Zdravím!
Strýc s dětmi má doma NTB HP Probook 4525s. Požádal mne o "spravení" tohoto notebooku - používají ho hlavně jeho malé děti, inu řeknu vám, takhle zaprasené PC jsem už dlouho neviděl. Samotné nabootování trvá cca 15 minut. Normálně bych hned sáhl po reinstalaci, ale on nechce, že prý pc má od firmy a kdesi cosi. Mohli byste se mi prosím na to podívat a nějak to pročistit?
Děkuji moc, zde je log:
Logfile of random's system information tool 1.10 (written by random/random)
Run by Pavel at 2014-12-03 18:10:41
Microsoft Windows 7 Professional Service Pack 1
System drive C: has 118 GB (41%) free of 288 GB
Total RAM: 3830 MB (52% free)
Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 18:11:06, on 3.12.2014
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v11.0 (11.00.9600.17420)
Boot mode: Normal
Running processes:
c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe
C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe
C:\Program Files (x86)\Origin\Origin.exe
C:\Users\Pavel\AppData\Local\iLivid\iLivid.exe
C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\szndesktop.exe
C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe
C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brmon.exe
C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe
C:\Program Files\trend micro\Pavel.exe
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://www.bing.com
R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://home.tb.ask.com/index.jhtml?n=77 ... F1316D4BC9
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://start.alawarhry.cz/?pid=6
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
R3 - URLSearchHook: ICQToolBar - {855F3B16-6D32-4fe6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
R3 - URLSearchHook: (no name) - - (no file)
R3 - URLSearchHook: (no name) - {327f75ed-061b-4339-8cc6-5dd45ad1396d} - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll
F2 - REG:system.ini: UserInit=userinit.exe
O2 - BHO: Toolbar BHO - {074d3229-0a22-491b-b9dd-ff3171d75f25} - C:\PROGRA~2\MARINE~1\bar\1.bin\57bar.dll
O2 - BHO: Search Assistant BHO - {0eeaa2c3-0cd7-4364-b82e-f9257081c860} - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll
O2 - BHO: Bing Bar Helper - {1dad3af3-ef2f-4f64-ac4b-11789189fcb6} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O2 - BHO: BHO_Startup - {3134413B-49B4-425C-98A5-893C1F195601} - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll
O2 - BHO: HP ProtectTools Security Manager Extension - {395610AE-C624-4f58-B89E-23733EA00F9A} - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll
O2 - BHO: Pomocná služba pro přihlášení k účtu Microsoft - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
O2 - BHO: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)
O2 - BHO: HP Network Check Helper - {E76FD755-C1BA-4DCB-9F13-99BD91223ADE} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll
O2 - BHO: InjectScript - {F6C07882-D703-4DD5-905A-2C4E815A5066} - C:\Users\Pavel\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll
O3 - Toolbar: ICQToolBar - {855F3B16-6D32-4FE6-8A56-BBB695989046} - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll
O3 - Toolbar: Marine Aquarium Lite - {07189b84-b33b-4a1e-9b32-ad203c983c20} - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bar.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: Movies Toolbar (Dist. by Bandoo Media, Inc.) - {d1dac034-9fd9-4c13-a388-d2e10e57707f} - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll (file missing)
O3 - Toolbar: Bing Bar - {eec0f710-38b5-4aba-99bf-ec87564a4e13} - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll
O4 - HKLM\..\Run: [QLBController] C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe /start
O4 - HKLM\..\Run: [StartCCC] "C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe" MSRun
O4 - HKLM\..\Run: [4StoryPrePatch] C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe
O4 - HKLM\..\Run: [Guard.Mail.ru.gui] "C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
O4 - HKLM\..\Run: [Marine Aquarium Lite Search Scope Monitor] "C:\PROGRA~2\MARINE~1\bar\1.bin\57srchmn.exe" /m=2 /w /h
O4 - HKLM\..\Run: [MarineAquarium3Free_57 Browser Plugin Loader] C:\PROGRA~2\MARINE~1\bar\1.bin\57brmon.exe
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [WebcamMaxMoniter] "C:\Program Files (x86)\WebcamMax\wcmmon.exe" /a
O4 - HKLM\..\Run: [mobilegeni daemon] C:\Program Files (x86)\Mobogenie\DaemonProcess.exe
O4 - HKLM\..\Run: [File Sanitizer] c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe
O4 - HKCU\..\Run: [LightScribe Control Panel] C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe -hidden
O4 - HKCU\..\Run: [EA Core] "C:\Program Files (x86)\Electronic Arts\EADM\Core.exe" -silent
O4 - HKCU\..\Run: [EADM] "C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
O4 - HKCU\..\Run: [DAEMON Tools Lite] "C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe" -autorun
O4 - HKCU\..\Run: [Facebook Update] "C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe" /c /nocrashserver
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [iLivid] "C:\Users\Pavel\AppData\Local\iLivid\iLivid.exe" -autorun
O4 - HKUS\S-1-5-19\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-19\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'LOCAL SERVICE')
O4 - HKUS\S-1-5-20\..\Run: [Sidebar] %ProgramFiles%\Windows Sidebar\Sidebar.exe /autoRun (User 'NETWORK SERVICE')
O4 - HKUS\S-1-5-20\..\RunOnce: [mctadmin] C:\Windows\System32\mctadmin.exe (User 'NETWORK SERVICE')
O4 - Startup: MyPC Backup.lnk = C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~2\MICROS~1\Office14\EXCEL.EXE/3000
O8 - Extra context menu item: Od&eslat do aplikace OneNote - res://C:\PROGRA~2\MICROS~1\Office14\ONBttnIE.dll/105
O8 - Extra context menu item: Odeslat obrázek do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie_ctx.htm
O8 - Extra context menu item: Odeslat stránku do zařízení &Bluetooth... - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-103 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll,-102 - {25510184-5A38-4A99-B273-DCA8EEF6CD08} - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\NCLauncherFromIE.exe
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
O9 - Extra button: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra 'Tools' menuitem: ICQ7.7 - {77F665FD-3F60-4B0A-AE14-EC124B7A7FCE} - C:\Program Files (x86)\ICQ7.7\ICQ.exe
O9 - Extra button: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra 'Tools' menuitem: P&ropojené poznámky aplikace OneNote - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
O9 - Extra button: Send To Bluetooth - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O9 - Extra 'Tools' menuitem: Send to &Bluetooth Device... - {CCA281CA-C863-46ef-9331-5C8D4460577F} - C:\Program Files\WIDCOMM\Bluetooth Software\btsendto_ie.htm
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CS1\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O17 - HKLM\System\CS2\Services\Tcpip\Parameters: Domain = SKOLA.LOCAL
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
O20 - Winlogon Notify: DeviceNP - DeviceNP.dll (file missing)
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Andrea ST Filters Service (AESTFilters) - Andrea Electronics Corporation - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\windows\system32\atiesrxx.exe (file missing)
O23 - Service: Computer Backup (MyPC Backup) (BackupStack) - Just Develop It - C:\Program Files (x86)\MyPC Backup\BackupStack.exe
O23 - Service: Bluetooth Service (btwdins) - Broadcom Corporation. - C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe
O23 - Service: Datamngr Coordinator (DatamngrCoordinator) - Bandoo Media Inc. - C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe
O23 - Service: DEBridge - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe
O23 - Service: @c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128 (DpHost) - DigitalPersona, Inc. - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
O23 - Service: HP ProtectTools Device Locking / Auditing (FLCDLOCK) - Hewlett-Packard Ltd - c:\Windows\SysWOW64\flcdlock.exe
O23 - Service: Guard.Mail.ru - Unknown owner - C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe
O23 - Service: Služba Google Update (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: HP Power Assistant Service - Hewlett-Packard Company - C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe
O23 - Service: HP ProtectTools Service - Hewlett-Packard Development Company, L.P - c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe
O23 - Service: HP Support Assistant Service - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe
O23 - Service: HP Wireless Assistant Service - Hewlett-Packard - C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe
O23 - Service: HP DayStarter Service (HPDayStarterService) - Hewlett-Packard Company - c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe
O23 - Service: HP Quick Synchronization Service (HPDrvMntSvc.exe) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe
O23 - Service: Drive Encryption Service (HpFkCryptService) - McAfee, Inc. - c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe
O23 - Service: File Sanitizer for HP ProtectTools (HPFSService) - Hewlett-Packard - C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe
O23 - Service: HP Hotkey Monitor (hpHotkeyMonitor) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe
O23 - Service: HP Software Framework Service (hpqwmiex) - Hewlett-Packard Company - C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe
O23 - Service: HP Service (hpsrv) - Unknown owner - C:\windows\system32\Hpservice.exe (file missing)
O23 - Service: ICQ Service - Unknown owner - C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe
O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Marine Aquarium LiteService (MarineAquarium3Free_57Service) - COMPANYVERS_NAME - C:\PROGRA~2\MARINE~1\bar\1.bin\57barsvc.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
O23 - Service: Network HTTP Support Service (NetHttpService) - Unknown owner - C:\windows\SysWOW64\nethtsrv.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: PDF Document Manager (pdfcDispatcher) - PDF Complete Inc - C:\Program Files (x86)\PDF Complete\pdfsvc.exe
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Protect Monitor (ProtectMonitor) - Unknown owner - C:\Program Files (x86)\PCData\StartHelp.exe
O23 - Service: Protexis Licensing V2 (PSI_SVC_2) - Protexis Inc. - c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
O23 - Service: Audio Service (STacSV) - IDT, Inc. - C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
O23 - Service: ArcCapture (uArcCapture) - ArcSoft, Inc. - C:\windows\system\uArcCapture.exe
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
O23 - Service: Validity VCS Fingerprint Service (vcsFPService) - Validity Sensors, Inc. - C:\windows\system32\vcsFPService.exe
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)
--
End of file - 18709 bytes
======Listing Processes======
\SystemRoot\System32\smss.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
wininit.exe
%SystemRoot%\system32\csrss.exe ObjectDirectory=\Windows SharedSection=1024,20480,768 Windows=On SubSystemType=Windows ServerDll=basesrv,1 ServerDll=winsrv:UserServerDllInitialization,3 ServerDll=winsrv:ConServerDllInitialization,2 ServerDll=sxssrv,4 ProfileControl=Off MaxRequestThreads=16
C:\windows\system32\services.exe
C:\windows\system32\lsass.exe
C:\windows\system32\lsm.exe
winlogon.exe
C:\windows\system32\svchost.exe -k DcomLaunch
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe"
"c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe"
C:\windows\system32\svchost.exe -k RPCSS
"c:\Program Files\Microsoft Security Client\MsMpEng.exe"
C:\windows\system32\atiesrxx.exe
