Sestra mě požádala zda bych se jí nepodíval na notebook, furt jí všude vyskakujou různý reklamy a mě se zdá že to může být od nějakého né moc žádaného softu.. Děkuji
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 11:26:52, on 24.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Cyberlink\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarDriverAdapter_550vista.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\Explorer.EXE
C:\Users\Anetka\Desktop\hijackthis.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: RichMediaViewV1release16 - {9fabae98-9297-404b-937f-fe7a11410d7a} - C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [OnekeyDM] C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Anetka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {B015B944-7316-49AE-AC84-ACCA9379EA32} (IPCamPlugIn Control) - http://192.168.2.3/IPCamPluginMJPEG.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\windows\system32\nethtsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\windows\system32\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe
--
End of file - 11408 bytes
Přikládam log z HJT. Děkuji
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Prosím o kontrolu
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Prosím o kontrolu
Zdravim 
Nahore je takovej veeeelkej oranzovej obdelnik, zkuste si jej precist a zjistite, jaky log potrebujem. HJT je uz nekolik let nedostacujici
Predpokladam, ze na ten ESET Smart Security je radne zakoupena licence 
Nahore je takovej veeeelkej oranzovej obdelnik, zkuste si jej precist a zjistite, jaky log potrebujem. HJT je uz nekolik let nedostacujici Predpokladam, ze na ten ESET Smart Security je radne zakoupena licence "Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen
od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Omlouvám se, zde log z RSIT. Jinak koukal jsem, eset je pouze trial verze s vypršenou licencí
Logfile of random's system information tool 1.10 (written by random/random)
Run by Anetka at 2014-06-24 13:55:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 78 GB (30%) free of 259 GB
Total RAM: 3067 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:49, on 24.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Cyberlink\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarDriverAdapter_550vista.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\system32\taskmgr.exe
C:\Users\Anetka\Desktop\RSIT.exe
C:\Program Files\trend micro\Anetka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: RichMediaViewV1release16 - {9fabae98-9297-404b-937f-fe7a11410d7a} - C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [OnekeyDM] C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Anetka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {B015B944-7316-49AE-AC84-ACCA9379EA32} (IPCamPlugIn Control) - http://192.168.2.3/IPCamPluginMJPEG.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\windows\system32\nethtsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\windows\system32\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe
--
End of file - 12007 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\Check Updates for Windows Live Toolbar.job - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\windows\tasks\DriverDoc_UPDATES.job - C:\Program Files\DriverDoc\Solvusoftdd.exe -updatecheck
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3936486237-885273306-554862496-1003Core.job - C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3936486237-885273306-554862496-1003UA.job - C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cef836e4cc24bb.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"ext@VideoPlayerV3beta8417.net"=C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff
"quick_start@gmail.com"=C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\quick_start@gmail.com
"ext@RichMediaViewV1release16.net"=C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff
"faststartff@gmail.com"=C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\faststartff@gmail.com
"shortcutff@gmail.com"=C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\shortcutff@gmail.com
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\searchplugins\
my-web-search.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fabae98-9297-404b-937f-fe7a11410d7a}]
Rich Media View - C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll [2014-05-13 87552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-07-26 1493160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-07-26 1493160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
"MDS_Menu"=C:\Program Files\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe [2008-11-15 218408]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-30 1545512]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2009-09-01 13797992]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"OnekeyDM"=C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe [2009-03-27 335872]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-08-26 4114288]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"Lenovo SlideNav"=C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe [2009-08-19 839680]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-14 5074384]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-07-26 397992]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-12-09 74752]
"NBAgent"=C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-09-20 1493288]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files\CyberLink\YouCam\YouCamTray.exe [2009-06-11 162912]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23 138096]
"cz.seznam.software.autoupdate"=C:\Users\Anetka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Users\Anetka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-06-24 13:51:45 ----D---- C:\Program Files\trend micro
2014-06-24 13:51:43 ----D---- C:\rsit
2014-06-24 07:47:36 ----A---- C:\awhD896.tmp
2014-06-21 21:32:00 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-21 21:31:18 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-06-21 21:31:17 ----D---- C:\ProgramData\Malwarebytes
2014-06-21 21:31:17 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-06-21 21:31:17 ----A---- C:\windows\system32\drivers\mwac.sys
2014-06-21 21:31:17 ----A---- C:\windows\system32\drivers\mbam.sys
2014-06-21 15:39:36 ----A---- C:\awh7164.tmp
2014-06-20 05:34:28 ----D---- C:\Program Files\Common Files\Config
2014-06-17 02:27:28 ----A---- C:\windows\system32\drivers\nethfdrv.sys
2014-06-17 02:27:12 ----N---- C:\windows\system32\netupdsrv.exe
2014-06-17 02:27:02 ----A---- C:\windows\system32\installd.exe
2014-06-17 02:26:52 ----N---- C:\windows\system32\nethtsrv.exe
2014-06-17 02:26:42 ----A---- C:\windows\system32\hfnapi.dll
2014-06-17 02:26:32 ----A---- C:\windows\system32\hfpapi.dll
2014-06-14 11:58:33 ----D---- C:\Users\Anetka\AppData\Roaming\KASTNER software
2014-06-14 11:58:33 ----D---- C:\Program Files\KASTNER software
2014-06-12 14:18:42 ----D---- C:\Users\Anetka\AppData\Roaming\337Games
2014-06-12 14:18:42 ----D---- C:\ProgramData\IePluginServices
2014-06-11 01:13:55 ----D---- C:\Program Files\Mozilla Firefox
2014-06-10 23:35:42 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 23:35:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 23:35:42 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-10 23:35:42 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-10 23:35:41 ----A---- C:\windows\system32\urlmon.dll
2014-06-10 23:35:41 ----A---- C:\windows\system32\jsproxy.dll
2014-06-10 23:35:41 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-10 23:35:41 ----A---- C:\windows\system32\iernonce.dll
2014-06-10 23:35:40 ----A---- C:\windows\system32\msfeeds.dll
2014-06-10 23:35:40 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-10 23:35:39 ----A---- C:\windows\system32\msrating.dll
2014-06-10 23:35:39 ----A---- C:\windows\system32\iesetup.dll
2014-06-10 23:35:39 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-10 23:35:37 ----A---- C:\windows\system32\wininet.dll
2014-06-10 23:35:37 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-10 23:35:37 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-10 23:35:36 ----A---- C:\windows\system32\ieui.dll
2014-06-10 23:35:36 ----A---- C:\windows\system32\dxtrans.dll
2014-06-10 23:35:35 ----A---- C:\windows\system32\ieframe.dll
2014-06-10 23:35:34 ----A---- C:\windows\system32\mshtmled.dll
2014-06-10 23:35:33 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-10 23:35:33 ----A---- C:\windows\system32\iertutil.dll
2014-06-10 23:35:32 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-10 23:35:31 ----A---- C:\windows\system32\mshtml.dll
2014-06-10 23:35:30 ----A---- C:\windows\system32\vbscript.dll
2014-06-10 23:35:29 ----A---- C:\windows\system32\jscript9.dll
2014-06-10 23:34:59 ----A---- C:\windows\system32\msxml6.dll
2014-06-10 23:34:59 ----A---- C:\windows\system32\msxml3.dll
2014-06-10 23:34:58 ----A---- C:\windows\system32\msxml6r.dll
2014-06-10 23:34:58 ----A---- C:\windows\system32\msxml3r.dll
2014-06-10 23:34:57 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-10 23:34:56 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-10 23:34:54 ----A---- C:\windows\system32\aepdu.dll
2014-06-10 23:34:54 ----A---- C:\windows\system32\aeinv.dll
2014-06-10 23:34:52 ----A---- C:\windows\system32\usp10.dll
======List of files/folders modified in the last 1 month======
2014-06-24 13:55:48 ----D---- C:\windows\Temp
2014-06-24 13:51:45 ----RD---- C:\Program Files
2014-06-24 13:00:17 ----D---- C:\Program Files\WinZipper
2014-06-24 12:57:12 ----D---- C:\windows\system32\config
2014-06-24 12:54:12 ----D---- C:\windows\system32\NDF
2014-06-24 12:50:40 ----D---- C:\Users\Anetka\AppData\Roaming\Seznam.cz
2014-06-24 12:49:16 ----D---- C:\windows\System32
2014-06-24 12:49:16 ----D---- C:\windows\inf
2014-06-24 12:49:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-24 12:47:24 ----D---- C:\windows\system32\Tasks
2014-06-24 12:45:52 ----D---- C:\windows\Prefetch
2014-06-24 11:21:56 ----D---- C:\Program Files\HandyUpdater
2014-06-21 21:44:19 ----HD---- C:\ProgramData
2014-06-21 21:44:19 ----D---- C:\windows\system32\catroot2
2014-06-21 21:44:10 ----D---- C:\Windows
2014-06-21 21:43:36 ----D---- C:\ProgramData\WPM
2014-06-21 21:43:35 ----D---- C:\windows\system32\drivers
2014-06-21 21:43:35 ----D---- C:\windows\ehome
2014-06-21 21:41:49 ----D---- C:\Program Files\Common Files\337
2014-06-21 21:41:45 ----D---- C:\ProgramData\eSafe
2014-06-21 21:41:33 ----D---- C:\Users\Anetka\AppData\Roaming\SupTab
2014-06-21 20:57:44 ----D---- C:\windows\Minidump
2014-06-21 20:56:40 ----D---- C:\Program Files\CCleaner
2014-06-21 08:52:27 ----SHD---- C:\System Volume Information
2014-06-20 05:34:28 ----D---- C:\Program Files\Common Files
2014-06-17 23:06:45 ----D---- C:\Filmy
2014-06-17 13:30:02 ----SHD---- C:\windows\Installer
2014-06-15 19:52:14 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-12 15:49:24 ----D---- C:\Program Files\Fakturačka
2014-06-12 11:21:43 ----D---- C:\windows\rescache
2014-06-11 13:32:30 ----D---- C:\windows\winsxs
2014-06-11 13:29:58 ----D---- C:\windows\system32\en-US
2014-06-11 13:29:57 ----D---- C:\Program Files\Internet Explorer
2014-06-11 13:29:55 ----SD---- C:\windows\system32\CompatTel
2014-06-11 13:29:54 ----D---- C:\windows\system32\DriverStore
2014-06-10 23:34:16 ----D---- C:\windows\system32\catroot
2014-06-01 07:36:25 ----D---- C:\Users\Anetka\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 53224]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-02 36208]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-11-28 54800]
R1 nethfdrv;nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys [2014-06-17 40528]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2012-10-08 149568]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2009-08-21 1180016]
R3 enecir;ENE CIR Receiver; C:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 enecirhid;ENE CIR HID Receiver; C:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 11776]
R3 enecirhidma;ENE CIR HIDmini Filter; C:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 5632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-06-07 273448]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2014-06-24 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-05-14 4231680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2009-08-11 66592]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-30 219056]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-14 1329304]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-09-23 641832]
