-16 16:32:36 ----A---- C:\Windows\system32\rpcnet.dll
2014-04-15 14:56:29 ----D---- C:\Windows
2014-04-15 14:56:27 ----RD---- C:\Program Files
2014-04-15 14:56:27 ----D---- C:\Windows\system32\drivers
2014-04-15 14:56:27 ----D---- C:\Windows\L2Schemas
2014-04-15 14:30:33 ----HD---- C:\ProgramData
2014-04-15 14:24:43 ----D---- C:\Windows\system32\Tasks
2014-04-14 20:22:21 ----D---- C:\Windows\system32\config
2014-04-14 19:49:51 ----SHD---- C:\System Volume Information
2014-04-14 18:59:23 ----D---- C:\Users\Julka\AppData\Roaming\DAEMON Tools Lite
2014-04-14 18:59:20 ----D---- C:\Windows\Panther
2014-04-14 18:59:20 ----D---- C:\Windows\Minidump
2014-04-14 18:59:20 ----D---- C:\Windows\debug
2014-04-14 18:47:39 ----D---- C:\Windows\Tasks
2014-04-12 22:58:42 ----D---- C:\Users\Julka\AppData\Roaming\vlc
2014-04-08 21:03:26 ----SD---- C:\Users\Julka\AppData\Roaming\Microsoft
2014-03-28 16:36:02 ----SHD---- C:\Windows\Installer
2014-03-17 19:10:44 ----RD---- C:\Program Files\Skype

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;avast! Revert; C:\Windows\system32\drivers\aswRvrt.sys [2014-02-27 49944]
R0 aswVmm;avast! VM Monitor; C:\Windows\system32\drivers\aswVmm.sys [2014-02-27 180248]
R0 pciide;pciide; C:\Windows\system32\DRIVERS\pciide.sys [2009-07-14 12368]
R0 rdyboost;ReadyBoost; C:\Windows\System32\drivers\rdyboost.sys [2009-07-14 173648]
R1 aswRdr;aswRdr; \??\C:\Windows\system32\drivers\aswRdr2.sys [2014-02-27 79720]
R1 aswSnx;aswSnx; \??\C:\Windows\system32\drivers\aswSnx.sys [2014-02-27 775952]
R1 aswSP;aswSP; \??\C:\Windows\system32\drivers\aswSP.sys [2014-02-27 410784]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\Windows\system32\drivers\csc.sys [2009-07-14 387584]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\Windows\system32\DRIVERS\dtsoftbus01.sys [2014-02-27 243128]
R1 vwififlt;Virtual WiFi Filter Driver; C:\Windows\system32\DRIVERS\vwififlt.sys [2009-07-14 48128]
R2 aswMonFlt;aswMonFlt; \??\C:\Windows\system32\drivers\aswMonFlt.sys [2014-02-27 67824]
R3 aswStm;aswStm; \??\C:\Windows\system32\drivers\aswStm.sys [2014-02-27 64168]
R3 athr;Atheros Extensible Wireless LAN device driver; C:\Windows\system32\DRIVERS\athr.sys [2009-07-14 1096704]
R3 ETD;ELAN PS/2 Port Input Device; C:\Windows\system32\DRIVERS\ETD.sys [2014-02-27 113664]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\Windows\system32\drivers\RTKVHDA.sys [2014-02-27 2735504]
R3 MBAMProtector;MBAMProtector; \??\C:\Windows\system32\drivers\mbam.sys [2014-04-03 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\Windows\system32\drivers\MBAMSwissArmy.sys [2014-04-16 107736]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\Windows\system32\drivers\mwac.sys [2014-04-03 51416]
R3 nvsmu;nvsmu; C:\Windows\system32\DRIVERS\nvsmu.sys [2014-02-27 15872]
R3 RTL8167;Realtek 8167 NT Driver; C:\Windows\system32\DRIVERS\Rt86win7.sys [2009-07-14 139776]
R3 SNP2UVC;USB2.0 PC Camera (SNP2UVC); C:\Windows\system32\DRIVERS\snp2uvc.sys [2009-06-06 1766592]
R3 vwifimp;Microsoft Virtual WiFi Miniport Service; C:\Windows\system32\DRIVERS\vwifimp.sys [2009-07-14 14336]
S2 Parvdm;Parvdm; C:\Windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\Windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;AMD AGP Bus Filter Driver; C:\Windows\system32\DRIVERS\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\Windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 CRFILTER;USB Mass Storage Filter; C:\Windows\system32\DRIVERS\CRFILTER.sys [2014-02-27 6656]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\Windows\System32\drivers\rdpdr.sys [2009-07-14 133120]
S3 s3cap;s3cap; C:\Windows\system32\DRIVERS\vms3cap.sys [2009-07-14 5632]
S3 sisagp;SIS AGP Bus Filter; C:\Windows\system32\DRIVERS\sisagp.sys [2009-07-14 52304]
S3 storvsc;storvsc; C:\Windows\system32\DRIVERS\storvsc.sys [2009-07-14 28224]
S3 viaagp;VIA AGP Bus Filter; C:\Windows\system32\DRIVERS\viaagp.sys [2009-07-14 53328]
S3 ViaC7;VIA C7 Processor Driver; C:\Windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\Windows\system32\DRIVERS\vmbus.sys [2009-07-14 175824]
S3 VMBusHID;VMBusHID; C:\Windows\system32\DRIVERS\VMBusHID.sys [2009-07-14 17920]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2014-02-27 50344]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-03-03 1363584]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-03-03 1748608]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\Windows\System32\svchost.exe [2009-07-14 20992]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-04-03 857912]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-04-03 1809720]
R2 nvsvc;NVIDIA Display Driver Service; C:\Windows\system32\nvvsvc.exe [2009-06-11 211488]
R2 rpcnet;Remote Procedure Call (RPC) Net; C:\Windows\system32\rpcnet.exe [2014-02-27 69792]
R2 tvnserver;TightVNC Server; C:\Program Files\ShowMyPCService\tvnserver.exe [2010-07-08 815704]
R3 NMIndexingService;NMIndexingService; C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe [2007-01-15 266240]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-27 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-10-23 172192]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-03-11 257928]
S3 AppMgmt;@appmgmts.dll,-3250; C:\Windows\system32\svchost.exe [2009-07-14 20992]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2014-02-27 116648]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-02-13 118896]
S3 NBService;NBService; C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe [2007-01-15 774144]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\Windows\System32\svchost.exe [2009-07-14 20992]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\Windows\System32\svchost.exe [2009-07-14 20992]