C:\windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\windows\system32\svchost.exe -k LocalService
C:\windows\system32\svchost.exe -k netsvcs
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe
C:\windows\system32\Hpservice.exe
C:\windows\system32\svchost.exe -k NetworkService
C:\windows\system32\WLANExt.exe 28571472
\??\C:\windows\system32\conhost.exe "4046296411947416021164138644437395195-35037071971797409143937869-1175162929
C:\windows\System32\spoolsv.exe
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe"
C:\windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe
"C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe"
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe"
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe"
"c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe"
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe" -monitor 460
"c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe"
"C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe"
"C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe"
C:\PROGRA~2\MARINE~1\bar\1.bin\57barsvc.exe
C:\windows\SysWOW64\nethtsrv.exe
"C:\Program Files (x86)\PDF Complete\pdfsvc.exe" /startedbyscm:66B66708-40E2BE4D-pdfcService
"c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe"
C:\windows\system\uArcCapture.exe
"C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE"
WLIDSvcM.exe 2932
"C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe"
C:\windows\system32\wbem\unsecapp.exe -Embedding
C:\windows\system32\wbem\wmiprvse.exe
"c:\Program Files\Microsoft Security Client\NisSrv.exe"
C:\windows\system32\svchost.exe -k bthsvcs
"c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe"
atieclxx
C:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
"C:\Program Files (x86)\MyPC Backup\BackupStack.exe"
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe"
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe"
C:\windows\system32\wbem\wmiprvse.exe
C:\windows\system32\SearchIndexer.exe /Embedding
"taskhost.exe"
"c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
"C:\windows\system32\Dwm.exe"
C:\windows\Explorer.EXE
"C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe" /hidden
"C:\Program Files\Synaptics\SynTP\SynTPEnh.exe"
"C:\Program Files\IDT\WDM\sttray64.exe"
"C:\Program Files\Microsoft Security Client\msseces.exe" -hide -runkey
"C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\AppIntegrator64.exe"
"C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe" -hidden
"C:\Program Files (x86)\Origin\Origin.exe" -AutoStart
"C:\Users\Pavel\AppData\Local\iLivid\iLivid.exe" -autorun
"C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe"
"C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe" /start
szndesktop.exe default start
"C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\listicka-x64.exe"
\??\C:\windows\system32\conhost.exe "-6420603431234383370717139111-559120002-1689449121265165536-607287861-1809069899
"c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DPAgent.exe"
C:\windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
"C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrUI.exe"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\MOM"
"C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CCC.exe" 0
"C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Main.exe" /hidden
"C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe" /gui
"C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe" /m=2 /w /h
"C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brmon.exe"
"C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\coreshredder.exe"
C:\windows\system32\svchost.exe -k SDRSVC
"C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe"
C:\windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
taskeng.exe {A99E54F4-BAA3-45FE-B3CE-52934A903AB2}
C:\windows\servicing\TrustedInstaller.exe
"C:\Program Files\Windows Media Player\wmpnetwk.exe"
"C:\Users\Pavel\Desktop\RSITx64.exe"
======Scheduled tasks folder======
C:\windows\tasks\Adobe Flash Player Updater.job - C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
C:\windows\tasks\AmiUpdXp.job - C:\Users\Pavel\AppData\Local\29614\Updater.exe
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001Core.job - C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe /c /nocrashserver
C:\windows\tasks\FacebookUpdateTaskUserS-1-5-21-3435964710-805018482-336169385-1001UA.job - C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe /ua /installsource scheduler
C:\windows\tasks\GoogleUpdateTaskMachineCore.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /c
C:\windows\tasks\GoogleUpdateTaskMachineUA.job - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe /ua /installsource scheduler
C:\windows\tasks\HPCeeScheduleForPavel.job - C:\Program Files (x86)\Hewlett-Packard\HP Ceement\HPCEE.exe HPCeeScheduleForPavel (null)
======Registry dump======
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 2132232]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Windows Live ID Sign-in Helper - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 529664]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~1\MICROS~2\Office14\URLREDIR.DLL [2013-03-06 690392]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2013-12-11 131536]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPluginx64.dll [2013-08-28 303416]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{074d3229-0a22-491b-b9dd-ff3171d75f25}]
Toolbar BHO - C:\PROGRA~2\MARINE~1\bar\1.bin\57bar.dll [2013-10-28 716360]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}]
Search Assistant BHO - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll [2013-10-28 62864]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{1dad3af3-ef2f-4f64-ac4b-11789189fcb6}]
Bing Bar Helper - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{3134413B-49B4-425C-98A5-893C1F195601}]
File Sanitizer for HP ProtectTools - c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\IEBHO.dll [2010-05-06 117248]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{395610AE-C624-4f58-B89E-23733EA00F9A}]
HP ProtectTools Security Manager Extension - c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpOtsPluginIe8.dll [2010-01-22 1471752]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9030D464-4C02-4ABF-8ECC-5164760863C6}]
Pomocná služba pro přihlášení k účtu Microsoft - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll [2012-07-17 441592]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B4F3A835-0E21-4959-BA22-42B3008E02FF}]
Office Document Cache Handler - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL [2013-03-06 562904]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{d1dac034-9fd9-4c13-a388-d2e10e57707f}]
Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E76FD755-C1BA-4DCB-9F13-99BD91223ADE}]
HP Network Check Helper - C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\Resources\HPNetworkCheck\HPNetworkCheckPlugin.dll [2013-08-28 286520]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}]
Shopping Suggestion - C:\Users\Pavel\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4\Shopping Suggestion.dll [2014-03-12 115712]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_64.dll [2014-03-27 256456]
{d1dac034-9fd9-4c13-a388-d2e10e57707f} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx64.dll [2013-12-11 131536]
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\amd64\BingExt.dll [2014-03-11 1154720]
[HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Microsoft\Internet Explorer\Toolbar]
{855F3B16-6D32-4FE6-8A56-BBB695989046} - ICQToolBar - C:\Program Files (x86)\ICQ6Toolbar\ICQToolBar.dll [2011-08-17 1055808]
{07189b84-b33b-4a1e-9b32-ad203c983c20} - Marine Aquarium Lite - C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bar.dll [2013-10-28 716360]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files (x86)\Google\Google Toolbar\GoogleToolbar_32.dll [2014-03-27 194504]
{d1dac034-9fd9-4c13-a388-d2e10e57707f} - Movies Toolbar (Dist. by Bandoo Media, Inc.) - C:\PROGRA~2\MOVIES~1\Datamngr\SRTOOL~1\IE\searchresultsDx.dll []
{eec0f710-38b5-4aba-99bf-ec87564a4e13} - Bing Bar - C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BingExt.dll [2014-03-11 1431712]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"HPPowerAssistant"=C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Main.exe [2010-08-23 1691192]
"SynTPEnh"=C:\Program Files\Synaptics\SynTP\SynTPEnh.exe [2010-06-04 2174760]
"HPWirelessAssistant"=C:\Program Files\Hewlett-Packard\HP Wireless Assistant\DelayedAppStarter.exe [2010-01-27 8192]
"SysTrayApp"=C:\Program Files\IDT\WDM\sttray64.exe [2010-01-29 487424]
"MSC"=c:\Program Files\Microsoft Security Client\msseces.exe [2014-08-22 1331288]
"Marine Aquarium Lite Home Page Guard 64 bit"=C:\PROGRA~2\MARINE~1\bar\1.bin\AppIntegrator64.exe [2013-10-28 548936]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"NCPluginUpdater"=C:\Program Files (x86)\Hewlett-Packard\HP Health Check\ActiveCheck\product_line\NCPluginUpdater.exe [2014-10-21 21720]
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"LightScribe Control Panel"=C:\Program Files (x86)\Common Files\LightScribe\LightScribeControlPanel.exe [2010-01-22 2363392]
"EA Core"=C:\Program Files (x86)\Electronic Arts\EADM\Core.exe -silent []
"EADM"=C:\Program Files (x86)\Origin\Origin.exe [2014-05-07 3588952]
"DAEMON Tools Lite"=C:\Program Files (x86)\DAEMON Tools Lite\DTLite.exe [2013-03-14 3672640]
"Facebook Update"=C:\Users\Pavel\AppData\Local\Facebook\Update\FacebookUpdate.exe [2013-11-29 138096]
"cz.seznam.software.autoupdate"=C:\Users\Pavel\AppData\Roaming\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Users\Pavel\AppData\Roaming\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"iLivid"=C:\Users\Pavel\AppData\Local\iLivid\iLivid.exe [2014-02-12 7307776]
[HKEY_LOCAL_MACHINE\Software\wow6432node\Microsoft\Windows\CurrentVersion\Run]
"QLBController"=C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\QLBController.exe [2010-03-01 256056]
"StartCCC"=C:\Program Files (x86)\ATI Technologies\ATI.ACE\Core-Static\CLIStart.exe [2010-08-05 98304]
"4StoryPrePatch"=C:\Program Files (x86)\Gameforge4D\4Story_CZ\PrePatch.exe [2013-02-19 327680]
"Guard.Mail.ru.gui"=C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-04-04 1564368]
"Marine Aquarium Lite Search Scope Monitor"=C:\PROGRA~2\MARINE~1\bar\1.bin\57srchmn.exe [2013-10-28 44784]
"MarineAquarium3Free_57 Browser Plugin Loader"=C:\PROGRA~2\MARINE~1\bar\1.bin\57brmon.exe [2013-10-28 30096]
"seznam-listicka-distribuce"=C:\Program Files (x86)\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"WebcamMaxMoniter"=C:\Program Files (x86)\WebcamMax\wcmmon.exe [2007-08-01 450048]
"mobilegeni daemon"=C:\Program Files (x86)\Mobogenie\DaemonProcess.exe []
"File Sanitizer"=c:\Program Files (x86)\Hewlett-Packard\File Sanitizer\CoreShredder.exe [2010-05-06 11268096]
C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
MyPC Backup.lnk - C:\Program Files (x86)\MyPC Backup\MyPC Backup.exe
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\Lsa]
"notification packages"=DPPassFilter
scecli
[HKEY_LOCAL_MACHINE\system\currentcontrolset\control\securityproviders]
"SecurityProviders"=credssp.dll
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MsMpSvc]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\AFD]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\network\MsMpSvc]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"ConsentPromptBehaviorAdmin"=5
"ConsentPromptBehaviorUser"=3
"EnableUIADesktopToggle"=0
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=145
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoActiveDesktop"=1
"NoActiveDesktopChanges"=1
"ForceActiveDesktopOn"=0