R2 NetHttpService;Network HTTP Support Service; C:\windows\system32\nethtsrv.exe [2014-06-17 180224]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2009-09-01 211560]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2009-07-17 244904]
R2 ServiceUpdater;Network Support Service Updater; C:\windows\system32\netupdsrv.exe [2014-06-17 162304]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
R2 winzipersvc;WinZiper service; C:\Program Files\WinZipper\winzipersvc.exe [2014-02-26 425104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-04 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-05-30 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-25 29263712]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-12-09 1343400]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]
-----------------EOF-----------------
Logfile of random's system information tool 1.10 (written by random/random)
Run by Anetka at 2014-06-24 13:55:47
Microsoft Windows 7 Home Premium Service Pack 1
System drive C: has 78 GB (30%) free of 259 GB
Total RAM: 3067 MB (33% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 13:55:49, on 24.6.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17126)
Boot mode: Normal
Running processes:
C:\windows\system32\taskhost.exe
C:\windows\Explorer.EXE
C:\Program Files\Malwarebytes Anti-Malware\mbam.exe
C:\windows\system32\Dwm.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Synaptics\SynTP\SynTPEnh.exe
C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe
C:\Program Files\Lenovo\Energy Management\utility.exe
C:\Program Files\Lenovo\Energy Management\Energy Management.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe
C:\Program Files\ESET\ESET Smart Security\egui.exe
C:\Program Files\Winamp\winampa.exe
C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe
C:\Program Files\Cyberlink\YouCam\YouCamTray.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarDriverAdapter_550vista.exe
C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNotifier.exe
C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files\Synaptics\SynTP\SynTPHelper.exe
C:\Program Files\Lenovo\Bluetooth Software\BtStackServer.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\windows\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\system32\Macromed\Flash\FlashPlayerPlugin_13_0_0_214.exe
C:\windows\system32\taskmgr.exe
C:\Users\Anetka\Desktop\RSIT.exe
C:\Program Files\trend micro\Anetka.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://search.delta-homes.com/web/?utm_ ... earchTerms}
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL
O2 - BHO: RichMediaViewV1release16 - {9fabae98-9297-404b-937f-fe7a11410d7a} - C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll
O2 - BHO: SkypeIEPluginBHO - {AE805869-2E5C-4ED4-8F7B-F1F7851A4497} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O2 - BHO: Windows Live Toolbar Helper - {BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O2 - BHO: Ask Toolbar BHO - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O3 - Toolbar: Windows Live Toolbar - {BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - C:\Program Files\Windows Live Toolbar\msntb.dll
O3 - Toolbar: Nero Toolbar - {D4027C7F-154A-4066-A1AD-4243D8127440} - C:\Program Files\Ask.com\GenericAskToolbar.dll
O4 - HKLM\..\Run: [IAAnotif] C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe
O4 - HKLM\..\Run: [MDS_Menu] "C:\Program Files\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\MediaShow" UpdateWithCreateOnce "Software\CyberLink\MediaShow\4.1"
O4 - HKLM\..\Run: [SynTPEnh] %ProgramFiles%\Synaptics\SynTP\SynTPEnh.exe
O4 - HKLM\..\Run: [NvCplDaemon] RUNDLL32.EXE C:\windows\system32\NvCpl.dll,NvStartup
O4 - HKLM\..\Run: [RtHDVCpl] C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe
O4 - HKLM\..\Run: [OnekeyDM] C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe
O4 - HKLM\..\Run: [UpdateP2GShortCut] "C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe" "C:\Program Files\Lenovo\Power2Go" UpdateWithCreateOnce "SOFTWARE\CyberLink\Power2Go\5.0"
O4 - HKLM\..\Run: [EnergyUtility] C:\Program Files\Lenovo\Energy Management\utility.exe
O4 - HKLM\..\Run: [Energy Management] C:\Program Files\Lenovo\Energy Management\Energy Management.exe
O4 - HKLM\..\Run: [Lenovo SlideNav] "C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe"
O4 - HKLM\..\Run: [egui] "C:\Program Files\ESET\ESET Smart Security\egui.exe" /hide /waitservice
O4 - HKLM\..\Run: [ApnUpdater] "C:\Program Files\Ask.com\Updater\Updater.exe"
O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files\Winamp\winampa.exe"
O4 - HKLM\..\Run: [NBAgent] "C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe" /WinStart
O4 - HKLM\..\Run: [GrooveMonitor] "C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [UCam_Menu] "C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe" "C:\Program Files\CyberLink\YouCam" UpdateWithCreateOnce "Software\CyberLink\YouCam\3.0"
O4 - HKLM\..\Run: [YouCam Mirror Tray icon] "C:\Program Files\CyberLink\YouCam\YouCamTray.exe" /s
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Anetka\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-18\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\RunOnce: [SPReview] "C:\windows\System32\SPReview\SPReview.exe" /sp:1 /errorfwlink:"http://go.microsoft.com/fwlink/?LinkID=122915" /build:7601 (User 'Default user')
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Bluetooth.lnk = ?
O8 - Extra context menu item: &Windows Live Search - res://C:\Program Files\Windows Live Toolbar\msntb.dll/search.htm
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Skype Click to Call - {898EA8C8-E7FF-479B-8935-AEC46303B9E5} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-4015 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: @C:\Program Files\Lenovo\Bluetooth Software\btrez.dll,-12650 - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\Lenovo\Bluetooth Software\btsendto_ie.htm
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {B015B944-7316-49AE-AC84-ACCA9379EA32} (IPCamPlugIn Control) - http://192.168.2.3/IPCamPluginMJPEG.cab
O18 - Protocol: grooveLocalGWS - {88FED34C-F0CA-4636-A375-3CB6248B04CD} - C:\PROGRA~1\MICROS~2\Office12\GRA32A~1.DLL
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~1\COMMON~1\Skype\SKYPE4~1.DLL
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe
O23 - Service: ESET Service (ekrn) - ESET - C:\Program Files\ESET\ESET Smart Security\ekrn.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Intel(R) Matrix Storage Event Monitor (IAANTMON) - Intel Corporation - C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe
O23 - Service: IGRS - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe
O23 - Service: Lenovo ReadyComm AppSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\AppSvc.exe
O23 - Service: Lenovo ReadyComm ConnSvc - Lenovo Group Limited - C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @C:\Program Files\Nero\Update\NASvc.exe,-200 (NAUpdate) - Nero AG - C:\Program Files\Nero\Update\NASvc.exe
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\windows\system32\nethtsrv.exe
O23 - Service: NVIDIA Display Driver Service (nvsvc) - NVIDIA Corporation - C:\windows\system32\nvvsvc.exe
O23 - Service: Cyberlink RichVideo Service(CRVS) (RichVideo) - Unknown owner - C:\Program Files\Cyberlink\Shared files\RichVideo.exe
O23 - Service: Network Support Service Updater (ServiceUpdater) - Unknown owner - C:\windows\system32\netupdsrv.exe
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files\Skype\Updater\Updater.exe
O23 - Service: WinZiper service (winzipersvc) - Taiwan Shui Mu Chih Ching Technology Limited. - C:\Program Files\WinZipper\winzipersvc.exe
--
End of file - 12007 bytes
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\Check Updates for Windows Live Toolbar.job - C:\Program Files\Windows Live Toolbar\MSNTBUP.EXE
C:\windows\tasks\DriverDoc_UPDATES.job - C:\Program Files\DriverDoc\Solvusoftdd.exe -updatecheck
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3936486237-885273306-554862496-1003Core.job - C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3936486237-885273306-554862496-1003UA.job - C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA1cef836e4cc24bb.job - C:\Program Files\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
=========Mozilla firefox=========
ProfilePath - C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default
prefs.js - "browser.search.useDBForOrder" - true
prefs.js - "browser.startup.homepage" - "http://www.seznam.cz/"
"ext@VideoPlayerV3beta8417.net"=C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff
"quick_start@gmail.com"=C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\quick_start@gmail.com
"ext@RichMediaViewV1release16.net"=C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff
"faststartff@gmail.com"=C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\faststartff@gmail.com
"shortcutff@gmail.com"=C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\shortcutff@gmail.com
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 13.0.0.214 Plugin
"Path"=C:\windows\system32\Macromed\Flash\NPSWF32_13_0_0_214.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/GENUINE]
"Description"=
"Path"=disabled
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Nero.com/KM]
"Description"=
"Path"=C:\PROGRA~1\COMMON~1\Nero\BROWSE~1\NPBROW~1.DLL
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.24.15\npGoogleUpdate3.dll
[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll
C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\searchplugins\
my-web-search.xml
zbocz.xml
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{72853161-30C5-4D22-B7F9-0BBC1D38A37E}]
Groove GFS Browser Helper - C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9fabae98-9297-404b-937f-fe7a11410d7a}]
Rich Media View - C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll [2014-05-13 87552]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AE805869-2E5C-4ED4-8F7B-F1F7851A4497}]
Skype Browser Helper - C:\Program Files\Skype\Toolbars\Internet Explorer\SkypeIEPlugin.dll [2014-03-21 4502400]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BDBD1DAD-C946-4A17-ADC1-64B5B4FF55D0}]
Windows Live Toolbar Helper - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}]
Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-07-26 1493160]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{BDAD1DAD-C946-4A17-ADC1-64B5B4FF55D0} - Windows Live Toolbar - C:\Program Files\Windows Live Toolbar\msntb.dll [2007-02-12 546672]
{D4027C7F-154A-4066-A1AD-4243D8127440} - Nero Toolbar - C:\Program Files\Ask.com\GenericAskToolbar.dll [2011-07-26 1493160]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"IAAnotif"=C:\Program Files\Intel\Intel Matrix Storage Manager\iaanotif.exe [2009-08-07 186904]
"MDS_Menu"=C:\Program Files\Lenovo\MediaShow\MUITransfer\MUIStartMenu.exe [2008-11-15 218408]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2009-07-30 1545512]
"NvCplDaemon"=C:\windows\system32\NvCpl.dll [2009-09-01 13797992]
"RtHDVCpl"=C:\Program Files\Realtek\Audio\HDA\RtHDVCpl.exe [2009-07-20 7625248]
"OnekeyDM"=C:\Program Files\Lenovo\OnekeyDM\OnekeyDM.exe [2009-03-27 335872]
"UpdateP2GShortCut"=C:\Program Files\Lenovo\Power2Go\MUITransfer\MUIStartMenu.exe [2008-12-04 218408]
"EnergyUtility"=C:\Program Files\Lenovo\Energy Management\utility.exe [2009-08-26 4114288]
"Energy Management"=C:\Program Files\Lenovo\Energy Management\Energy Management.exe [2009-06-25 5064520]
"Lenovo SlideNav"=C:\Program Files\Lenovo\Lenovo SlideNav\SlidebarNavigator\SlidebarNavigator.exe [2009-08-19 839680]
"egui"=C:\Program Files\ESET\ESET Smart Security\egui.exe [2012-11-14 5074384]
""= []
"ApnUpdater"=C:\Program Files\Ask.com\Updater\Updater.exe [2011-07-26 397992]
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2011-12-09 74752]
"NBAgent"=C:\Program Files\Nero\Nero 11\Nero BackItUp\NBAgent.exe [2011-09-20 1493288]
"GrooveMonitor"=C:\Program Files\Microsoft Office\Office12\GrooveMonitor.exe [2006-10-27 31016]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
"UCam_Menu"=C:\Program Files\CyberLink\YouCam\MUITransfer\MUIStartMenu.exe [2009-05-19 222504]
"YouCam Mirror Tray icon"=C:\Program Files\CyberLink\YouCam\YouCamTray.exe [2009-06-11 162912]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"Facebook Update"=C:\Users\Anetka\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-01-23 138096]
"cz.seznam.software.autoupdate"=C:\Users\Anetka\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Anetka\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup
Bluetooth.lnk - C:\Program Files\Lenovo\Bluetooth Software\BTTray.exe
C:\Users\Anetka\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\ShellExecuteHooks]