-----------------EOF-----------------

#8 Příspěvek od **motji** » 17 dub 2014 21:56

Odstraníme nějaké zbytečnosti

:arrow:Stáhněte OTM http://oldtimer.geekstogo.com/OTM.exe
Stáhněte na plochu Otm, 2krát klikněte na Otm,spustí se program,
Do levého okna "Paste Instructions for Items to be Moved" pod žlutou čáru zkopírujete skript

Kód: Vybrat vše

:processes
explorer.exe
 
:files
C:\WINDOWS\system32\*.tmp.dll /s
C:\WINDOWS\system32\SET*.tmp /s
C:\WINDOWS\*.tmp /s
C:\Users\Julka\AppData\Roaming\Seznam.cz

:reg
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"seznam-listicka-distribuce"=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-

:commands
[resethosts]
[emptytemp]
[EMPTYFLASH]
[start explorer]
[clearallrestorepoints]
[Reboot]

-klikněte na červené tlačítko Moveit!
-sem vložte obsah zeleného okénka
-Pokud se bude chtít restartovat pc, dejte YES,log pak najdete C:\_OTM\MovedFiles. Log vložte sem

H1Tm4N · #9 Příspěvek od **H1Tm4N** » 18 dub 2014 21:25

All processes killed
========== PROCESSES ==========
No active process named explorer.exe was found!
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP5E64.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP8545.tmp folder moved successfully.
C:\WINDOWS\Temp\CR_C79C2.tmp folder moved successfully.
C:\WINDOWS\Temp\DMIC60C.tmp moved successfully.
C:\WINDOWS\Temp\DMIF24A.tmp moved successfully.
C:\WINDOWS\Temp\TS_1C09.tmp moved successfully.
C:\WINDOWS\Temp\TS_22FC.tmp moved successfully.
C:\WINDOWS\Temp\TS_2638.tmp moved successfully.
C:\WINDOWS\Temp\TS_2CDD.tmp moved successfully.
C:\WINDOWS\Temp\TS_30F3.tmp moved successfully.
C:\WINDOWS\Temp\TS_4281.tmp moved successfully.
C:\WINDOWS\Temp\TS_4418.tmp moved successfully.
C:\WINDOWS\Temp\TS_5316.tmp moved successfully.
C:\WINDOWS\Temp\TS_5C3C.tmp moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\uninstall folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\install folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\data\chrome folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\data folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\conf\szndesktop.d folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\conf\libfoxcub folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\conf folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz\bin folder moved successfully.
C:\Users\Julka\AppData\Roaming\Seznam.cz folder moved successfully.
========== REGISTRY ==========
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop deleted successfully.
========== COMMANDS ==========
C:\Windows\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully

[EMPTYTEMP]

User: All Users

User: Default
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 0 bytes

User: Julka
->Temp folder emptied: 706702376 bytes
->Temporary Internet Files folder emptied: 848268 bytes
->FireFox cache emptied: 53980044 bytes
->Google Chrome cache emptied: 404786334 bytes
->Flash cache emptied: 708 bytes

User: Public

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 12441238 bytes
%systemroot%\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files folder emptied: 307607 bytes
RecycleBin emptied: 475108894 bytes

Total Files Cleaned = 1 578,00 mb

[EMPTYFLASH]

User: All Users

User: Default

User: Default User

User: Julka
->Flash cache emptied: 0 bytes

User: Public

Total Flash Files Cleaned = 0,00 mb

Restore point Set: OTM Restore Point

OTM by OldTimer - Version 3.1.21.0 log created on 04182014_222143

Files moved on Reboot...
File move failed. C:\Windows\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File move failed. C:\Windows\temp\Low\SkypeClickToCall\Logs\AutoUpdateSvc.log scheduled to be moved on reboot.

Registry entries deleted on Reboot...

#10 Příspěvek od **motji** » 19 dub 2014 12:13

Pokud nejsou problémy, je to vše

H1Tm4N · #11 Příspěvek od **H1Tm4N** » 19 dub 2014 21:21

Ďakujem veľmi pekne za pomoc!

#12 Příspěvek od **motji** » 20 dub 2014 07:05

není zač

VIRY.CZ

Notebook - preventivka

Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka

Re: Notebook - preventivka