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.msadpcm"=msadp32.acm
"midimapper"=midimap.dll
"wavemapper"=msacm32.drv
"VIDC.UYVY"=msyuv.dll
"VIDC.YUY2"=msyuv.dll
"VIDC.YVYU"=msyuv.dll
"VIDC.IYUV"=iyuv_32.dll
"vidc.i420"=iyuv_32.dll
"VIDC.YVU9"=tsbyuv.dll
"msacm.l3acm"=C:\Windows\System32\l3codeca.acm
"MSVideo8"=VfWWDM32.dll
"wave1"=wdmaud.drv
"midi1"=wdmaud.drv
"mixer1"=wdmaud.drv
"aux1"=wdmaud.drv
"wave2"=wdmaud.drv
"midi2"=wdmaud.drv
"mixer2"=wdmaud.drv
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
======File associations======
.js - edit - C:\Windows\System32\Notepad.exe %1
.js - open - C:\Windows\System32\WScript.exe "%1" %*
======List of files/folders created in the last 1 month======
2014-12-03 18:10:41 ----D---- C:\rsit
2014-12-03 18:10:41 ----D---- C:\Program Files\trend micro
2014-11-28 23:19:48 ----A---- C:\windows\SYSWOW64\kerberos.dll
2014-11-28 23:19:48 ----A---- C:\windows\system32\pku2u.dll
2014-11-28 23:19:48 ----A---- C:\windows\system32\kerberos.dll
2014-11-27 20:34:35 ----A---- C:\awh91E2.tmp
2014-11-27 16:39:54 ----A---- C:\windows\system32\drivers\nethfdrv.sys
2014-11-27 16:39:40 ----A---- C:\windows\SYSWOW64\netupdsrv.exe
2014-11-27 16:39:30 ----A---- C:\windows\SYSWOW64\installd.exe
2014-11-27 16:39:20 ----A---- C:\windows\SYSWOW64\nethtsrv.exe
2014-11-27 16:39:12 ----A---- C:\windows\SYSWOW64\hfnapi.dll
2014-11-27 16:39:02 ----A---- C:\windows\SYSWOW64\hfpapi.dll
2014-11-26 20:32:35 ----A---- C:\windows\SYSWOW64\pku2u.dll
2014-11-17 14:03:22 ----A---- C:\awh8C76.tmp
2014-11-15 16:55:09 ----A---- C:\windows\system32\termsrv.dll
2014-11-15 16:55:08 ----A---- C:\windows\SYSWOW64\adtschema.dll
2014-11-15 16:55:08 ----A---- C:\windows\system32\drivers\ksecpkg.sys
2014-11-15 16:55:08 ----A---- C:\windows\system32\adtschema.dll
2014-11-15 16:55:07 ----A---- C:\windows\system32\lsasrv.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\sspicli.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\secur32.dll
2014-11-15 16:55:06 ----A---- C:\windows\SYSWOW64\msaudite.dll
2014-11-15 16:55:06 ----A---- C:\windows\system32\msaudite.dll
2014-11-12 17:08:30 ----A---- C:\awh5060.tmp
2014-11-12 15:46:29 ----A---- C:\windows\SYSWOW64\ieetwproxystub.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\urlmon.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\mshtmled.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\iernonce.dll
2014-11-12 15:46:28 ----A---- C:\windows\SYSWOW64\iedkcs32.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\iernonce.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\ieetwproxystub.dll
2014-11-12 15:46:28 ----A---- C:\windows\system32\ieetwcollector.exe
2014-11-12 15:46:28 ----A---- C:\windows\system32\ie4uinit.exe
2014-11-12 15:46:27 ----A---- C:\windows\SYSWOW64\JavaScriptCollectionAgent.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\mshtml.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\msfeeds.dll
2014-11-12 15:46:26 ----A---- C:\windows\SYSWOW64\dxtrans.dll
2014-11-12 15:46:26 ----A---- C:\windows\system32\JavaScriptCollectionAgent.dll
2014-11-12 15:46:25 ----A---- C:\windows\SYSWOW64\iesetup.dll
2014-11-12 15:46:25 ----A---- C:\windows\SYSWOW64\ieapfltr.dll
2014-11-12 15:46:24 ----A---- C:\windows\SYSWOW64\jscript9diag.dll
2014-11-12 15:46:24 ----A---- C:\windows\SYSWOW64\iertutil.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\urlmon.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\ieetwcollectorres.dll
2014-11-12 15:46:24 ----A---- C:\windows\system32\iedkcs32.dll
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\jsproxy.dll
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\ieUnatt.exe
2014-11-12 15:46:23 ----A---- C:\windows\SYSWOW64\dxtmsft.dll
2014-11-12 15:46:23 ----A---- C:\windows\system32\MsSpellCheckingFacility.exe
2014-11-12 15:46:22 ----A---- C:\windows\SYSWOW64\ieui.dll
2014-11-12 15:46:22 ----A---- C:\windows\SYSWOW64\ieframe.dll
2014-11-12 15:46:22 ----A---- C:\windows\system32\msfeeds.dll
2014-11-12 15:46:22 ----A---- C:\windows\system32\dxtrans.dll
2014-11-12 15:46:21 ----A---- C:\windows\system32\iesetup.dll
2014-11-12 15:46:21 ----A---- C:\windows\system32\ieapfltr.dll
2014-11-12 15:46:20 ----A---- C:\windows\system32\iertutil.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\wininet.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\vbscript.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\mshtmlmedia.dll
2014-11-12 15:46:19 ----A---- C:\windows\SYSWOW64\jscript9.dll
2014-11-12 15:46:19 ----A---- C:\windows\system32\jsproxy.dll
2014-11-12 15:46:18 ----A---- C:\windows\SYSWOW64\msrating.dll
2014-11-12 15:46:18 ----A---- C:\windows\SYSWOW64\MshtmlDac.dll
2014-11-12 15:46:18 ----A---- C:\windows\system32\ieUnatt.exe
2014-11-12 15:46:18 ----A---- C:\windows\system32\dxtmsft.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\mshtmlmedia.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\mshtmled.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\ieui.dll
2014-11-12 15:46:17 ----A---- C:\windows\system32\ieframe.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\vbscript.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\jscript9diag.dll
2014-11-12 15:46:16 ----A---- C:\windows\system32\jscript9.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\wininet.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\msrating.dll
2014-11-12 15:46:15 ----A---- C:\windows\system32\MshtmlDac.dll
2014-11-12 15:46:14 ----A---- C:\windows\system32\mshtml.dll
2014-11-12 15:45:20 ----A---- C:\windows\SYSWOW64\oleaut32.dll
2014-11-12 15:45:20 ----A---- C:\windows\system32\oleaut32.dll
2014-11-12 15:45:16 ----A---- C:\windows\SYSWOW64\msxml3r.dll
2014-11-12 15:45:16 ----A---- C:\windows\SYSWOW64\msxml3.dll
2014-11-12 15:45:16 ----A---- C:\windows\system32\msxml3r.dll
2014-11-12 15:45:16 ----A---- C:\windows\system32\msxml3.dll
2014-11-12 15:45:14 ----A---- C:\windows\system32\IMJP10K.DLL
2014-11-12 15:45:13 ----A---- C:\windows\SYSWOW64\IMJP10K.DLL
2014-11-12 15:45:10 ----A---- C:\windows\SYSWOW64\AUDIOKSE.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\EncDump.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\audiosrv.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\AUDIOKSE.dll
2014-11-12 15:45:10 ----A---- C:\windows\system32\AudioEng.dll
2014-11-12 15:45:09 ----A---- C:\windows\SYSWOW64\AudioSes.dll
2014-11-12 15:45:09 ----A---- C:\windows\SYSWOW64\AudioEng.dll
2014-11-12 15:45:09 ----A---- C:\windows\system32\AudioSes.dll
2014-11-12 15:45:05 ----A---- C:\windows\system32\schannel.dll
2014-11-12 15:45:04 ----A---- C:\windows\SYSWOW64\schannel.dll
2014-11-12 15:45:04 ----A---- C:\windows\SYSWOW64\ncrypt.dll
2014-11-12 15:45:04 ----A---- C:\windows\system32\ncrypt.dll
2014-11-12 15:45:02 ----A---- C:\windows\SYSWOW64\msv1_0.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\wdigest.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\TSpkg.dll
2014-11-12 15:45:02 ----A---- C:\windows\system32\msv1_0.dll
2014-11-12 15:45:01 ----A---- C:\windows\SYSWOW64\wdigest.dll
2014-11-12 15:45:01 ----A---- C:\windows\SYSWOW64\TSpkg.dll
2014-11-12 15:45:00 ----A---- C:\windows\SYSWOW64\credssp.dll
2014-11-12 15:45:00 ----A---- C:\windows\system32\credssp.dll
2014-11-12 15:44:14 ----A---- C:\windows\SYSWOW64\packager.dll
2014-11-12 15:44:14 ----A---- C:\windows\system32\packager.dll
2014-11-12 15:44:12 ----A---- C:\windows\system32\win32k.sys
2014-11-12 15:44:08 ----A---- C:\windows\system32\msi.dll
2014-11-12 15:44:07 ----A---- C:\windows\SYSWOW64\msi.dll
2014-11-12 15:39:17 ----A---- C:\awh6F84.tmp
2014-11-11 10:23:23 ----A---- C:\awh8215.tmp
2014-11-04 14:17:49 ----A---- C:\awh93E7.tmp
======List of files/folders modified in the last 1 month======
2014-12-03 18:11:00 ----D---- C:\windows\Temp
2014-12-03 18:10:41 ----RD---- C:\Program Files
2014-12-03 18:10:41 ----D---- C:\ProgramData\Datamngr
2014-12-03 18:08:11 ----D---- C:\windows\system32\config
2014-12-03 18:07:58 ----D---- C:\Program Files (x86)\Origin
2014-12-03 17:57:34 ----D---- C:\Users\Pavel\AppData\Roaming\Seznam.cz
2014-12-03 17:52:29 ----D---- C:\windows\SysWOW64
2014-12-03 17:51:45 ----D---- C:\windows\System32
2014-12-03 17:51:45 ----D---- C:\windows\inf
2014-12-03 17:51:45 ----A---- C:\windows\system32\PerfStringBackup.INI
2014-12-03 17:47:52 ----D---- C:\ProgramData\HPQLOG
2014-12-01 14:22:08 ----SHD---- C:\System Volume Information
2014-11-29 13:35:14 ----A---- C:\windows\system32\HP_ActiveX_Patch_NOT_DETECTED.txt
2014-11-29 13:23:51 ----D---- C:\windows\winsxs
2014-11-28 17:08:35 ----A---- C:\windows\SYSWOW64\FlashPlayerApp.exe
2014-11-28 16:57:14 ----D---- C:\windows\system32\catroot2
2014-11-28 16:14:43 ----D---- C:\windows\Tasks
2014-11-28 16:14:43 ----D---- C:\windows\system32\wfp
2014-11-28 16:14:43 ----D---- C:\windows\system32\DriverStore
2014-11-28 16:14:43 ----D---- C:\Windows
2014-11-28 16:14:41 ----D---- C:\windows\system32\wbem
2014-11-28 16:14:41 ----D---- C:\windows\system32\Tasks
2014-11-28 16:14:40 ----D---- C:\windows\system32\Macromed
2014-11-28 16:14:37 ----D---- C:\windows\registration
2014-11-27 20:53:28 ----D---- C:\windows\system32\drivers
2014-11-27 13:37:19 ----D---- C:\Program Files (x86)\MyPC Backup
2014-11-25 14:21:11 ----D---- C:\windows\Prefetch
2014-11-23 11:30:53 ----D---- C:\ProgramData\Origin
2014-11-22 10:29:59 ----D---- C:\windows\system32\catroot
2014-11-22 10:12:36 ----HD---- C:\Program Files (x86)\InstallShield Installation Information
2014-11-22 10:12:35 ----D---- C:\Program Files (x86)\Electronic Arts
2014-11-21 10:52:19 ----D---- C:\Program Files\Internet Explorer
2014-11-21 10:52:14 ----SHD---- C:\windows\Installer
2014-11-21 10:50:43 ----RD---- C:\Program Files (x86)
2014-11-21 10:50:29 ----D---- C:\Program Files (x86)\Games
2014-11-20 16:55:21 ----D---- C:\gencache
2014-11-15 23:52:23 ----D---- C:\windows\SYSWOW64\cs-CZ
2014-11-15 23:52:23 ----D---- C:\windows\system32\cs-CZ
2014-11-15 23:39:48 ----D---- C:\windows\Microsoft.NET
2014-11-15 23:21:36 ----RSD---- C:\windows\assembly
2014-11-15 22:30:32 ----D---- C:\windows\SYSWOW64\en-US
2014-11-15 22:30:32 ----D---- C:\windows\system32\en-US
2014-11-15 22:30:32 ----D---- C:\Program Files (x86)\Internet Explorer
2014-11-15 22:30:28 ----D---- C:\windows\system32\CodeIntegrity
2014-11-15 22:30:27 ----RSD---- C:\windows\Fonts
2014-11-15 22:30:27 ----D---- C:\windows\rescache
2014-11-15 22:29:11 ----D---- C:\windows\AppCompat
2014-11-15 22:29:06 ----D---- C:\Program Files\Common Files\Microsoft Shared
2014-11-13 10:59:49 ----D---- C:\ProgramData\Microsoft Help
2014-11-13 10:53:26 ----D---- C:\windows\system32\MRT
2014-11-13 10:47:23 ----A---- C:\windows\system32\MRT.exe
======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R0 AtiPcie;AMD PCI Express (3GIO) Filter; C:\windows\system32\DRIVERS\AtiPcie64.sys [2010-03-09 16440]
R0 hpdskflt;HP Filter; C:\windows\system32\DRIVERS\hpdskflt.sys [2011-05-13 30008]
R0 MpFilter;Microsoft Malware Protection Driver; C:\windows\system32\DRIVERS\MpFilter.sys [2014-07-17 269008]
R0 rdyboost;ReadyBoost; C:\windows\System32\drivers\rdyboost.sys [2010-11-20 213888]
R0 SafeBoot;SafeBoot; C:\windows\system32\drivers\SafeBoot.sys [2010-01-26 56648]
R0 SbAlg;SbAlg; C:\windows\system32\drivers\SbAlg.sys [2009-06-04 60160]
R0 SbFsLock;SbFsLock; C:\windows\system32\drivers\SbFsLock.sys [2010-01-26 15688]
R0 vmbus;@%SystemRoot%\system32\vmbusres.dll,-1000; C:\windows\system32\drivers\vmbus.sys [2010-11-20 199552]
R1 CSC;@%systemroot%\system32\cscsvc.dll,-202; C:\windows\system32\drivers\csc.sys [2010-11-20 514560]
R1 dtsoftbus01;DAEMON Tools Virtual Bus Driver; C:\windows\system32\DRIVERS\dtsoftbus01.sys [2013-04-27 283200]
R1 F06DEFF2-5B9C-490D-910F-35D3A9119622;F06DEFF2-5B9C-490D-910F-35D3A9119622; \??\C:\Program Files (x86)\Movies Toolbar\Datamngr\x64\setmgrc2.cfg [2014-06-30 41848]