"{B5A7F190-DDA6-4420-B3BA-52453494E6CD}"=C:\PROGRA~1\MICROS~2\Office12\GR469A~1.DLL [2006-10-27 2210608]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\mcmscsvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MCODS]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MpfService]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
"EnableLinkedConnections"=1
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"vidc.cvid"=iccvid.dll
"MSVideo8"=VfWWDM32.dll
"wave4"=wdmaud.drv
"midi4"=wdmaud.drv
"mixer4"=wdmaud.drv
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave3"=wdmaud.drv
"midi3"=wdmaud.drv
"mixer3"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv
"wave5"=wdmaud.drv
"midi5"=wdmaud.drv
"mixer5"=wdmaud.drv
"msacm.clmp3enc"=C:\PROGRA~1\Lenovo\Power2Go\CLMP3Enc.ACM
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-06-24 13:51:45 ----D---- C:\Program Files\trend micro
2014-06-24 13:51:43 ----D---- C:\rsit
2014-06-24 07:47:36 ----A---- C:\awhD896.tmp
2014-06-21 21:32:00 ----A---- C:\windows\system32\drivers\MBAMSwissArmy.sys
2014-06-21 21:31:18 ----A---- C:\windows\system32\drivers\mbamchameleon.sys
2014-06-21 21:31:17 ----D---- C:\ProgramData\Malwarebytes
2014-06-21 21:31:17 ----D---- C:\Program Files\Malwarebytes Anti-Malware
2014-06-21 21:31:17 ----A---- C:\windows\system32\drivers\mwac.sys
2014-06-21 21:31:17 ----A---- C:\windows\system32\drivers\mbam.sys
2014-06-21 15:39:36 ----A---- C:\awh7164.tmp
2014-06-20 05:34:28 ----D---- C:\Program Files\Common Files\Config
2014-06-17 02:27:28 ----A---- C:\windows\system32\drivers\nethfdrv.sys
2014-06-17 02:27:12 ----N---- C:\windows\system32\netupdsrv.exe
2014-06-17 02:27:02 ----A---- C:\windows\system32\installd.exe
2014-06-17 02:26:52 ----N---- C:\windows\system32\nethtsrv.exe
2014-06-17 02:26:42 ----A---- C:\windows\system32\hfnapi.dll
2014-06-17 02:26:32 ----A---- C:\windows\system32\hfpapi.dll
2014-06-14 11:58:33 ----D---- C:\Users\Anetka\AppData\Roaming\KASTNER software
2014-06-14 11:58:33 ----D---- C:\Program Files\KASTNER software
2014-06-12 14:18:42 ----D---- C:\Users\Anetka\AppData\Roaming\337Games
2014-06-12 14:18:42 ----D---- C:\ProgramData\IePluginServices
2014-06-11 01:13:55 ----D---- C:\Program Files\Mozilla Firefox
2014-06-10 23:35:42 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-06-10 23:35:42 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-06-10 23:35:42 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-06-10 23:35:42 ----A---- C:\windows\system32\ieetwcollector.exe
2014-06-10 23:35:41 ----A---- C:\windows\system32\urlmon.dll
2014-06-10 23:35:41 ----A---- C:\windows\system32\jsproxy.dll
2014-06-10 23:35:41 ----A---- C:\windows\system32\ieUnatt.exe
2014-06-10 23:35:41 ----A---- C:\windows\system32\iernonce.dll
2014-06-10 23:35:40 ----A---- C:\windows\system32\msfeeds.dll
2014-06-10 23:35:40 ----A---- C:\windows\system32\dxtmsft.dll
2014-06-10 23:35:39 ----A---- C:\windows\system32\msrating.dll
2014-06-10 23:35:39 ----A---- C:\windows\system32\iesetup.dll
2014-06-10 23:35:39 ----A---- C:\windows\system32\ie4uinit.exe
2014-06-10 23:35:37 ----A---- C:\windows\system32\wininet.dll
2014-06-10 23:35:37 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-06-10 23:35:37 ----A---- C:\windows\system32\ieapfltr.dll
2014-06-10 23:35:36 ----A---- C:\windows\system32\ieui.dll
2014-06-10 23:35:36 ----A---- C:\windows\system32\dxtrans.dll
2014-06-10 23:35:35 ----A---- C:\windows\system32\ieframe.dll
2014-06-10 23:35:34 ----A---- C:\windows\system32\mshtmled.dll
2014-06-10 23:35:33 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-06-10 23:35:33 ----A---- C:\windows\system32\iertutil.dll
2014-06-10 23:35:32 ----A---- C:\windows\system32\jscript9diag.dll
2014-06-10 23:35:31 ----A---- C:\windows\system32\mshtml.dll
2014-06-10 23:35:30 ----A---- C:\windows\system32\vbscript.dll
2014-06-10 23:35:29 ----A---- C:\windows\system32\jscript9.dll
2014-06-10 23:34:59 ----A---- C:\windows\system32\msxml6.dll
2014-06-10 23:34:59 ----A---- C:\windows\system32\msxml3.dll
2014-06-10 23:34:58 ----A---- C:\windows\system32\msxml6r.dll
2014-06-10 23:34:58 ----A---- C:\windows\system32\msxml3r.dll
2014-06-10 23:34:57 ----A---- C:\windows\system32\drivers\tcpip.sys
2014-06-10 23:34:56 ----A---- C:\windows\system32\drivers\FWPKCLNT.SYS
2014-06-10 23:34:54 ----A---- C:\windows\system32\aepdu.dll
2014-06-10 23:34:54 ----A---- C:\windows\system32\aeinv.dll
2014-06-10 23:34:52 ----A---- C:\windows\system32\usp10.dll
======List of files/folders modified in the last 1 month======
2014-06-24 13:55:48 ----D---- C:\windows\Temp
2014-06-24 13:51:45 ----RD---- C:\Program Files
2014-06-24 13:00:17 ----D---- C:\Program Files\WinZipper
2014-06-24 12:57:12 ----D---- C:\windows\system32\config
2014-06-24 12:54:12 ----D---- C:\windows\system32\NDF
2014-06-24 12:50:40 ----D---- C:\Users\Anetka\AppData\Roaming\Seznam.cz
2014-06-24 12:49:16 ----D---- C:\windows\System32
2014-06-24 12:49:16 ----D---- C:\windows\inf
2014-06-24 12:49:16 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-06-24 12:47:24 ----D---- C:\windows\system32\Tasks
2014-06-24 12:45:52 ----D---- C:\windows\Prefetch
2014-06-24 11:21:56 ----D---- C:\Program Files\HandyUpdater
2014-06-21 21:44:19 ----HD---- C:\ProgramData
2014-06-21 21:44:19 ----D---- C:\windows\system32\catroot2
2014-06-21 21:44:10 ----D---- C:\Windows
2014-06-21 21:43:36 ----D---- C:\ProgramData\WPM
2014-06-21 21:43:35 ----D---- C:\windows\system32\drivers
2014-06-21 21:43:35 ----D---- C:\windows\ehome
2014-06-21 21:41:49 ----D---- C:\Program Files\Common Files\337
2014-06-21 21:41:45 ----D---- C:\ProgramData\eSafe
2014-06-21 21:41:33 ----D---- C:\Users\Anetka\AppData\Roaming\SupTab
2014-06-21 20:57:44 ----D---- C:\windows\Minidump
2014-06-21 20:56:40 ----D---- C:\Program Files\CCleaner
2014-06-21 08:52:27 ----SHD---- C:\System Volume Information
2014-06-20 05:34:28 ----D---- C:\Program Files\Common Files
2014-06-17 23:06:45 ----D---- C:\Filmy
2014-06-17 13:30:02 ----SHD---- C:\windows\Installer
2014-06-15 19:52:14 ----D---- C:\Program Files\Mozilla Maintenance Service
2014-06-12 15:49:24 ----D---- C:\Program Files\Fakturačka
2014-06-12 11:21:43 ----D---- C:\windows\rescache
2014-06-11 13:32:30 ----D---- C:\windows\winsxs
2014-06-11 13:29:58 ----D---- C:\windows\system32\en-US
2014-06-11 13:29:57 ----D---- C:\Program Files\Internet Explorer
2014-06-11 13:29:55 ----SD---- C:\windows\system32\CompatTel
2014-06-11 13:29:54 ----D---- C:\windows\system32\DriverStore
2014-06-10 23:34:16 ----D---- C:\windows\system32\catroot
2014-06-01 07:36:25 ----D---- C:\Users\Anetka\AppData\Roaming\vlc
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 epfwwfp;epfwwfp; C:\windows\system32\DRIVERS\epfwwfp.sys [2012-10-08 53224]
R0 iaStor;Intel AHCI Controller; C:\windows\system32\DRIVERS\iaStor.sys [2009-08-07 330264]
R0 LPCFilter;LPC Lower Filter Driver; C:\windows\system32\DRIVERS\LPCFilter.sys [2009-07-02 36208]
R0 NBVol;Nero Backup Volume Filter Driver; C:\windows\system32\DRIVERS\NBVol.sys [2011-07-13 56496]
R0 NBVolUp;Nero Backup Volume Upper Filter Driver; C:\windows\system32\DRIVERS\NBVolUp.sys [2011-07-13 12464]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 173440]
R1 eamonm;eamonm; C:\windows\system32\DRIVERS\eamonm.sys [2012-10-08 170656]
R1 ehdrv;ehdrv; C:\windows\system32\DRIVERS\ehdrv.sys [2012-10-08 121216]
R1 EpfwLWF;Epfw NDIS LightWeight Filter; C:\windows\system32\DRIVERS\EpfwLWF.sys [2012-10-08 46056]
R1 funfrm;funfrm; C:\windows\system32\drivers\funfrm.sys [2009-11-28 54800]
R1 nethfdrv;nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys [2014-06-17 40528]
R2 epfw;epfw; C:\windows\system32\DRIVERS\epfw.sys [2012-10-08 149568]
R3 ACPIVPC;Lenovo Virtual Power Controller Driver; C:\windows\system32\DRIVERS\AcpiVpc.sys [2009-05-19 21520]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 34816]
R3 BthPan;Zařízení Bluetooth (síť PAN); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 93696]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 60416]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2009-07-01 86056]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\drivers\btwavdt.sys [2009-07-01 108072]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2009-04-07 29472]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2009-07-01 18344]
R3 Cam5607;Lenovo EasyCamera ; C:\windows\System32\Drivers\BisonC07.sys [2009-08-21 1180016]
R3 enecir;ENE CIR Receiver; C:\windows\system32\DRIVERS\enecir.sys [2009-06-29 59904]
R3 enecirhid;ENE CIR HID Receiver; C:\windows\system32\DRIVERS\enecirhid.sys [2009-05-19 11776]
R3 enecirhidma;ENE CIR HIDmini Filter; C:\windows\system32\DRIVERS\enecirhidma.sys [2008-04-24 5632]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\windows\system32\drivers\RTKVHDA.sys [2009-07-20 2664032]
R3 k57nd60x;Broadcom NetLink (TM) Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\k57nd60x.sys [2009-06-07 273448]
R3 MBAMProtector;MBAMProtector; \??\C:\windows\system32\drivers\mbam.sys [2014-05-12 23256]
R3 MBAMSwissArmy;MBAMSwissArmy; \??\C:\windows\system32\drivers\MBAMSwissArmy.sys [2014-06-24 110296]
R3 MBAMWebAccessControl;MBAMWebAccessControl; \??\C:\windows\system32\drivers\mwac.sys [2014-05-12 51928]
R3 netw5v32;Intel(R) Wireless WiFi Link 5000 Series Adapter Driver for Windows Vista 32 Bit; C:\windows\system32\DRIVERS\netw5v32.sys [2009-05-14 4231680]
R3 NVHDA;Service for NVIDIA High Definition Audio Driver; C:\windows\system32\drivers\nvhda32v.sys [2009-08-11 66592]
R3 RFCOMM;Zařízení Bluetooth (RFCOMM protokol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 129536]
R3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2009-07-30 219056]
R3 wdmirror;wdmirror; C:\windows\system32\DRIVERS\WDMirror.sys [2009-07-16 11792]
S2 Parvdm;Parvdm; C:\windows\system32\DRIVERS\parvdm.sys [2009-07-14 8704]
S3 aic78xx;aic78xx; C:\windows\system32\DRIVERS\djsvs.sys [2009-07-14 70720]
S3 amdagp;Ovladač filtru AMD portu AGP; C:\windows\system32\drivers\amdagp.sys [2009-07-14 53312]
S3 b57nd60x;Broadcom NetXtreme Gigabit Ethernet - NDIS 6.0; C:\windows\system32\DRIVERS\b57nd60x.sys [2009-07-14 229888]
S3 Bridge0;Bridge0; C:\windows\system32\drivers\WDBridge.sys [2009-07-28 63240]
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 393728]
S3 igfx;igfx; C:\windows\system32\DRIVERS\igdkmd32.sys [2009-06-10 4756480]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12368]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2009-07-30 171520]
S3 RtsUIR;Realtek IR Driver; C:\windows\system32\DRIVERS\Rts516xIR.sys []
S3 sisagp;Filtr SIS sběrnice AGP; C:\windows\system32\drivers\sisagp.sys [2009-07-14 52304]
S3 TsUsbFlt;@%SystemRoot%\system32\drivers\tsusbflt.sys,-1; C:\windows\System32\drivers\tsusbflt.sys [2010-11-20 52224]
S3 USBCCID;Realtek Smartcard Reader Driver; C:\windows\system32\DRIVERS\RtsUCcid.sys []
S3 usbscan;Ovladač skeneru USB; C:\windows\system32\drivers\usbscan.sys [2013-07-03 36352]
S3 viaagp;Filtr VIA sběrnice AGP; C:\windows\system32\drivers\viaagp.sys [2009-07-14 53328]
S3 ViaC7;Ovladač procesoru VIA C7; C:\windows\system32\DRIVERS\viac7.sys [2009-07-14 52736]
S3 WimFltr;WimFltr; C:\windows\system32\DRIVERS\wimfltr.sys [2008-08-06 128104]
S3 wsvd;wsvd; C:\windows\system32\DRIVERS\wsvd.sys [2009-07-21 81704]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AdobeARMservice;Adobe Acrobat Update Service; C:\Program Files\Common Files\Adobe\ARM\1.0\armsvc.exe [2013-12-21 65432]
R2 BcmSqlStartupSvc;Služba spouštění serveru SQL Server aplikace Business Contact Manager; C:\Program Files\Microsoft Small Business\Business Contact Manager\BcmSqlStartupSvc.exe [2008-01-16 30312]
R2 btwdins;Bluetooth Service; C:\Program Files\Lenovo\Bluetooth Software\btwdins.exe [2009-07-01 582944]
R2 c2cautoupdatesvc;Skype Click to Call Updater; C:\Program Files\Skype\Toolbars\AutoUpdate\SkypeC2CAutoUpdateSvc.exe [2014-04-11 1390720]
R2 c2cpnrsvc;Skype Click to Call PNR Service; C:\Program Files\Skype\Toolbars\PNRSvc\SkypeC2CPNRSvc.exe [2014-04-11 1764992]
R2 ekrn;ESET Service; C:\Program Files\ESET\ESET Smart Security\ekrn.exe [2012-11-14 1329304]
R2 HPSLPSVC;HP Network Devices Support; C:\windows\system32\svchost.exe [2009-07-14 20992]
R2 IAANTMON;Intel(R) Matrix Storage Event Monitor; C:\Program Files\Intel\Intel Matrix Storage Manager\IAANTMon.exe [2009-08-07 354840]
R2 IGRS;IGRS; C:\Program Files\Lenovo\ReadyComm\common\IGRS.exe [2009-07-14 38152]
R2 MBAMService;MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [2014-05-12 860472]
R2 MBAMScheduler;MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [2014-05-12 1809720]
R2 NAUpdate;@C:\Program Files\Nero\Update\NASvc.exe,-200; C:\Program Files\Nero\Update\NASvc.exe [2011-09-23 641832]