R1 nethfdrv;nethfdrv; \??\C:\windows\system32\drivers\nethfdrv.sys [2014-10-21 46160]
R1 RsvLock;RsvLock; C:\windows\system32\drivers\RsvLock.sys [2010-01-26 58184]
R1 vpcnfltr;Virtual PC Network Filter Driver; C:\windows\system32\DRIVERS\vpcnfltr.sys [2010-11-20 59392]
R1 vpcvmm;@%SystemRoot%\system32\drivers\vpcvmm.sys,-100; C:\windows\system32\drivers\vpcvmm.sys [2010-11-20 360832]
R1 vwififlt;Virtual WiFi Filter Driver; C:\windows\system32\DRIVERS\vwififlt.sys [2009-07-14 59904]
R2 NisDrv;Microsoft Network Inspection System; C:\windows\system32\DRIVERS\NisDrvWFP.sys [2014-07-17 125584]
R3 Accelerometer;HP Accelerometer; C:\windows\system32\DRIVERS\Accelerometer.sys [2011-05-13 43320]
R3 Afc;PPdus ASPI Shell; C:\windows\SysWOW64\drivers\Afc.sys [2006-11-14 22784]
R3 amdkmdag;amdkmdag; C:\windows\system32\DRIVERS\atikmdag.sys [2010-08-05 6859776]
R3 amdkmdap;amdkmdap; C:\windows\system32\DRIVERS\atikmpag.sys [2010-08-04 264192]
R3 ARCVCAM;ARCVCAM, ArcSoft Webcam Sharing Manager Driver; C:\windows\system32\DRIVERS\ArcSoftVCapture.sys [2009-12-04 32640]
R3 AtiHdmiService;ATI Function Driver for High Definition Audio Service; C:\windows\system32\drivers\AtiHdmi.sys [2010-08-11 125456]
R3 BCM43XX;Broadcom 802.11 Network Adapter Driver; C:\windows\system32\DRIVERS\bcmwl664.sys [2011-07-06 3060800]
R3 BthEnum;Ovladač pro Bluetooth Request Block; C:\windows\system32\drivers\BthEnum.sys [2009-07-14 41984]
R3 BthPan;Bluetooth Device (Personal Area Network); C:\windows\system32\DRIVERS\bthpan.sys [2009-07-14 118784]
R3 BTHUSB;Ovladač rozhraní USB radiostanice Bluetooth; C:\windows\System32\Drivers\BTHUSB.sys [2011-04-28 80384]
R3 btwampfl;Bluetooth AMP USB Filter; C:\windows\system32\drivers\btwampfl.sys [2010-06-10 342056]
R3 btwaudio;Bluetooth Audio Device Service; C:\windows\system32\drivers\btwaudio.sys [2010-06-10 102952]
R3 btwavdt;Bluetooth AVDT Service; C:\windows\system32\DRIVERS\btwavdt.sys [2010-06-10 135720]
R3 btwl2cap;Bluetooth L2CAP Service; C:\windows\system32\DRIVERS\btwl2cap.sys [2010-06-10 39464]
R3 btwrchid;btwrchid; C:\windows\system32\DRIVERS\btwrchid.sys [2010-06-10 21544]
R3 HpqKbFiltr;HpqKbFilter Driver; C:\windows\system32\DRIVERS\HpqKbFiltr.sys [2010-02-16 25912]
R3 MarvinBus;Pinnacle Marvin Bus 64; C:\windows\system32\DRIVERS\MarvinBus64.sys [2005-09-23 261120]
R3 RFCOMM;Bluetooth Device (RFCOMM Protocol TDI); C:\windows\system32\DRIVERS\rfcomm.sys [2009-07-14 158720]
R3 rtsuvc;HP Webcam [2 MP Fixed]; C:\windows\system32\DRIVERS\rtsuvc.sys [2010-12-29 8200296]
R3 STHDA;IDT High Definition Audio CODEC; C:\windows\system32\DRIVERS\stwrt64.sys [2010-01-29 505856]
R3 vpcbus;Služba hostitelské sběrnice programu Virtual PC; C:\windows\system32\DRIVERS\vpchbus.sys [2010-11-20 194944]
R3 vpcusb;Služba konektoru virtualizace rozhraní USB; C:\windows\system32\DRIVERS\vpcusb.sys [2010-11-20 95232]
S1 bmxldjpk;bmxldjpk; \??\C:\windows\system32\drivers\bmxldjpk.sys []
S1 boikopbv;boikopbv; \??\C:\windows\system32\drivers\boikopbv.sys []
S1 dldwfesj;dldwfesj; \??\C:\windows\system32\drivers\dldwfesj.sys []
S1 ihssonll;ihssonll; \??\C:\windows\system32\drivers\ihssonll.sys []
S1 jpjlbqfr;jpjlbqfr; \??\C:\windows\system32\drivers\jpjlbqfr.sys []
S3 BTHPORT;Ovladač portu Bluetooth; C:\windows\System32\Drivers\BTHport.sys [2012-07-06 552960]
S3 DAMDrv;DAMDrv; C:\windows\system32\DRIVERS\DAMDrv64.sys [2009-10-21 40760]
S3 EagleX64;EagleX64; \??\C:\windows\system32\drivers\EagleX64.sys []
S3 fssfltr;FssFltr; C:\windows\system32\DRIVERS\fssfltr.sys [2013-02-05 57840]
S3 netr28x;Ralink 802.11n Wireless Driver for Windows Vista; C:\windows\system32\DRIVERS\netr28x.sys [2009-06-10 620544]
S3 pciide;pciide; C:\windows\system32\drivers\pciide.sys [2009-07-14 12352]
S3 RDPDR;Terminal Server Device Redirector Driver; C:\windows\System32\drivers\rdpdr.sys [2010-11-20 165888]
S3 RSUSBSTOR;RtsUStor.Sys Realtek USB Card Reader; C:\windows\System32\Drivers\RtsUStor.sys [2010-02-08 239136]
S3 RTL8167;Realtek 8167 NT Driver; C:\windows\system32\DRIVERS\Rt64win7.sys [2010-01-12 325152]
S3 s3cap;s3cap; C:\windows\system32\drivers\vms3cap.sys [2010-11-20 6656]
S3 sdbus;sdbus; C:\windows\system32\drivers\sdbus.sys [2010-11-20 109056]
S3 storvsc;storvsc; C:\windows\system32\drivers\storvsc.sys [2010-11-20 34688]
S3 SynTP;Synaptics TouchPad Driver; C:\windows\system32\DRIVERS\SynTP.sys [2010-06-04 1379376]
S3 TPM;TPM; C:\windows\system32\drivers\tpm.sys [2009-07-14 38400]
S3 TsUsbFlt;TsUsbFlt; C:\windows\system32\drivers\tsusbflt.sys [2010-11-20 59392]
S3 VMBusHID;VMBusHID; C:\windows\system32\drivers\VMBusHID.sys [2010-11-20 21760]
======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======
R2 AESTFilters;Andrea ST Filters Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\AESTSr64.exe [2009-03-03 89600]
R2 AMD External Events Utility;AMD External Events Utility; C:\windows\system32\atiesrxx.exe [2010-08-05 203264]
R2 BackupStack;Computer Backup (MyPC Backup); C:\Program Files (x86)\MyPC Backup\BackupStack.exe [2014-10-22 36936]
R2 btwdins;Bluetooth Service; C:\Program Files\WIDCOMM\Bluetooth Software\btwdins.exe [2010-06-09 952096]
R2 CscService;@%systemroot%\system32\cscsvc.dll,-200; C:\windows\System32\svchost.exe [2009-07-14 27136]
R2 DatamngrCoordinator;Datamngr Coordinator; C:\Program Files (x86)\Movies Toolbar\Datamngr\DatamngrCoordinator.exe [2014-06-30 3573248]
R2 DpHost;@c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe,-128; c:\Program Files\Hewlett-Packard\HP ProtectTools Security Manager\Bin\DpHostW.exe [2010-01-22 462088]
R2 Guard.Mail.ru;Guard.Mail.ru; C:\Program Files (x86)\Guard-ICQ\GuardICQ.exe [2013-04-04 1564368]
R2 HP Power Assistant Service;HP Power Assistant Service; C:\Program Files\Hewlett-Packard\HP Power Assistant\HPPA_Service.exe [2010-08-23 103992]
R2 HP ProtectTools Service;HP ProtectTools Service; c:\Program Files (x86)\Hewlett-Packard\2009 Password Filter for HP ProtectTools\PTChangeFilterService.exe [2010-01-12 36864]
R2 HP Support Assistant Service;HP Support Assistant Service; C:\Program Files (x86)\Hewlett-Packard\HP Support Framework\hpsa_service.exe [2013-11-04 92160]
R2 HP Wireless Assistant Service;HP Wireless Assistant Service; C:\Program Files\Hewlett-Packard\HP Wireless Assistant\HPWA_Service.exe [2010-01-27 102968]
R2 HPDayStarterService;HP DayStarter Service; c:\Program Files\Hewlett-Packard\HP QuickLook\32-bit\HPDayStarterService.exe [2010-05-10 90112]
R2 HPDrvMntSvc.exe;HP Quick Synchronization Service; C:\Program Files (x86)\Hewlett-Packard\Shared\HPDrvMntSvc.exe [2013-05-13 270624]
R2 HpFkCryptService;Drive Encryption Service; c:\Program Files\Hewlett-Packard\Drive Encryption\HpFkCrypt.exe [2010-01-26 281192]
R2 HPFSService;File Sanitizer for HP ProtectTools; C:\Program Files (x86)\Hewlett-Packard\File Sanitizer\HPFSService.exe [2010-05-06 298496]
R2 hpHotkeyMonitor;HP Hotkey Monitor; C:\Program Files (x86)\Hewlett-Packard\HP HotKey Support\hpHotkeyMonitor.exe [2010-03-01 264248]
R2 hpsrv;HP Service; C:\windows\system32\Hpservice.exe [2011-05-13 30520]
R2 ICQ Service;ICQ Service; C:\Program Files (x86)\ICQ6Toolbar\ICQ Service.exe [2011-08-17 247872]
R2 LightScribeService;LightScribeService Direct Disc Labeling Service; C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe [2010-01-22 73728]
R2 MarineAquarium3Free_57Service;Marine Aquarium LiteService; C:\PROGRA~2\MARINE~1\bar\1.bin\57barsvc.exe [2013-10-28 44752]
R2 MsMpSvc;Microsoft Antimalware Service; c:\Program Files\Microsoft Security Client\MsMpEng.exe [2014-08-22 23784]
R2 NetHttpService;Network HTTP Support Service; C:\windows\SysWOW64\nethtsrv.exe [2014-10-21 180224]
R2 pdfcDispatcher;PDF Document Manager; C:\Program Files (x86)\PDF Complete\pdfsvc.exe [2010-01-12 635416]
R2 PSI_SVC_2;Protexis Licensing V2; c:\Program Files (x86)\Common Files\Protexis\License Service\PsiService_2.exe [2007-07-24 185632]
R2 STacSV;Audio Service; C:\windows\System32\DriverStore\FileRepository\stwrt64.inf_amd64_neutral_21dba265e7e67cda\STacSV64.exe [2010-01-29 244736]
R2 uArcCapture;ArcCapture; C:\windows\system\uArcCapture.exe [2009-12-04 506472]
R3 BBUpdate;BBUpdate; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\SeaPort.exe [2014-03-11 247968]
R3 DEBridge;DEBridge; c:\Program Files\Hewlett-Packard\Drive Encryption\SbHpAuthenticatorService.exe [2010-01-26 704512]
R3 hpqwmiex;HP Software Framework Service; C:\Program Files (x86)\Hewlett-Packard\Shared\hpqwmiex.exe [2013-05-13 1129760]
R3 NisSrv;@c:\Program Files\Microsoft Security Client\MpAsDesc.dll,-243; c:\Program Files\Microsoft Security Client\NisSrv.exe [2014-08-22 368624]
S2 BBSvc;BingBar Service; C:\Program Files (x86)\Microsoft\BingBar\7.3.132.0\BBSvc.exe [2014-03-11 193696]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86; C:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2013-09-11 105144]
S2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64; C:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [2013-09-11 124088]
S2 gupdate;Služba Google Update (gupdate); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S2 ProtectMonitor;Protect Monitor; C:\Program Files (x86)\PCData\StartHelp.exe [2014-03-11 90674]
S2 SkypeUpdate;Skype Updater; C:\Program Files (x86)\Skype\Updater\Updater.exe [2013-09-05 171680]
S2 vcsFPService;Validity VCS Fingerprint Service; C:\windows\system32\vcsFPService.exe [2010-02-18 2045232]
S3 ACDaemon;ArcSoft Connect Daemon; C:\Program Files (x86)\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2014-11-28 267440]
S3 AppMgmt;@appmgmts.dll,-3250; C:\windows\system32\svchost.exe [2009-07-14 27136]
S3 aspnet_state;Stavová služba ASP.NET; C:\windows\Microsoft.NET\Framework64\v4.0.30319\aspnet_state.exe [2013-09-11 51808]
S3 FLCDLOCK;HP ProtectTools Device Locking / Auditing; c:\Windows\SysWOW64\flcdlock.exe [2009-12-07 362040]
S3 fsssvc;Windows Live Family Safety Service; C:\Program Files (x86)\Windows Live\Family Safety\fsssvc.exe [2013-02-05 1512448]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2014-10-25 107912]
S3 gusvc;Google Software Updater; C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-03-30 194032]
S3 IEEtwCollectorService;@%SystemRoot%\system32\ieetwcollectorres.dll,-1000; C:\windows\system32\IEEtwCollector.exe [2014-11-06 114688]
S3 ose;Office Source Engine; C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2010-01-09 149352]
S3 osppsvc;Office Software Protection Platform; C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE [2010-01-09 4925184]
S3 PeerDistSvc;@%SystemRoot%\system32\peerdistsvc.dll,-9000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 StorSvc;@%SystemRoot%\System32\StorSvc.dll,-100; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 UmRdpService;@%SystemRoot%\system32\umrdp.dll,-1000; C:\windows\System32\svchost.exe [2009-07-14 27136]
S3 WatAdminSvc;@%SystemRoot%\system32\Wat\WatUX.exe,-601; C:\windows\system32\Wat\WatAdminSvc.exe [2011-11-23 1255736]
S4 NetMsmqActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8195; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetPipeActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8197; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
S4 NetTcpActivator;@C:\windows\Microsoft.NET\Framework64\v4.0.30319\\ServiceModelInstallRC.dll,-8199; C:\windows\Microsoft.NET\Framework64\v4.0.30319\SMSvcHost.exe [2013-09-11 139856]
-----------------EOF-----------------
Odvirování PC, zrychlení počítače, vzdálená pomoc prostřednictvím služby neslape.cz
Totálně zahumusené pc
Moderátor: Moderátoři
Pravidla fóra
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Pokud chcete pomoc, vložte log z FRST [návod zde] nebo RSIT [návod zde]
Jednotlivé thready budou po vyřešení uzamčeny. Stejně tak ty, které budou nečinné déle než 14 dní. Vizte Pravidlo o zamykání témat. Děkujeme za pochopení.