R2 NetHttpService;Network HTTP Support Service; C:\windows\system32\nethtsrv.exe [2014-06-17 180224]
R2 nvsvc;NVIDIA Display Driver Service; C:\windows\system32\nvvsvc.exe [2009-09-01 211560]
R2 ReadyComm.DirectRouter;ReadyComm.DirectRouter; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
R2 RichVideo;Cyberlink RichVideo Service(CRVS); C:\Program Files\Cyberlink\Shared files\RichVideo.exe [2009-07-17 244904]
R2 ServiceUpdater;Network Support Service Updater; C:\windows\system32\netupdsrv.exe [2014-06-17 162304]
R2 SQLWriter;SQL Server VSS Writer; c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe [2008-11-25 87904]
R2 winzipersvc;WinZiper service; C:\Program Files\WinZipper\winzipersvc.exe [2014-02-26 425104]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-04 116648]
S2 SkypeUpdate;Skype Updater; C:\Program Files\Skype\Updater\Updater.exe [2013-02-28 161384]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2014-05-13 257712]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2012-12-04 116648]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-05-30 108032]
S3 Lenovo ReadyComm AppSvc;Lenovo ReadyComm AppSvc; C:\Program Files\Lenovo\ReadyComm\AppSvc.exe [2009-07-28 414984]
S3 Lenovo ReadyComm ConnSvc;Lenovo ReadyComm ConnSvc; C:\Program Files\Lenovo\ReadyComm\ConnSvc.exe [2009-07-28 472328]
S3 Microsoft Office Groove Audit Service;Microsoft Office Groove Audit Service; C:\Program Files\Microsoft Office\Office12\GrooveAuditService.exe [2006-10-27 65824]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2014-06-11 119408]
S3 MSSQL$MSSMLBIZ;SQL Server (MSSMLBIZ); c:\Program Files\Microsoft SQL Server\MSSQL.1\MSSQL\Binn\sqlservr.exe [2008-11-25 29263712]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2006-10-26 441136]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 PS_MDP;ReadyComm Presentation Space Helper Service; C:\windows\System32\IgrsSvcs.exe [2009-07-14 20992]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2012-12-09 1343400]
S4 aspnet_state;ASP.NET State Service; C:\windows\Microsoft.NET\Framework\v4.0.30319\aspnet_state.exe [2013-09-11 46688]
S4 MSSQLServerADHelper;SQL Server Active Directory Helper; c:\Program Files\Microsoft SQL Server\90\Shared\sqladhlp90.exe [2008-11-25 45408]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 SQLBrowser;SQL Server Browser; c:\Program Files\Microsoft SQL Server\90\Shared\sqlbrowser.exe [2008-11-25 239968]
-----------------EOF-----------------
Re: Prosím o kontrolu
ESET odinstalujte a nainstalujte Avast Free http://www.avast.com/cs-cz/index Vidim nainstalovany MBAM, delal jste sken?? Log z nej by byl??"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Včera ho prý sestra nainstalovala ze zoufalosti, zde log z něj.. Jinak Avast právě nainstalovávám
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 24.6.2014
Scan Time: 14:12:27
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.06.24.07
Rootkit Database: v2014.06.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Anetka
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 249805
Time Elapsed: 8 min, 52 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\nethtsrv.exe, 2344, , [f552c7b5700be056ba6765442ad8629e]
Modules: 0
(No malicious items detected)
Registry Keys: 11
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{9fabae98-9297-404b-937f-fe7a11410d7a}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{28e0a3ff-ede4-4bea-b964-c4f194b353db}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{78F856F1-D06B-447E-90B3-21147A299A2F}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9FABAE98-9297-404B-937F-FE7A11410D7A}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{9FABAE98-9297-404B-937F-FE7A11410D7A}\INPROCSERVER32, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3936486237-885273306-554862496-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, , [66e11b615f1ccd6911026ddac73b738d],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3936486237-885273306-554862496-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, , [6adda2da7605a29462b32b1ca062649c],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nethfdrv, , [cd7a8defd7a479bd5ec2e6c32fd342be],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetHttpService, , [f552c7b5700be056ba6765442ad8629e],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\RichMediaViewV1release16, , [cb7c6814e893e65037686a4761a1ec14],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICEUPDATER, , [d1764b3185f63501b94a57abe71d3dc3],
Registry Values: 6
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@VideoPlayerV3beta8417.net, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff, , [c186bdbfed8ea09630755c63d1311ee2]
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\quick_start@gmail.com, , [6bdcfe7ea2d9d85ed29eead69072728e]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release16.net, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff, , [4304d7a5a3d8d06689152d8417eb45bb]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\faststartff@gmail.com, , [0146403cafcc6acc8d85e9193ec65da3]
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETHTTPSERVICE|ImagePath, C:\windows\system32\nethtsrv.exe, , [dd6a90ecc3b816206b9740c25ca8916f]
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICEUPDATER|ImagePath, C:\windows\system32\netupdsrv.exe, , [d1764b3185f63501b94a57abe71d3dc3]
Registry Data: 2
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX, Good: (firefox.exe), Bad: ("C:\Program Files\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX),,[0b3cf4887a01ea4c35c7137238cc748c]
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX, Good: (Chrome.exe), Bad: ("C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX),,[b98e92ea0c6fb482e718355026decf31]
Folders: 127
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\de, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\en, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es_419, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-BE, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CA, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CH, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-LU, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it-CH, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ja, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pl, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_BR, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_PT, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ru, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\tr, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\vi, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_CN, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_TW, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_metadata, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ch, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons\default, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ie, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.MindSpark.A, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\Retrogamer_4w, , [1d2a601cb5c680b69791a1f99f63e818],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ch, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\icons, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\icons\default, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [8fb886f65922f0466cfbd0d630d2946c],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [8fb886f65922f0466cfbd0d630d2946c],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\de, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en_US, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es_419, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-BE, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CA, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CH, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-LU, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\it-CH, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ja, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\lt, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pl, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_BR, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_PT, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ru, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\tr, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\vi, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_CN, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_TW, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_metadata, , [1c2b6a12057681b547c55d4aac5609f7],
Files: 233
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\drivers\nethfdrv.sys, , [cd7a8defd7a479bd5ec2e6c32fd342be],
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\nethtsrv.exe, , [f552c7b5700be056ba6765442ad8629e],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage, , [e562641894e754e247656445f210c13f],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage-journal, , [291eed8f94e70d297a323e6bb54d9769],
PUP.Optional.Delta.A, C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml, , [9cabfa8223580d29e60a6c3d62a09e62],
PUP.Optional.MyWebSearch.A, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\searchplugins\my-web-search.xml, , [1730a9d39cdf7db98d0db6f57a887090],
PUP.Optional.Superfish.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [cd7a3b414734ff37f2a3783bbb477789],
PUP.Optional.Superfish.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [68df037984f7f145d8bd05aef30fd828],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, , [7ccb80fcf78483b3f5c70bf6f014db25],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\background.html, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\index.html, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\jump.html, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\manifest.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\bookmarks.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\img\searchButton.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\classification.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin\del.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin\main.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin\selected.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\cloud.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\cloudApp.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\cloudWebsite.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\createWebsite.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\buttonBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\categoryBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\icons.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\searchBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\searchButton.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\searchLeft.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\selected.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\tabsBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog\img\skin\headerBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\extensions.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide\guide.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\lastVisited.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice\notice.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\search.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\img\search.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\setup.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\skin\dialBoxStyle.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\skin\icons.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oBookmarks.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oDownloads.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oExtensions.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oHistory.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oNewtab.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\cloudWallpaper.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\skins.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\categoryBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\delete.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\download.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\icons.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\loading.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\weather.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\line.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\locationIcon.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\searchButton.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\weather.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\css\all.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\game.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\icon_128.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\icon_16.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\icon_48.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\shopping.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\weather.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\webstore.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\default.jpg, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\iconsprite.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\idialog_s.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\ios5_button.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\left.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\loading.gif, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\loading2.gif, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\qBoxBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_bg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_bg0.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_left.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_left0.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_right.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_right0.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\right.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\selected.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\titleBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\all.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\background.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\ga.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\jq.mobi.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\jump.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\pop.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\redirect.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\xagainit.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\de\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\en\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es_419\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-BE\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CA\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CH\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-LU\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it-CH\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ja\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pl\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_BR\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_PT\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ru\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\tr\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\vi\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_CN\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_TW\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_metadata\verified_contents.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ch\VideoPlayerV3beta8417.crx, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome.manifest, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\install.rdf, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\ffVideoPlayerV3beta8417.js, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\ffVideoPlayerV3beta8417ffaction.js, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\overlay.xul, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons\Thumbs.db, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons\default\VideoPlayerV3beta8417_32.png, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.MindSpark.A, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\Retrogamer_4w\1D8AF91F-649A-481A-887D-7595E0D217B0.sqlite, , [1d2a601cb5c680b69791a1f99f63e818],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ch\RichMediaViewV1release16.crx, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome.manifest, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\install.rdf, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\ffRichMediaViewV1release16.js, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\ffRichMediaViewV1release16ffaction.js, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\overlay.xul, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\icons\Thumbs.db, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\background.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\manifest.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\appbox.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\appbox.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\appbox.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images\bg_item_hover.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images\bg_title.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images\weather.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\bookmark.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\bookmark.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\bookmark.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images\bmicon.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images\bookico.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images\wedo.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\css\container.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\game.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\game.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\game.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images\337.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images\bg_title.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\add.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\addhover.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\appbox.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\bookmark.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\btn_close.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\download.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\facebook.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\games.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\joke.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\loading.gif, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\logo128.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\logo16.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\logo48.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\poparrow.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\search.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\triangle.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\joke.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\joke.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\joke.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\btn_copy.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\btn_share.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\imgloaderr.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\loading.gif, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\mask.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\tbar.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\titlebar.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\background.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\inject.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\jquery-1.7.1.min.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\xagainit.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\jquery.autocomplete.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\search.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\search.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\search.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\bg_title.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\facebook.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\google.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\googletrend.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\yahoo.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\youtube.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\de\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en_US\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es_419\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-BE\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CA\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CH\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-LU\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\it-CH\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ja\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\lt\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pl\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_BR\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_PT\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ru\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\tr\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\vi\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_CN\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_TW\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_metadata\verified_contents.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QV06.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www.qvo6.com/?utm_source=b&utm_m ... 1376284290",), ,[2423f68605763bfb079d397aea1a04fc]
PUP.Optional.QV06.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.qvo6.com/?utm_source=b&utm_m ... 1376284290" ],), ,[13347606304b49eda1356f4447bdee12]
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 24.6.2014
Scan Time: 14:12:27
Logfile:
Administrator: Yes
Version: 2.00.2.1012
Malware Database: v2014.06.24.07
Rootkit Database: v2014.06.23.02
License: Trial
Malware Protection: Enabled
Malicious Website Protection: Enabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x86
File System: NTFS
User: Anetka
Scan Type: Threat Scan
Result: Completed
Objects Scanned: 249805
Time Elapsed: 8 min, 52 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 1
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\nethtsrv.exe, 2344, , [f552c7b5700be056ba6765442ad8629e]
Modules: 0
(No malicious items detected)
Registry Keys: 11
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{9fabae98-9297-404b-937f-fe7a11410d7a}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{28e0a3ff-ede4-4bea-b964-c4f194b353db}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{78F856F1-D06B-447E-90B3-21147A299A2F}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{9FABAE98-9297-404B-937F-FE7A11410D7A}, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\CLASSES\CLSID\{9FABAE98-9297-404B-937F-FE7A11410D7A}\INPROCSERVER32, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3936486237-885273306-554862496-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{312F84FB-8970-4FD3-BDDB-7012EAC4AFC9}, , [66e11b615f1ccd6911026ddac73b738d],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3936486237-885273306-554862496-1003-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{C547C6C2-561B-4169-A2A5-20BA771CA93B}, , [6adda2da7605a29462b32b1ca062649c],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\nethfdrv, , [cd7a8defd7a479bd5ec2e6c32fd342be],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NetHttpService, , [f552c7b5700be056ba6765442ad8629e],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\RichMediaViewV1release16, , [cb7c6814e893e65037686a4761a1ec14],
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICEUPDATER, , [d1764b3185f63501b94a57abe71d3dc3],
Registry Values: 6
PUP.Optional.VideoPlayer.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@VideoPlayerV3beta8417.net, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff, , [c186bdbfed8ea09630755c63d1311ee2]
PUP.Optional.QuickStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|quick_start@gmail.com, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\quick_start@gmail.com, , [6bdcfe7ea2d9d85ed29eead69072728e]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release16.net, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff, , [4304d7a5a3d8d06689152d8417eb45bb]
PUP.Optional.FastStart.A, HKLM\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|faststartff@gmail.com, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\extensions\faststartff@gmail.com, , [0146403cafcc6acc8d85e9193ec65da3]