!NOVINKA!
Nově lze využívat služby vzdálené pomoci, kdy se k vašemu počítači připojí odborník a bližší informace o problému si od vás získá telefonicky! Více na www.neslape.cz
Re: Totálně zahumusené pc
Zdravim 
Haveti je tam opravdu hodne, ale pokud je to firemni pocitac, byt pouzivany doma detmi, mel by to resit firemni IT. Behem cisteni takto infikovaneho stroje muze system selhat a pak bude reinstal nutny. A mohl by mit zbytecne problem.
Haveti je tam opravdu hodne, ale pokud je to firemni pocitac, byt pouzivany doma detmi, mel by to resit firemni IT. Behem cisteni takto infikovaneho stroje muze system selhat a pak bude reinstal nutny. A mohl by mit zbytecne problem.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Kachnacicek
Re: Totálně zahumusené pc
Opravdu jsem napsal od firmy? Pracuje jako učitel, dostal ten ntb pro osobní účely.
Vím jen to, co mi řekl, každopádně to chce po mě, něco mi tam začal vykládat, proč to nechce přeinstalovat atd..
Vím jen to, co mi řekl, každopádně to chce po mě, něco mi tam začal vykládat, proč to nechce přeinstalovat atd..
Re: Totálně zahumusené pc
Ano, skola byla jasna, podle loguKachnacicek píše:že prý pc má od firmy a kdesi cosi
Jde o tohle. Bud ho dostal, jakoze naporad a nemusi ho vracet a muze si s nim delat co chce, kdy chce a jak chce, to je jedna moznost.
A nebo ho dostal pro osobni pouziti, ale stale je to majetek firmy/skoly a kdyz se neco stane, budou chtit po nem nahradu.
Jde taky o to, ze firemni stroje byvaji sledovany a nami pouzivane programy tyto "legalni" spiony mazou = opet by mohl mit problem.
Takze jak to tedy je?
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Kachnacicek
Re: Totálně zahumusené pc
Volal jsem mu kvůli tomu, říkal, že s tim může dělat, co chce.
Díky
Díky
Re: Totálně zahumusené pc
Stahnete AdwCleaner https://toolslib.net/downloads/finish/1/ a ulozte ho na plochu.Ukoncete vsechny programy, jinak to AdwCleaner udela za vas.
Kliknete na nej pravym mysidlem a levym na Spustit jako spravce.
Kliknete na Scan a pockejte, az kontrola dobehne.
Pak kliknete na Clean
Program zacne pracovat (muze dojit k restartu pc) a vyplivne log (pripadne bude zde C:\AdwCleaner\AdwCleaner [S?].txt ). Ten mi sem zkopirujte.
Udelejte kontrolu s MBAM. Test nastavte podle tohoto navodu http://forum.viry.cz/viewtopic.php?f=29&t=137928 a dejte sem vysledky. Predem nic nemazte, miva obcas falesne detekcePokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Kachnacicek
Re: Totálně zahumusené pc
Zdravím, tak AdwCleaner log je zde, MBAM zatím běží:
# AdwCleaner v4.103 - Report created 03/12/2014 at 21:23:25
# Updated 01/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Pavel - PAVELS-HP
# Running from : C:\Users\Pavel\Desktop\adwcleaner_4.103.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : BackupStack
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Deleted : ICQ Service
Service Deleted : nethfdrv
Service Deleted : NethxxpService
[#] Service Deleted : ProtectMonitor
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BitGuard
[!] Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[!] Folder Deleted : C:\ProgramData\Datamngr
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
[!] Folder Deleted : C:\Program Files (x86)\Movies Toolbar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter_4zEI
Folder Deleted : C:\Users\Pavel\AppData\Local\iLivid
Folder Deleted : C:\Users\Pavel\AppData\Local\ilividmoviestoolbar181
Folder Deleted : C:\Users\Pavel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Pavel\AppData\Local\torch
Folder Deleted : C:\Users\Pavel\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\ilividmoviestoolbar181
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\VideoDownloadConverter_4zEI
Folder Deleted : C:\Users\Pavel\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Pavel\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4
Folder Deleted : C:\Users\Pavel\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Pavel\Documents\Mobogenie
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
File Deleted : C:\windows\SysWOW64\hfpapi.dll
File Deleted : C:\windows\SysWOW64\installd.exe
File Deleted : C:\windows\SysWOW64\nethtsrv.exe
File Deleted : C:\windows\SysWOW64\netupdsrv.exe
File Deleted : C:\windows\System32\drivers\nethfdrv.sys
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\Pavel\daemonprocess.txt
File Deleted : C:\Users\Pavel\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Pavel\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : LaunchApp
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Key Deleted : HKCU\Software\f0d8dce26ee910
Key Deleted : HKLM\SOFTWARE\f0d8dce26ee910
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MarineAquarium3Free_57 Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{327F75ED-061B-4339-8CC6-5DD45AD1396D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividmoviestoolbar181
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\MarineAquarium3Free_57
Key Deleted : HKCU\Software\AppDataLow\Software\MarineAquarium3Free_57
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\TrustMediaViewerV1
Key Deleted : HKLM\SOFTWARE\MarineAquarium3Free_57
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181CR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181IE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MarineAquarium3Free_57bar Uninstall Internet Explorer
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
-\\ Google Chrome v39.0.2171.71
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=D665CC52AF995BA9
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=706&systemid=406&v=a13203-307&apn_uid=9721408451854144&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=59B9F8CC-82B1-4D4A-A9F3-FD108F8303BD&n=780b5fa8&ind=2014011304&p2=^AYY^xdm095^YYA^cz&si=pconverter
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=706&systemid=406&v=a13203-307&apn_uid=9721408451854144&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 03-307&t=4
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 03-307&t=4
*************************
AdwCleaner[R0].txt - [21804 octets] - [03/12/2014 21:20:45]
AdwCleaner[S0].txt - [19564 octets] - [03/12/2014 21:23:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19625 octets] ##########
# AdwCleaner v4.103 - Report created 03/12/2014 at 21:23:25
# Updated 01/12/2014 by Xplode
# Database : 2014-12-03.1 [Live]
# Operating System : Windows 7 Professional Service Pack 1 (64 bits)
# Username : Pavel - PAVELS-HP
# Running from : C:\Users\Pavel\Desktop\adwcleaner_4.103.exe
# Option : Clean
***** [ Services ] *****
Service Deleted : BackupStack
[#] Service Deleted : DatamngrCoordinator
[#] Service Deleted : F06DEFF2-5B9C-490D-910F-35D3A9119622
Service Deleted : ICQ Service
Service Deleted : nethfdrv
Service Deleted : NethxxpService
[#] Service Deleted : ProtectMonitor
***** [ Files / Folders ] *****
Folder Deleted : C:\ProgramData\Babylon
Folder Deleted : C:\ProgramData\BitGuard
[!] Folder Deleted : C:\ProgramData\DataMngr
Folder Deleted : C:\ProgramData\ICQ\ICQToolbar
[!] Folder Deleted : C:\ProgramData\Datamngr
Folder Deleted : C:\ProgramData\AlawarWrapper
Folder Deleted : C:\Program Files (x86)\ICQ6Toolbar
[!] Folder Deleted : C:\Program Files (x86)\Movies Toolbar
Folder Deleted : C:\Program Files (x86)\MyPC Backup
Folder Deleted : C:\Program Files (x86)\VideoDownloadConverter_4zEI
Folder Deleted : C:\Users\Pavel\AppData\Local\iLivid
Folder Deleted : C:\Users\Pavel\AppData\Local\ilividmoviestoolbar181
Folder Deleted : C:\Users\Pavel\AppData\Local\Mobogenie
Folder Deleted : C:\Users\Pavel\AppData\Local\torch
Folder Deleted : C:\Users\Pavel\AppData\Local\AlawarWrapper
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\DataMngr
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\ilividmoviestoolbar181
Folder Deleted : C:\Users\Pavel\AppData\LocalLow\VideoDownloadConverter_4zEI
Folder Deleted : C:\Users\Pavel\AppData\Roaming\BabSolution
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Babylon
Folder Deleted : C:\Users\Pavel\AppData\Roaming\D394D188-BAC7-4e03-8FAF-389A4D7EC6F4
Folder Deleted : C:\Users\Pavel\AppData\Roaming\PerformerSoft
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BitGuard
Folder Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
Folder Deleted : C:\Users\Pavel\Documents\Mobogenie
Folder Deleted : C:\Users\Public\Documents\AlawarWrapper
File Deleted : C:\windows\SysWOW64\hfpapi.dll
File Deleted : C:\windows\SysWOW64\installd.exe
File Deleted : C:\windows\SysWOW64\nethtsrv.exe
File Deleted : C:\windows\SysWOW64\netupdsrv.exe
File Deleted : C:\windows\System32\drivers\nethfdrv.sys
File Deleted : C:\windows\System32\roboot64.exe
File Deleted : C:\Users\Pavel\daemonprocess.txt
File Deleted : C:\Users\Pavel\AppData\Local\Temp\Uninstall.exe
File Deleted : C:\Users\Pavel\AppData\Roaming\BabMaint.exe
File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Internet Explorer\Quick Launch\iLivid.lnk
File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\iLivid.lnk
File Deleted : C:\Users\Pavel\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\bprotectorpreferences
File Deleted : C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\bprotector web data
***** [ Scheduled Tasks ] *****
Task Deleted : AmiUpdXp
Task Deleted : LaunchApp
***** [ Shortcuts ] *****
***** [ Registry ] *****
Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\nohfdhapjjlndfgjnmdlcabloeembdkj
Key Deleted : HKCU\Software\Classes\iLivid.torrent
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\babylon.com
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\ICQ\ICQToolBar
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [iLivid]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\ICQ Service.exe
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCDGrabber2.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioCompress3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFile3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\AppID\NCTAudioFormatSettings3.DLL
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook
Key Deleted : HKLM\SOFTWARE\Classes\ICQToolBar.IEHook.1
Key Deleted : HKLM\SOFTWARE\Classes\iLivid.torrent
Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho
Key Deleted : HKLM\SOFTWARE\Classes\protector_dll.protectorbho.1
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard
Key Deleted : HKLM\SOFTWARE\Classes\SearchQUIEHelper.DNSGuard.1
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd
Key Deleted : HKLM\SOFTWARE\Classes\Updater.AmiUpd.1
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\MobogenieAdd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [mobilegeni daemon]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
Key Deleted : HKCU\Software\f0d8dce26ee910
Key Deleted : HKLM\SOFTWARE\f0d8dce26ee910
Value Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [MarineAquarium3Free_57 Browser Plugin Loader]
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5D723752-5899-47E8-99B4-62C824EF9E13}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{5E50AE1D-BC76-418B-94C4-EFEAC0CEF80C}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F54A0D21-6A53-460C-8301-C694EC9E1033}
Key Deleted : HKLM\SOFTWARE\Classes\AppID\{F7BCCFD4-2FA6-477D-A1B0-EF7500B3C49E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{03F14321-8FED-4CBC-B01A-4B57FC199062}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{13119113-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{2C6F7E96-73BC-47A5-9F51-B67F0BAFE24D}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{33119133-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{35B8892D-C3FB-4D88-990D-31DB2EBD72BD}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4C58EB04-7B72-4D3D-A36E-66167A99BC31}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{4EE0B011-604C-47F3-8F2B-39F79640B85E}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5EB0259D-AB79-4AE6-A6E6-24FFE21C3DA4}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{67BD9EEB-AA06-4329-A940-D250019300C9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AF175732-0D59-716D-F757-9F1492D808D9}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CADAF6BE-BF50-4669-8BFD-C27BD4E6181B}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{CD5175E2-7CC1-418C-B66C-0AB95DAD4103}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{03119103-0854-469D-807A-171568457991}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{43B4B831-F41F-4F73-8F14-4FFF0BA75B1B}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6A4BCABA-C437-4C76-A54E-AF31B8A76CB9}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6C9945B7-1D19-46CB-88C0-45A24DF6CD6E}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{84B9B044-17C0-48FB-A300-C9747D5DF29C}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{93E3D79C-0786-48FF-9329-93BC9F6DC2B3}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{A0EE0278-2986-4E5A-884E-A3BF0357E476}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{99E29823-2F67-41C3-8AA5-6425097A771F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{F6C07882-D703-4DD5-905A-2C4E815A5066}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{38122A36-83B2-46B8-B39A-EC72A4614A07}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Explorer Bars\{855F3B16-6D32-4FE6-8A56-BBB695989046}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{855F3B16-6D32-4FE6-8A56-BBB695989046}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{327F75ED-061B-4339-8CC6-5DD45AD1396D}]
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{CC1AC828-BB47-4361-AFB5-96EEE259DD87}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\CLSID\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{1B730ACF-26A3-447B-9994-14AEE0EB72CC}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{23119123-0854-469D-807A-171568457991}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{2BEF239C-752E-4001-8048-F256E0D8CD93}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{3F607E46-0D3C-4442-B1DE-DE7FA4768F5C}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{49C00A51-6E59-41FE-B3FA-2D2157FAD67B}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{6DFF5DBA-AE3A-46DB-B301-ECFFC6DB2982}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9EDC0C90-2B5B-4512-953E-35767BAD5C67}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{D54C859C-6066-4F31-8FE0-2AAEDCAE67D7}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{DE34CD67-F1C8-4001-9A23-B8A68F63F377}
Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{FE0273D1-99DF-4AC0-87D5-1371C6271785}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{D1DAC034-9FD9-4C13-A388-D2E10E57707F}
Value Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{D1DAC034-9FD9-4C13-A388-D2E10E57707F}]
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{6552C7DD-90A4-4387-B795-F8F96747DE19}
Key Deleted : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD2406}
Key Deleted : HKCU\Software\APNDTX
Key Deleted : HKCU\Software\BABSOLUTION
Key Deleted : HKCU\Software\BabylonToolbar
Key Deleted : HKCU\Software\DataMngr
[#] Key Deleted : HKCU\Software\DataMngr_Toolbar
Key Deleted : HKCU\Software\filescout
Key Deleted : HKCU\Software\ICQ\ICQToolbar
Key Deleted : HKCU\Software\ilivid
Key Deleted : HKCU\Software\ilividmoviestoolbar181
Key Deleted : HKCU\Software\performersoft llc
Key Deleted : HKCU\Software\torch
Key Deleted : HKCU\Software\MarineAquarium3Free_57
Key Deleted : HKCU\Software\AppDataLow\Software\MarineAquarium3Free_57
Key Deleted : HKLM\SOFTWARE\Babylon
Key Deleted : HKLM\SOFTWARE\DataMngr
Key Deleted : HKLM\SOFTWARE\DeviceVM
Key Deleted : HKLM\SOFTWARE\ICQ\ICQToolbar
Key Deleted : HKLM\SOFTWARE\MediaBuzzV1
Key Deleted : HKLM\SOFTWARE\MediaWatchV1
Key Deleted : HKLM\SOFTWARE\torch
Key Deleted : HKLM\SOFTWARE\TrustMediaViewerV1
Key Deleted : HKLM\SOFTWARE\MarineAquarium3Free_57
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\ilivid
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{99C91FC5-DB5B-4AA0-BB70-5D89C5A4DF96}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Delta Chrome Toolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ICQToolbar
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181CR
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\ilividmoviestoolbar181IE
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\inethnfd
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MarineAquarium3Free_57bar Uninstall Internet Explorer
Key Deleted : [x64] HKLM\SOFTWARE\DeviceVM
Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\dprotectsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\jumpflip
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchinstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotector.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchsettings64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\umbrella.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\utiljumpflip.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\volaro
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\vonteera
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroids.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\websteroidsservice.exe
Key Deleted : HKCU\Software\Microsoft\Internet Explorer\LowRegistry\DOMStorage\ask.com
***** [ Browsers ] *****
-\\ Internet Explorer v11.0.9600.17420
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [ICQ Search]
Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Secondary Start Pages]
-\\ Google Chrome v39.0.2171.71
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.icq.com/search/results.php?q={searchTerms}&ch_id=osd
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://www2.delta-search.com/?q={searchTerms}&affID=119816&babsrc=SP_ss&mntrId=D665CC52AF995BA9
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=706&systemid=406&v=a13203-307&apn_uid=9721408451854144&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://search.tb.ask.com/search/GGmain.jhtml?searchfor={searchTerms}&st=kwd&ptb=59B9F8CC-82B1-4D4A-A9F3-FD108F8303BD&n=780b5fa8&ind=2014011304&p2=^AYY^xdm095^YYA^cz&si=pconverter
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data] - Deleted [Search Provider] : hxxp://dts.search.ask.com/sr?src=crb&gct=ds&appid=706&systemid=406&v=a13203-307&apn_uid=9721408451854144&apn_dtid=BND406&o=APN10645&apn_ptnrs=AG6&q={searchTerms}
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Homepage] : hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 03-307&t=4
[C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\preferences] - Deleted [Startup_URLs] : hxxp://www.search.ask.com/?o=APN10645A&gct=hp& ... 03-307&t=4
*************************
AdwCleaner[R0].txt - [21804 octets] - [03/12/2014 21:20:45]
AdwCleaner[S0].txt - [19564 octets] - [03/12/2014 21:23:25]
########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [19625 octets] ##########
Re: Totálně zahumusené pc
Pokud neco najde (predpokladam ze najde, kdyz bude fungovat spravne), tak ho pak nezavirejte. Nechte ho minimalizovany na liste, at nemusite test opakovat.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Kachnacicek
Re: Totálně zahumusené pc
Musel jsem to pustit ještě jednou, pc se po dokončení scanu minule seklo.. Zatím to vypadá takhle: 49 detekovaných souborů. Tak pak pošlu log až to doběhne celé, snad se to povede...
Re: Totálně zahumusené pc
OK. Pripadne ho zkuste spustit v nouzovem rezimu.
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Kachnacicek
Re: Totálně zahumusené pc
Pořád běží, už 2 a půl hodiny, oskenováno cca 350 000 objektů, z toho 84 detekovaných.
-
Kachnacicek
Re: Totálně zahumusené pc
Tady je ten log:
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 4.12.2014
Scan Time: 17:45:18
Logfile: MBAM - log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2014.12.04.07
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Pavel
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 728842
Time Elapsed: 2 hr, 58 min, 11 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 192
PUP.Optional.AudioToAudioToolBar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MarineAquarium3Free_57Service, , [a92e5707f389db5baf5782b40af63dc3],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{07189b84-b33b-4a1e-9b32-ad203c983c20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{074d3229-0a22-491b-b9dd-ff3171d75f25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{d35349a7-84d1-4a70-8536-e9c1f77dcf5b}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{fdb8f0c7-adf7-4a45-b762-fe8ef4970dbd}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3C4E958B-177E-4B3A-A998-4B0263A9564D}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{638B87E0-5EF3-45FA-ACB8-2C7C67958665}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6A1F6969-2069-4036-A0AB-07D4628DF5A1}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6F776034-C1E7-41CB-B099-839FCA62E732}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E9E780CC-8821-4B00-B4F9-F4C4F82BE2C7}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F4D12989-AF1C-4363-BFCF-B9AD96D18B0F}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3C4E958B-177E-4B3A-A998-4B0263A9564D}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{638B87E0-5EF3-45FA-ACB8-2C7C67958665}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6A1F6969-2069-4036-A0AB-07D4628DF5A1}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6F776034-C1E7-41CB-B099-839FCA62E732}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E9E780CC-8821-4B00-B4F9-F4C4F82BE2C7}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F4D12989-AF1C-4363-BFCF-B9AD96D18B0F}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{fdb8f0c7-adf7-4a45-b762-fe8ef4970dbd}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SettingsPlugin.1, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SettingsPlugin, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SettingsPlugin, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SettingsPlugin.1, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D35349A7-84D1-4A70-8536-E9C1F77DCF5B}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MarineAquarium3Free_57bar Uninstall Firefox, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07189B84-B33B-4A1E-9B32-AD203C983C20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07189B84-B33B-4A1E-9B32-AD203C983C20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings, , [f3e4eb73087441f5fba438c96b98758b],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings.1, , [81564a14275570c6e6b9bc4561a2c33d],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings, , [81564a14275570c6e6b9bc4561a2c33d],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings.1, , [81564a14275570c6e6b9bc4561a2c33d],
PUP.Adware.Gotclip.ScamLotto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GotClip, , [894e5fffaece3cfa1e412d71c9378d73],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [3b9c3e2075078ea8692fd8e5a65eda26],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, , [f4e33f1f7c0006306094c0a8a55ea55b],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\MediaBuzzV1mode8195, , [399edd81730988aeccf9adc444bf9070],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home7104, , [16c1f9651e5ef83e196a9d181be942be],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release4186, , [86518cd2116b53e3a25a46257390867a],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release6582, , [6e6907577c005adc23d9aebd55aed42c],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release927, , [6c6b95c999e35adcfefe5a11867d5fa1],
PUP.Optional.TrustMediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\TrustMediaViewerV1alpha3397, , [7760372787f554e247edee73649ff010],
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaabcbmongicmdegkmmfgdickgnnob, , [27b059055d1f94a24d6feb83788b15eb],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [d0078cd2f58752e444549e1ffd0720e0],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@MarineAquarium3Free_57.com/Plugin, , [5087e07e2b51d95d32a00c6734cf2dd3],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MarineAquarium3Free_57, , [86511a445c204ee8935ad694c93a6f91],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3ca77147-e5a4-43ba-80b2-efa3245f8d88}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{09e63ba3-09c7-4d20-9e4b-2ebad3be5b50}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AD6CED5C-457E-43DC-BD4B-D5ED0B87FAB4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F1FD4F87-D0FD-4A5C-90A7-9A7696FFAEC0}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F62FBB9B-25D9-41C5-97C0-7ED7AFBF2410}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AD6CED5C-457E-43DC-BD4B-D5ED0B87FAB4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F1FD4F87-D0FD-4A5C-90A7-9A7696FFAEC0}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F62FBB9B-25D9-41C5-97C0-7ED7AFBF2410}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{09e63ba3-09c7-4d20-9e4b-2ebad3be5b50}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ToolbarProtector.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ToolbarProtector, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ToolbarProtector, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ToolbarProtector.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3f9c1414-58f0-4fbb-9ee6-ab948b604ebd}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2f868090-a282-4c80-ac30-f743c9becadf}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2BEA8EF6-4B9D-43DF-9C32-5B91B65E3E58}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C8D39FE3-DCB1-4E94-9192-A176FC1F19BB}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D4517E61-49A5-4712-B487-950FEC8DB4B9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2BEA8EF6-4B9D-43DF-9C32-5B91B65E3E58}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C8D39FE3-DCB1-4E94-9192-A176FC1F19BB}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D4517E61-49A5-4712-B487-950FEC8DB4B9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2f868090-a282-4c80-ac30-f743c9becadf}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{536e7ae2-c94c-4256-b035-8ec24e6245dd}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a29ba259-04a2-426b-949f-d486e674df9b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C9FA2928-5ED3-47AD-996C-997F6A9003EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C9FA2928-5ED3-47AD-996C-997F6A9003EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a29ba259-04a2-426b-949f-d486e674df9b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b4b7b983-0df7-4153-8551-a82806009611}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.DynamicBarButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.DynamicBarButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.DynamicBarButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.DynamicBarButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f153e08e-19e7-4ece-bb2b-afe06394c6ea}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{199350af-34c3-496f-a764-f4bf91cf2835}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A91067AB-9AC6-4607-B9F2-FB62228195EF}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C17F2CA9-F618-4D8C-9C7E-78F9779D3FAA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A91067AB-9AC6-4607-B9F2-FB62228195EF}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C17F2CA9-F618-4D8C-9C7E-78F9779D3FAA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{199350af-34c3-496f-a764-f4bf91cf2835}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.FeedManager.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.FeedManager, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.FeedManager, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.FeedManager.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C0FD73B4-C692-4061-B36F-BC15B111314C}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLMenu.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLMenu, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLMenu, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLMenu.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C0FD73B4-C692-4061-B36F-BC15B111314C}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7706dcce-fed8-4ed7-80b2-5f88c33ee317}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{83783d62-ec4a-4cdd-acb3-b2a4bf184959}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{107C2EDD-3388-452B-A6B8-2AAD8EF816B6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D5CEC7EB-7D25-47BF-AA42-5DB03938509F}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{107C2EDD-3388-452B-A6B8-2AAD8EF816B6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D5CEC7EB-7D25-47BF-AA42-5DB03938509F}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{83783d62-ec4a-4cdd-acb3-b2a4bf184959}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ad750e83-1c56-4196-90e3-e5a0f3c5421c}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.MultipleButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.MultipleButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.MultipleButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.MultipleButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{d66a4b11-4d17-4383-8090-ec2045d241c5}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e9b11175-96ea-4919-b73b-3be71d2e8954}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0CD3C780-F128-4E7F-BA5C-A7B4FE0B904E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6DBD484A-FAA1-4E09-9D82-5B472D9774E8}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{76A9FB77-FA97-4656-8B91-25848DC7BFD6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0CD3C780-F128-4E7F-BA5C-A7B4FE0B904E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6DBD484A-FAA1-4E09-9D82-5B472D9774E8}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{76A9FB77-FA97-4656-8B91-25848DC7BFD6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{e9b11175-96ea-4919-b73b-3be71d2e8954}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D66A4B11-4D17-4383-8090-EC2045D241C5}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{77225af4-00ff-49de-94ae-7818936b6631}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{09252fa9-17ba-453c-9890-644aace70b2b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{67C605D7-71E7-40B7-AF78-8E382E039E8B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{67C605D7-71E7-40B7-AF78-8E382E039E8B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{09252fa9-17ba-453c-9890-644aace70b2b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.RadioSettings.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.RadioSettings, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.RadioSettings, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.RadioSettings.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f6e8add0-7744-4d57-8ab7-1ca4c6e0d0a0}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.Radio.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.Radio, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.Radio, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.Radio.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{94c67622-4e77-495a-9457-c8064c92a228}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ScriptButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ScriptButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ScriptButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ScriptButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{cc721fc9-8900-4e3d-a4be-359e6af8e9bb}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{00c5edb1-1261-41eb-8fee-9c0c2cd98058}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0A4376DD-C64A-4499-86BA-54578FD3BE3E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1E66D651-C63F-4B5A-8DBB-4C093647BF9B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3E3BEAE8-5B73-4AA4-8191-6AAD3E17D7CC}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E1700B22-E107-4EC6-943E-5FBBADF213B3}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0A4376DD-C64A-4499-86BA-54578FD3BE3E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1E66D651-C63F-4B5A-8DBB-4C093647BF9B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3E3BEAE8-5B73-4AA4-8191-6AAD3E17D7CC}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E1700B22-E107-4EC6-943E-5FBBADF213B3}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{00c5edb1-1261-41eb-8fee-9c0c2cd98058}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CC721FC9-8900-4E3D-A4BE-359E6AF8E9BB}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e55ebb8c-fb31-4a98-a514-4ecc5fd9c634}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f90c885b-332c-4379-965c-3ef665f369dc}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F90C885B-332C-4379-965C-3EF665F369DC}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{dd4285fa-3345-4b73-92e5-4de464edc3b2}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d458d0d1-08f3-4dc9-9c67-ade048ae0ef9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C71EA797-7B15-438B-894A-9AB54D752430}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DA60568C-C30E-4680-ADEA-89BF1DD050EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C71EA797-7B15-438B-894A-9AB54D752430}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DA60568C-C30E-4680-ADEA-89BF1DD050EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{d458d0d1-08f3-4dc9-9c67-ade048ae0ef9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{DD4285FA-3345-4B73-92E5-4DE464EDC3B2}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2284a20f-8e7e-4eae-ad01-3c983281c570}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.UrlAlertButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.UrlAlertButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.UrlAlertButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.UrlAlertButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{eda1dca1-c71d-46e7-b504-6cefd21ee60d}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{fb84548c-47c9-4323-820b-9e46b50e9947}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5777FB26-1203-4D16-A47F-24B3FF5E0476}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{71AC0D70-4274-4B53-8101-26F7249EAFE4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5777FB26-1203-4D16-A47F-24B3FF5E0476}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{71AC0D70-4274-4B53-8101-26F7249EAFE4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{fb84548c-47c9-4323-820b-9e46b50e9947}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLPanel.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLPanel, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLPanel, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLPanel.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{EDA1DCA1-C71D-46E7-B504-6CEFD21EE60D}, , [1abd273769133ef84a52da442bd89d63],
Registry Values: 13
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{07189B84-B33B-4A1E-9B32-AD203C983C20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{07189b84-b33b-4a1e-9b32-ad203c983c20}, , [e0f793cb6319d95d13ed4a7f1ae842be],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Marine Aquarium Lite Home Page Guard 64 bit, "C:\PROGRA~2\MARINE~1\bar\1.bin\AppIntegrator64.exe", , [d4038bd3fb8173c37cdde7c1b25221df]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Marine Aquarium Lite Search Scope Monitor, "C:\PROGRA~2\MARINE~1\bar\1.bin\57srchmn.exe" /m=2 /w /h, , [1abd144adaa2e74f7a10a91306febd43]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home7104.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home7104\ff, , [b522114d7606e452e2a28e27d52f8f71]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode8195.net, C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8195\ff, , [73641d41e597d6604b7bb7ba679c30d0]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release927.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release927\ff, , [dff8b3abcab2da5ce516313a13f0e21e]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release6582.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6582\ff, , [6c6b1c424d2f50e6c6352e3d6b98926e]
PUP.Optional.TrustMediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@TrustMediaViewerV1alpha3397.net, C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3397\ff, , [597ea8b6e399280e42f3f26f5aa918e8]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release4186.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release4186\ff, , [0bcc2b33136940f6e91272f9c142817f]
PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll, , [36a1f26c512b3df9fc9d615c8f7528d8]
PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll, , [2aad0a546f0de05655446e4f6a9afd03]
PUP.Optional.SpeedTest, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest4354@BestOffers, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, , [95420b53314b2c0a4496ed6ebd467090]
Registry Data: 0
(No malicious items detected)
Folders: 35
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\common, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\_metadata, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\chrome, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\ThirdPartyInstallers, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\gen1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\IE9Mesg, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Message, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Settings, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin, , [1cbb4d11f18ba78f35eb49e358abdf21],
Files: 245
PUP.Optional.AudioToAudioToolBar.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57barsvc.exe, , [a92e5707f389db5baf5782b40af63dc3],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bar.dll, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MyPCBackup.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir, , [f9debba34c30d46264c613ce40c11ee2],
PUP.Optional.MyPCBackup.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Service Start.exe.vir, , [35a2c995bcc0aa8c8d9dab368978649c],
PUP.Optional.Ilivid, C:\AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\iLivid\Uninstall.exe.vir, , [6176c49a413b37ffa1c315d0f20f9967],
PUP.Optional.PCPerformer.A, C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir, , [c710a3bb8fedec4abf6d43dec9377d83],
PUP.Optional.NetFilter, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\hfpapi.dll.vir, , [439466f8bfbd0234090b09be13ee946c],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\nethtsrv.exe.vir, , [e4f30a54760670c60f6e129799688a76],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\netupdsrv.exe.vir, , [449366f8512bfb3bf08e5158728f07f9],
PUP.Optional.NetFilter, C:\Windows\SysWOW64\hfnapi.dll, , [cd0a2f2f433988ae898a4f7851b017e9],
PUP.Optional.Amonetize, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[1].exe, , [9a3d3b23f88435016b06ce01e61b11ef],
PUP.Optional.Amonetize, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[2].exe, , [4e893d21afcd9b9bfc75d9f61ae7ca36],
PUP.Optional.Amonetize, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[3].exe, , [2bac1d4117651a1c9ed3ffd0dd242dd3],
PUP.Optional.Amonetize, C:\Windows\Temp\0195efd7-b9eb-4671-df2d-7997f82867d3.exe, , [0ccbea74473587af98d9438cb44deb15],
PUP.Optional.Amonetize, C:\Windows\Temp\78419ea7-dc6b-4b46-9336-ee53d75ac533.exe, , [b027d88607759b9b92df9d32f011df21],
PUP.Optional.Amonetize, C:\Windows\Temp\Updater.exe, , [4196abb32b512511bdb4824d21e0d22e],
PUP.Optional.Amonetize, C:\Windows\Temp\f3704209-6d15-4298-8408-bc7fca399fba.exe, , [6e69c896601c8fa7640d408fcc35c838],
PUP.Optional.Amonetize, C:\Windows\Temp\fdded0d7-1d8e-45a1-8f75-13b24cb2231e.exe, , [8e497fdf81fb59ddc4add5fa9f62e020],
PUP.Optional.Ilivid, C:\Windows\Temp\5e581c25\SetupDataMngr_iLivid.exe, , [399e045a4e2ee254fa6af5f039c8728e],
PUP.Optional.Ilivid, C:\Windows\Temp\b54e6703\SetupDataMngr_iLivid.exe, , [d205c19d8cf04bebe77de6ff20e16b95],
Trojan.BitMiner, C:\Program Files (x86)\DoubleOptMedia\deinstaller.exe, , [8156035b97e5b482c91b04a79f6331cf],
Trojan.BitMiner, C:\Program Files (x86)\DoubleOptMedia\Installer.exe, , [9c3b025c3d3f61d58d5853589a686c94],
Trojan.BitMiner, C:\Program Files (x86)\DoubleOptMedia\ProcessUsage.exe, , [06d18ed07ffdce684cf3f90a5fa37888],
Trojan.Agent.VU, C:\Program Files (x86)\DoubleOptMedia\VideoUsage.exe, , [24b3e47af88467cf001330a5a460867a],
PUP.Adware.Gotclip.ScamLotto, C:\Program Files (x86)\GotClip\Uninstall.exe, , [894e5fffaece3cfa1e412d71c9378d73],
PUP.Optional.BitMiner, C:\Program Files (x86)\PCData\cgminer.exe, , [8f48fc622854191d4745adefe61cd927],
Riskware.BitcoinMiner, C:\Program Files (x86)\PCData\minerd.exe, , [b81fc896c9b34fe758876bf246bbc43c],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8EXTPEX.DLL, , [d40337274b31ac8a2bb8e5672ad641bf],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8TICKER.DLL, , [bd1ac49a017b84b287b495fb9471ed13],
PUP.Optional.Amonetize.A, C:\Users\Pavel\AppData\Local\18362\a19002.exe, , [9e39065888f4b482a25177c2f808a858],
PUP.Optional.Amonetize, C:\Users\Pavel\AppData\Local\29614\Updater.exe, , [3f989cc2c4b856e0e58c7b54629fd12f],
PUP.Optional.Amonetize.A, C:\Users\Pavel\AppData\Local\6984\a30422.exe, , [d304e6785725191d68d3c097e917e818],
PUP.Optional.MyPCBackup.A, C:\Users\Pavel\AppData\Local\Temp\BackupSetup.exe, , [7a5da7b797e55dd93ded6c757190da26],
PUP.Optional.Amonetize, C:\Users\Pavel\AppData\Local\Temp\Updater.exe, , [ba1d76e82c506cca2b46329dd62b926e],
PUP.Optional.Amonetize, C:\Users\Pavel\AppData\Local\Temp\drv90201.exe, , [fed968f68def85b16b067e5171908878],
PUP.Optional.Delta.A, C:\Users\Pavel\AppData\Local\Temp\DeltaTB.exe, , [15c225394834df577d101f0406fb827e],
PUP.Optional.RichMediaView.A, C:\Users\Pavel\AppData\Local\Temp\aplinstal.exe, , [0ec90955e3999a9c4599018d18ed19e7],
PUP.Optional.ShoppingSuggestion.A, C:\Users\Pavel\AppData\Local\Temp\presetup.exe, , [0ccb0e50215b70c67e595e7e39c833cd],
PUP.Optional.Btcmine, C:\Users\Pavel\AppData\Local\Temp\compatibility.exe, , [af28c995522aa096c0848c4945bf53ad],
PUP.Optional.Babylon.A, C:\Users\Pavel\AppData\Local\Temp\CB70A985-BAB0-7891-A29F-14023A238CFC\Latest\BExternal.dll, , [4196302ed2aa58debd7e6fb4b14f03fd],
PUP.Optional.Babylon.A, C:\Users\Pavel\AppData\Local\Temp\CB70A985-BAB0-7891-A29F-14023A238CFC\Latest\CrxInstaller.dll, , [a037015d8def2c0a95a860d53fc2c838],
PUP.Optional.Babylon.A, C:\Users\Pavel\AppData\Local\Temp\CB70A985-BAB0-7891-A29F-14023A238CFC\Latest\Setup.exe, , [2fa8015df6866dc99ef16eb204fc956b],
PUP.Optional.OpenCandy, C:\Users\Pavel\AppData\Local\Temp\nsc2932.tmp\DTLite.exe, , [7760d985dca043f388445f27cb3acb35],
PUP.Optional.OpenCandy, C:\Users\Pavel\Desktop\Pavel\DTLite-setup.exe, , [b6219ac4f28a082edcf088fedd28ad53],
PUP.Optional.OpenCandy, C:\Users\Pavel\Desktop\Spore-CZ-plnÄ?Ë?-verze!!\Spore-FALLOS\Daemon tools\DTLite4461-0327.exe, , [ebeca9b5cfad9e98e0ecbbcbb64f15eb],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-Nbj9y7gOj.exe, , [587f3b23bcc03ef8e9bd01cfc93b4fb1],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-Nd5zDzT6C.exe, , [8453520c82fa7cba297d0dc37391f010],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-NfoKBYfVN.exe, , [7b5c431b6d0f93a39f07725ed72d8a76],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N0nyau2CC.exe, , [0dca2c32bcc052e4881e20b00ef6857b],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N38OmMdt9.exe, , [c017025caad21c1ad7cfa52ba163f010],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N3XhjFP5q.exe, , [19be5a04fc807cbaf6b0fed20103936d],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N4dBJ9LVP.exe, , [9344bba3314bde58bfe78d430cf80cf4],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N89GBJSA0.exe, , [cc0b67f7d1ab9b9bc7df973908fcac54],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NaW5HixpN.exe, , [cb0cafaff08c8ea8b8ee6c6447bd07f9],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NaWHpb4gw.exe, , [7f58421c6a1295a1ccda7f51f50f03fd],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NcZ6HHQQy.exe, , [9e3970eec9b3e452cdd9fdd38c78de22],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NfG4NkSys.exe, , [26b1c09e502c69cda204369ab64eb848],