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\NETHTTPSERVICE|ImagePath, C:\windows\system32\nethtsrv.exe, , [dd6a90ecc3b816206b9740c25ca8916f]
PUP.Optional.NetworkUpdate.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\SERVICEUPDATER|ImagePath, C:\windows\system32\netupdsrv.exe, , [d1764b3185f63501b94a57abe71d3dc3]
Registry Data: 2
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\FIREFOX.EXE\SHELL\OPEN\COMMAND, "C:\Program Files\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX, Good: (firefox.exe), Bad: ("C:\Program Files\Mozilla Firefox\firefox.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX),,[0b3cf4887a01ea4c35c7137238cc748c]
PUP.Optional.Delta.A, HKLM\SOFTWARE\CLIENTS\STARTMENUINTERNET\GOOGLE CHROME\SHELL\OPEN\COMMAND, "C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX, Good: (Chrome.exe), Bad: ("C:\Program Files\Google\Chrome\Application\chrome.exe" http://www.delta-homes.com/?type=sc&ts= ... 4Q6KDGTULX),,[b98e92ea0c6fb482e718355026decf31]
Folders: 127
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\de, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\en, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es_419, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-BE, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CA, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CH, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-LU, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it-CH, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ja, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pl, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_BR, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_PT, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ru, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\tr, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\vi, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_CN, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_TW, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_metadata, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ch, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons\default, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ie, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.MindSpark.A, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\Retrogamer_4w, , [1d2a601cb5c680b69791a1f99f63e818],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ch, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\icons, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\icons\default, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices, , [8fb886f65922f0466cfbd0d630d2946c],
PUP.Optional.IePluginServices.A, C:\ProgramData\IePluginServices\update, , [8fb886f65922f0466cfbd0d630d2946c],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\de, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en_US, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es_419, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-BE, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CA, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CH, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-LU, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\it-CH, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ja, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\lt, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pl, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_BR, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_PT, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ru, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\tr, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\vi, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_CN, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_TW, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_metadata, , [1c2b6a12057681b547c55d4aac5609f7],
Files: 233
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ie\RichMediaViewV1release16.dll, , [d770b9c35526ef47e8601d9445bf53ad],
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\drivers\nethfdrv.sys, , [cd7a8defd7a479bd5ec2e6c32fd342be],
PUP.Optional.NetworkUpdate.A, C:\Windows\System32\nethtsrv.exe, , [f552c7b5700be056ba6765442ad8629e],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage, , [e562641894e754e247656445f210c13f],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_ainbkicbloikcngphmjfpjdemblcojdd_0.localstorage-journal, , [291eed8f94e70d297a323e6bb54d9769],
PUP.Optional.Delta.A, C:\Program Files\Mozilla Firefox\browser\searchplugins\delta-homes.xml, , [9cabfa8223580d29e60a6c3d62a09e62],
PUP.Optional.MyWebSearch.A, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\searchplugins\my-web-search.xml, , [1730a9d39cdf7db98d0db6f57a887090],
PUP.Optional.Superfish.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage, , [cd7a3b414734ff37f2a3783bbb477789],
PUP.Optional.Superfish.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\http_www.superfish.com_0.localstorage-journal, , [68df037984f7f145d8bd05aef30fd828],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Local Storage\chrome-extension_pelmeidfhdlhlbjimpabfcbnnojbboma_0.localstorage, , [7ccb80fcf78483b3f5c70bf6f014db25],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\background.html, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\index.html, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\jump.html, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\manifest.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\bookmarks.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\bookmarks\img\searchButton.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\classification.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin\del.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin\main.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\classification\img\skin\selected.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\cloud.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\cloudApp.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\cloudWebsite.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\createWebsite.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\buttonBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\categoryBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\icons.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\searchBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\searchButton.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\searchLeft.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\selected.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\cloud\img\skin\tabsBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\dialog\img\skin\headerBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\extensions.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\extensions\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide\guide.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\guide\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\lastVisited.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\lastVisited\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice\notice.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\notice\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\search.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\search\img\search.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\setup.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\skin\dialBoxStyle.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\setup\img\skin\icons.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oBookmarks.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oDownloads.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oExtensions.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oHistory.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\shortcuts\img\oNewtab.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\cloudWallpaper.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\skins.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\categoryBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\delete.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\download.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\icons.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\skins\img\skin\loading.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\weather.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\css\style.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\logo.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\line.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\locationIcon.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\searchButton.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\app\weather\img\skin\weather.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\css\all.css, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\game.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\icon_128.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\icon_16.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\icon_48.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\shopping.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\weather.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\webstore.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\default.jpg, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\iconsprite.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\idialog_s.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\ios5_button.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\left.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\loading.gif, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\loading2.gif, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\qBoxBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_bg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_bg0.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_left.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_left0.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_right.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\q_right0.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\right.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\selected.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\img\skin\titleBg.png, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\all.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\background.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\ga.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\jq.mobi.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\jump.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\pop.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\redirect.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\js\xagainit.js, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\de\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\en\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\es_419\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-BE\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CA\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-CH\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\fr-LU\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\it-CH\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ja\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pl\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_BR\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\pt_PT\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\ru\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\tr\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\vi\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_CN\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_locales\zh_TW\messages.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.QuickStart.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\pelmeidfhdlhlbjimpabfcbnnojbboma\4.4.7_0\_metadata\verified_contents.json, , [3b0cdd9f7605af8725b0a5f1669c629e],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ch\VideoPlayerV3beta8417.crx, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome.manifest, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\install.rdf, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\ffVideoPlayerV3beta8417.js, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\ffVideoPlayerV3beta8417ffaction.js, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\overlay.xul, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons\Thumbs.db, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.VideoPlayer.A, C:\Program Files\VideoPlayerV3\VideoPlayerV3beta8417\ff\chrome\content\icons\default\VideoPlayerV3beta8417_32.png, , [8bbc2359116a092db690484f699947b9],
PUP.Optional.MindSpark.A, C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\Retrogamer_4w\1D8AF91F-649A-481A-887D-7595E0D217B0.sqlite, , [1d2a601cb5c680b69791a1f99f63e818],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ch\RichMediaViewV1release16.crx, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome.manifest, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\install.rdf, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\ffRichMediaViewV1release16.js, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\ffRichMediaViewV1release16ffaction.js, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\overlay.xul, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.RichMediaView.A, C:\Program Files\RichMediaViewV1\RichMediaViewV1release16\ff\chrome\content\icons\Thumbs.db, , [7ccb116b39428fa76159e9b78d75a858],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\background.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\manifest.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\appbox.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\appbox.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\appbox.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images\bg_item_hover.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images\bg_title.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\appbox\images\weather.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\bookmark.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\bookmark.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\bookmark.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images\bmicon.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images\bookico.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\bookmark\images\wedo.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\css\container.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\game.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\game.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\game.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images\337.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\game\images\bg_title.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\add.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\addhover.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\appbox.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\bookmark.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\btn_close.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\download.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\facebook.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\games.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\joke.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\loading.gif, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\logo128.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\logo16.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\logo48.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\poparrow.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\search.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\img\triangle.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\joke.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\joke.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\joke.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\btn_copy.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\btn_share.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\imgloaderr.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\loading.gif, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\mask.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\tbar.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\joke\images\titlebar.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\background.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\inject.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\jquery-1.7.1.min.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\js\xagainit.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\jquery.autocomplete.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\search.css, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\search.html, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\search.js, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\bg_title.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\facebook.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\google.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\googletrend.png, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\yahoo.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\search\images\youtube.ico, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\de\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\en_US\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\es_419\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-BE\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CA\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-CH\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\fr-LU\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\it-CH\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ja\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\lt\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pl\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_BR\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\pt_PT\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\ru\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\tr\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\vi\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_CN\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_locales\zh_TW\messages.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QuickSideBar.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ainbkicbloikcngphmjfpjdemblcojdd\1.1.4_0\_metadata\verified_contents.json, , [1c2b6a12057681b547c55d4aac5609f7],
PUP.Optional.QV06.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "homepage": "http://www.qvo6.com/?utm_source=b&utm_m ... 1376284290",), ,[2423f68605763bfb079d397aea1a04fc]
PUP.Optional.QV06.A, C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Preferences, Good: (), Bad: ( "startup_urls": [ "http://www.qvo6.com/?utm_source=b&utm_m ... 1376284290" ],), ,[13347606304b49eda1356f4447bdee12]
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Prosím o kontrolu
MBAM to docela procistil Dokoncete instalaci Avastu Stahnete Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
- Ulozte nejlepe na plochu
- Po spusteni se zobrazi licencni podminky, stisknete libovolnou klavesu
- Probehne vytvoreni zalohy a nasledne prohledavani
- Probehne skenovani a pak se objevi log, pripadne bude ulozen v c:\JRT jako JRT.txt, ten sem vlozte
Stahnete AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
- Ulozte nejlepe na plochu
- Ukoncete vsechny programy
- Kliknete na Scan a nasledne Clean
- Probehne oprava, restart PC a pak se objevi log, pripadne bude ulozen ve slozce c:\AdwCleaner\AdwCleaner[S?].txt, ten sem vlozte
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.Re: Prosím o kontrolu
Přikládam log z Junkware removal tool. z AdwCleaneru přidám za chvilku
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x86
Ran by Anetka on Łt 24.06.2014 at 20:31:42,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"
~~~ Files
Successfully deleted: [File] "C:\windows\System32\Tasks\desk 365 runasstduser"
Successfully deleted: [File] "C:\windows\System32\Tasks\scheduled update for ask toolbar"
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully repaired: [Shortcut] C:\Users\Anetka\desktop\Google Chrome.lnk
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Program Files\videoplayerv3"
Successfully deleted: [Folder] "C:\Program Files\Common Files\software update utility"
Successfully deleted: [Folder] "C:\Users\Anetka\AppData\Local\asktoolbar"
Successfully deleted: [Folder] "C:\Users\Anetka\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files\ask.com"
Successfully deleted: [Folder] "C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Successfully deleted the following from C:\Users\Anetka\AppData\Roaming\mozilla\firefox\profiles\kzw77p7v.default\prefs.js
user_pref("browser.search.defaultenginename", "delta-homes");
user_pref("browser.search.order.1", "qvo6");
user_pref("browser.search.selectedEngine", "delta-homes");
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._4wMembers_.lastActivePing", "1403291900070");
user_pref("extensions.toolbar.mindspark._4wMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=AE66BE29-5121-4B26-8666-C5AF65B9CF7C&n=77fce69d&p2=^HJ^xdm073^YY^cz
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.user.defined", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013062813");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "AE66BE29-5121-4B26-8666-C5AF65B9CF7C");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1374752527169");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", false);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
user_pref("extensions.toolbar.mindspark.lastInstalled", "retrogamer@mindspark.com");
Emptied folder: C:\Users\Anetka\AppData\Roaming\mozilla\firefox\profiles\kzw77p7v.default\minidumps [76 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 24.06.2014 at 20:38:00,41
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.3 (03.23.2014:1)
OS: Windows 7 Home Premium x86
Ran by Anetka on Łt 24.06.2014 at 20:31:42,05
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
~~~ Services
~~~ Registry Values
~~~ Registry Keys
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\dnu.exe
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\AppID\genericasktoolbar.dll
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{6C434537-053E-486D-B62A-160059D9D456}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{91CF619A-4686-4CA4-9232-3B2E6B63AA92}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\Interface\{AC71B60E-94C9-4EDE-BA46-E146747BB67E}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\powerpack
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\desksvc
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\winamp toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdate
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloaduibrowser.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\dnupdater.downloadupdcontroller.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\genericasktoolbar.toolbarwnd.1
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\features\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\products\a28b4d68debaa244eb686953b7074fef
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\installer\upgradecodes\f928123a039649549966d4c29d35b1c9
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasapi32
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Tracing\askpartnercobrandingtool_rasmancs
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\{86d4b82a-abed-442a-be86-96357b70f4fe}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{00000000-6E41-4FD3-8538-502F5495E5FC}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D4027C7F-154A-4066-A1AD-4243D8127440}
Successfully deleted: [Registry Key] "hkey_current_user\software\apn"
Successfully deleted: [Registry Key] "hkey_current_user\software\appdatalow\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\ask.com"
Successfully deleted: [Registry Key] "hkey_current_user\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_current_user\software\microsoft\internet explorer\low rights\elevationpolicy\{a5aa24ea-11b8-4113-95ae-9ed71deaf12a}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\apn"
Successfully deleted: [Registry Key] "hkey_local_machine\software\asktoolbar"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\appid\{9b0cb95c-933a-4b8c-b6d4-edcd19a43874}"
Successfully deleted: [Registry Key] "hkey_local_machine\software\classes\typelib\{2996f0e7-292b-4cae-893f-47b8b1c05b56}"
~~~ Files
Successfully deleted: [File] "C:\windows\System32\Tasks\desk 365 runasstduser"
Successfully deleted: [File] "C:\windows\System32\Tasks\scheduled update for ask toolbar"
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome\Google Chrome.lnk
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\microsoft\windows\start menu\Programs\Internet Explorer.lnk
Successfully disinfected: [Shortcut] C:\Users\Anetka\AppData\Roaming\microsoft\windows\start menu\Programs\Accessories\System Tools\Internet Explorer (No Add-ons).lnk
Successfully repaired: [Shortcut] C:\Users\Anetka\desktop\Google Chrome.lnk
~~~ Folders
Successfully deleted: [Folder] "C:\ProgramData\esafe"
Successfully deleted: [Folder] "C:\Program Files\videoplayerv3"
Successfully deleted: [Folder] "C:\Program Files\Common Files\software update utility"
Successfully deleted: [Folder] "C:\Users\Anetka\AppData\Local\asktoolbar"
Successfully deleted: [Folder] "C:\Users\Anetka\appdata\locallow\asktoolbar"
Successfully deleted: [Folder] "C:\Program Files\ask.com"
Successfully deleted: [Folder] "C:\windows\installer\{86d4b82a-abed-442a-be86-96357b70f4fe}"
~~~ FireFox
Successfully deleted the following from C:\Users\Anetka\AppData\Roaming\mozilla\firefox\profiles\kzw77p7v.default\prefs.js
user_pref("browser.search.defaultenginename", "delta-homes");
user_pref("browser.search.order.1", "qvo6");
user_pref("browser.search.selectedEngine", "delta-homes");
user_pref("extensions.mywebsearch.prevDefaultEngine", "Google");
user_pref("extensions.mywebsearch.prevSelectedEngine", "Google");
user_pref("extensions.toolbar.mindspark._4wMembers_.lastActivePing", "1403291900070");
user_pref("extensions.toolbar.mindspark._4wMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark._4zMembers_.homepage", "hxxp://home.mywebsearch.com/index.jhtml?ptb=AE66BE29-5121-4B26-8666-C5AF65B9CF7C&n=77fce69d&p2=^HJ^xdm073^YY^cz
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.enabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.hp.user.defined", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.initialized", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.contextKey", "");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.installDate", "2013062813");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerId", "^HJ^xdm073^YY^cz");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.partnerSubId", "pconverter");
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.success", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.installation.toolbarId", "AE66BE29-5121-4B26-8666-C5AF65B9CF7C");
user_pref("extensions.toolbar.mindspark._4zMembers_.lastActivePing", "1374752527169");
user_pref("extensions.toolbar.mindspark._4zMembers_.options.defaultSearch", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.homePageEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.keywordEnabled", false);
user_pref("extensions.toolbar.mindspark._4zMembers_.options.tabEnabled", true);
user_pref("extensions.toolbar.mindspark._4zMembers_.weather.location", "10001");
user_pref("extensions.toolbar.mindspark.hp.enabled", false);
user_pref("extensions.toolbar.mindspark.hp.enabled.guid", "");
user_pref("extensions.toolbar.mindspark.lastInstalled", "retrogamer@mindspark.com");
Emptied folder: C:\Users\Anetka\AppData\Roaming\mozilla\firefox\profiles\kzw77p7v.default\minidumps [76 files]
~~~ Event Viewer Logs were cleared
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Łt 24.06.2014 at 20:38:00,41
Computer was rebooted
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Re: Prosím o kontrolu
Log z AdwCleaneru, musim říct že už mi tady žádný reklamy nevyskakujou, tak to nejspíš pomohlo
# AdwCleaner v3.213 - Report created 24/06/2014 at 20:42:07
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Anetka - ANETKA-PC
# Running from : C:\Users\Anetka\Desktop\adwcleaner_3.213.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : winzipersvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\MediaPlayerV1
Folder Deleted : C:\Program Files\MediaViewerV1
Folder Deleted : C:\Program Files\MediaViewV1
Folder Deleted : C:\Program Files\MediaWatchV1
Folder Deleted : C:\Program Files\RichMediaViewV1
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\Anetka\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Anetka\AppData\Roaming\337Games
Folder Deleted : C:\Users\Anetka\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Anetka\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\Anetka\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Anetka\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Anetka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93D038DE-D51E-4E6F-A591-B1D6213E7AA6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93D038DE-D51E-4E6F-A591-B1D6213E7AA6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E865FC6-A1A2-4E41-889C-FF7F29F33D3A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E865FC6-A1A2-4E41-889C-FF7F29F33D3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Solvusoft
Key Deleted : HKCU\Software\V9
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\IePlugin
Key Deleted : HKLM\Software\Solvusoft
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=HITACHIXHTS545032B9A300_091110PBP304Q6KDGTULX&ts=1376284290&type=default&q={searchTerms}
Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402575486&from=wpm0612&uid=HITACHIXHTS545032B9A300_091110PBP304Q6KDGTULX&q={searchTerms}
Deleted [Extension] : ainbkicbloikcngphmjfpjdemblcojdd
Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Deleted [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
*************************
AdwCleaner[R0].txt - [9492 octets] - [24/06/2014 20:39:23]
AdwCleaner[S0].txt - [8501 octets] - [24/06/2014 20:42:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8561 octets] ##########
# AdwCleaner v3.213 - Report created 24/06/2014 at 20:42:07
# Updated 23/06/2014 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (32 bits)
# Username : Anetka - ANETKA-PC
# Running from : C:\Users\Anetka\Desktop\adwcleaner_3.213.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : winzipersvc
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\WPM
Folder Deleted : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\WinZipper
Folder Deleted : C:\Program Files\MediaPlayerV1
Folder Deleted : C:\Program Files\MediaViewerV1
Folder Deleted : C:\Program Files\MediaViewV1
Folder Deleted : C:\Program Files\MediaWatchV1
Folder Deleted : C:\Program Files\RichMediaViewV1
Folder Deleted : C:\Program Files\WinZipper
Folder Deleted : C:\Program Files\Common Files\337
Folder Deleted : C:\Users\Anetka\AppData\Local\SwvUpdater
Folder Deleted : C:\Users\Anetka\AppData\Roaming\337Games
Folder Deleted : C:\Users\Anetka\AppData\Roaming\eIntaller
Folder Deleted : C:\Users\Anetka\AppData\Roaming\Solvusoft
Folder Deleted : C:\Users\Anetka\AppData\Roaming\SupTab
Folder Deleted : C:\Users\Anetka\AppData\Roaming\WinZipper
Folder Deleted : C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\Extensions\ogfjmhfnldnajmfaofeiaepghjenbgjo
***** [ Shortcuts ] *****
Shortcut Disinfected : C:\Users\Public\Desktop\Mozilla Firefox.lnk
Shortcut Disinfected : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
Shortcut Disinfected : C:\Users\Anetka\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\User Pinned\TaskBar\Mozilla Firefox.lnk
***** [ Registry ] *****
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{93D038DE-D51E-4E6F-A591-B1D6213E7AA6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{93D038DE-D51E-4E6F-A591-B1D6213E7AA6}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{1EC9510D-A439-4950-9399-B6399EDF9EA7}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Plain\{6E865FC6-A1A2-4E41-889C-FF7F29F33D3A}
[#] Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Schedule\TaskCache\Tasks\{6E865FC6-A1A2-4E41-889C-FF7F29F33D3A}
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASAPI32
Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\LatestDLMgr_RASMANCS
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\DeskSvc
Key Deleted : HKLM\SYSTEM\CurrentControlSet\Services\Eventlog\Application\WsysSvc
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6C259840-5BA8-46E6-8ED1-EF3BA47D8BA1}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E15A9BFD-D16D-496D-8222-44CADF316E70}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{660E6F4F-840D-436D-B668-433D9591BAC5}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{E7435878-65B9-44D1-A443-81754E5DFC90}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{92380354-381A-471F-BE2E-DD9ACD9777EA}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D4027C7F-154A-4066-A1AD-4243D8127440}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7B089B94-D1DC-4C6B-87E1-8156E22C1D96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{A5AA24EA-11B8-4113-95AE-9ED71DEAF12A}
Key Deleted : HKCU\Software\Solvusoft
Key Deleted : HKCU\Software\V9
Key Deleted : HKLM\Software\delta-homesSoftware
Key Deleted : HKLM\Software\hdcode
Key Deleted : HKLM\Software\IePlugin
Key Deleted : HKLM\Software\Solvusoft
Key Deleted : HKLM\Software\SupDp
Key Deleted : HKLM\Software\SupTab
Key Deleted : HKLM\Software\supWPM
Key Deleted : HKLM\Software\V9
Key Deleted : HKLM\Software\winzipersvc
Key Deleted : HKLM\Software\Wpm
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Winamp Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SoftwareUpdUtility
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\winzipper
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0CFE535C35F99574E8340BFA75BF92C2
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0E12F736682067FDE4D1158D5940A82E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\1A24B5BB8521B03E0C8D908F5ABC0AE6
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\261F213D1F55267499B1F87D0CC3BCF7
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\2B0D56C4F4C46D844A57FFED6F0D2852
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\49D4375FE41653242AEA4C969E4E65E0
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6AA0923513360135B272E8289C5F13FA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\6F7467AF8F29C134CBBAB394ECCFDE96
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\741B4ADF27276464790022C965AB6DA8
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\7DE196B10195F5647A2B21B761F3DE01
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\922525DCC5199162F8935747CA3D8E59
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\9D4F5849367142E4685ED8C25E44C5ED
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A5875B04372C19545BEB90D4D606C472
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\A876D9E80B896EC44A8620248CC79296
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\B66FFAB725B92594C986DE826A867888
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\BCDA179D619B91648538E3394CAC94CC
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\D677B1A9671D4D4004F6F2A4469E86EA
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\DD1402A9DD4215A43ABDE169A41AFA0E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\E36E114A0EAD2AD46B381D23AD69CDDF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\EF8E618DB3AEDFBB384561B5C548F65E
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Products\A28B4D68DEBAA244EB686953B7074FEF
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\F928123A039649549966D4C29D35B1C9
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17126
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Default_Search_URL]
Setting Restored : HKLM\SOFTWARE\Microsoft\Internet Explorer\Main [Search Page]
-\\ Mozilla Firefox v30.0 (cs)
[ File : C:\Users\Anetka\AppData\Roaming\Mozilla\Firefox\Profiles\kzw77p7v.default\prefs.js ]
-\\ Google Chrome v35.0.1916.153
[ File : C:\Users\Anetka\AppData\Local\Google\Chrome\User Data\Default\preferences ]
Deleted [Search Provider] : hxxp://search.qvo6.com/web/?utm_source=b&utm_medium=amt&from=amt&uid=HITACHIXHTS545032B9A300_091110PBP304Q6KDGTULX&ts=1376284290&type=default&q={searchTerms}
Deleted [Search Provider] : hxxp://search.delta-homes.com/web/?type=ds&ts=1402575486&from=wpm0612&uid=HITACHIXHTS545032B9A300_091110PBP304Q6KDGTULX&q={searchTerms}
Deleted [Extension] : ainbkicbloikcngphmjfpjdemblcojdd
Deleted [Extension] : ifohbjbgfchkkfhphahclmkpgejiplfo
Deleted [Extension] : ogfjmhfnldnajmfaofeiaepghjenbgjo
Deleted [Extension] : pelmeidfhdlhlbjimpabfcbnnojbboma
*************************
AdwCleaner[R0].txt - [9492 octets] - [24/06/2014 20:39:23]
AdwCleaner[S0].txt - [8501 octets] - [24/06/2014 20:42:07]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8561 octets] ##########
Re: Prosím o kontrolu
Stahnete Zoek.exe http://hijackthis.nl/smeenk/ a ulozte jej na plochu
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; emptyclsid; iedefaults; FFdefaults; CHRdefaults; emptyalltemp; resethosts;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
"Kdo víno má a nepije,kdo hrozny má a nejí je, kdo ženu má a nelíbá, kdo zábavě se vyhýbá, na toho vemte bič a hůl, to není člověk, to je vůl."
Člen od 1. února 2011.
Člen
od 1. února 2011.
Přispějete na provoz fóra?