PUP.Optional.InstallBrain.A, C:\Users\Pavel\Downloads\VideoPerformerSetup.exe, , [c611510df8841e188895027f39c8e31d],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-NbEUvNrR1.exe, , [4a8d500e6a120333edb95080c34145bb],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N0kKRJYVV.exe, , [35a279e5ea92ba7c099d953b1aea639d],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N0uuUbsRc.exe, , [f5e23c223a42fc3a8026a32d7b89d828],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N21WVux8D.exe, , [815663fb403cd85e8a1cb31df80c16ea],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N24gIShNT.exe, , [23b4312d03793600fea8735d38cc4fb1],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N4kyIkOud.exe, , [14c3b9a54537af871c8acf01689cb050],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N5ALQ3Kpc.exe, , [9c3b441af28ab680287e29a7689c53ad],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N659Djewg.exe, , [c5121f3f98e46dc90e9877596f955fa1],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N6o4VNVcC.exe, , [c116500e621ace683b6b686817edec14],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N7CraYYSr.exe, , [06d199c59ce04fe7396d963a12f2a25e],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N7o0J3XqM.exe, , [5483035be59788aeadf97b55857f3cc4],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N8VVGpIe2.exe, , [498ec9959ddf053102a4a72954b012ee],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N9LCt1hcH.exe, , [dafd2935fa8267cf22840cc44bb9ab55],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-Na8Buw4gr.exe, , [b91e5905285434022284ffd1e61ec53b],
PUP.Optional.ClientConnect, C:\Users\Pavel\Downloads\SweetPlayer_TSA24GCG0.exe, , [b7204c12a9d348ee586e9f1ca061d030],
PUP.Optional.Conduit, C:\Users\Pavel\Downloads\SweetPlayer_TSA24GCGE.exe, , [b522d08eb2cad85ed400aa0c56ab2bd5],
PUP.Optional.Conduit, C:\Users\Pavel\Downloads\SweetPlayer_TSA24GCGI.exe, , [c71098c66517cb6b2fa5a5112bd60cf4],
PUP.Optional.Amonetize.A, C:\Users\Pavel\Downloads\GotClipDownloader__6629_i431998959_il4753234.exe, , [1cbbcd91740864d203b2d862817fc23e],
PUP.Optional.Amonetize.A, C:\Users\Pavel\Downloads\GotClipDownloader__6629_i431999524_il4753234.exe, , [0dcacb9384f852e491245bdfdc242fd1],
PUP.Optional.Bandoo, C:\Users\Pavel\Downloads\iLividSetup-r706-n-bc.exe, , [b0270f4f215b43f3e8f348dd5ba6ac54],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\data.xml, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.MindSpark, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\AppIntegrator64.exe, , [d4038bd3fb8173c37cdde7c1b25221df],
PUP.Optional.MindSpark, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe, , [1abd144adaa2e74f7a10a91306febd43],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\manifest.json, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\background.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\config.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\registry.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\reporting.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\utils.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\build.json, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_128x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_19x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_24x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_32x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_grey_19x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\toolbar-icons.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\popup.html, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css\bootstrap.css, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css\bootstrap.css.map, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css\uninstallInfo.css, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\ask_logo.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\cinema.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\comedy.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\m.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\magazine.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\movies.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\options.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\reviews.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\search.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\star.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\toolbar-icon-ask.ico, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\trailers.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js\bootstrap.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js\jquery.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js\popup.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\_metadata\verified_contents.json, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57auxstb.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bprtct.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brmon.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brstub.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57datact.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57dlghk.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57dyn.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57feedmg.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57highin.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57hkstub.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57htmlmu.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57httpct.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57idle.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57ieovr.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57impipe.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57medint.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57mlbtn.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57msg.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57Plugin.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57radio.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57regfft.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57reghk.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57regiet.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57script.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57skin.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57sknlcr.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57skplay.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57tpinst.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57uabtn.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\AppIntegratorStub64.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\BOOTSTRAP.JS, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\CHROME.MANIFEST, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\CREXT.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\CrExtP57.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\DPNMNGR.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\EXEMANAGER.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\Hpg64.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\INSTALL.RDF, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\installKeys.js, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\LOGO.BMP, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8EXTEX.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8HTML.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8RES.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\VERIFY.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\chrome\57ffxtbr.jar, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\gen1\COMMON.T8S, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\IE9Mesg\COMMON.T8S, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Message\COMMON.T8S, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Settings\s_pid.dat, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\8_step1.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\anemone.js, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\bd_grad.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpguard.js, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpguard1.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpguard2.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpp_ok.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpp_x.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpp_x2.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\index.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\mid_dots.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\mws_logo.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\protect.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\rebut4b.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\shield.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\stop.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\systrayp.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\tp_grad.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome.manifest, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\icon.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\install.rdf, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\background.html, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.xml, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\config.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\content.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.xul, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\jquery-1.9.1.min.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\options.xul, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\rjs.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\settings.json, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\subscriptloader.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin\framework.css, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome.manifest, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\icon.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\install.rdf, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\background.html, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.xml, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\config.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\content.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.xul, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\jquery-1.9.1.min.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\options.xul, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\rjs.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\settings.json, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\subscriptloader.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin\framework.css, , [1cbb4d11f18ba78f35eb49e358abdf21],
Physical Sectors: 0
(No malicious items detected)
(end)
Malwarebytes Anti-Malware
www.malwarebytes.org
Scan Date: 4.12.2014
Scan Time: 17:45:18
Logfile: MBAM - log.txt
Administrator: Yes
Version: 2.00.4.1028
Malware Database: v2014.12.04.07
Rootkit Database: v2014.12.03.01
License: Free
Malware Protection: Disabled
Malicious Website Protection: Disabled
Self-protection: Disabled
OS: Windows 7 Service Pack 1
CPU: x64
File System: NTFS
User: Pavel
Scan Type: Custom Scan
Result: Completed
Objects Scanned: 728842
Time Elapsed: 2 hr, 58 min, 11 sec
Memory: Enabled
Startup: Enabled
Filesystem: Enabled
Archives: Enabled
Rootkits: Disabled
Heuristics: Enabled
PUP: Enabled
PUM: Enabled
Processes: 0
(No malicious items detected)
Modules: 0
(No malicious items detected)
Registry Keys: 192
PUP.Optional.AudioToAudioToolBar.A, HKLM\SYSTEM\CURRENTCONTROLSET\SERVICES\MarineAquarium3Free_57Service, , [a92e5707f389db5baf5782b40af63dc3],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{07189b84-b33b-4a1e-9b32-ad203c983c20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{074d3229-0a22-491b-b9dd-ff3171d75f25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{074D3229-0A22-491B-B9DD-FF3171D75F25}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{d35349a7-84d1-4a70-8536-e9c1f77dcf5b}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{fdb8f0c7-adf7-4a45-b762-fe8ef4970dbd}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3C4E958B-177E-4B3A-A998-4B0263A9564D}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{638B87E0-5EF3-45FA-ACB8-2C7C67958665}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6A1F6969-2069-4036-A0AB-07D4628DF5A1}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6F776034-C1E7-41CB-B099-839FCA62E732}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E9E780CC-8821-4B00-B4F9-F4C4F82BE2C7}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F4D12989-AF1C-4363-BFCF-B9AD96D18B0F}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3C4E958B-177E-4B3A-A998-4B0263A9564D}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{638B87E0-5EF3-45FA-ACB8-2C7C67958665}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6A1F6969-2069-4036-A0AB-07D4628DF5A1}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6F776034-C1E7-41CB-B099-839FCA62E732}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E9E780CC-8821-4B00-B4F9-F4C4F82BE2C7}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F4D12989-AF1C-4363-BFCF-B9AD96D18B0F}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{fdb8f0c7-adf7-4a45-b762-fe8ef4970dbd}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SettingsPlugin.1, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SettingsPlugin, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SettingsPlugin, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SettingsPlugin.1, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D35349A7-84D1-4A70-8536-E9C1F77DCF5B}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\MarineAquarium3Free_57bar Uninstall Firefox, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{07189B84-B33B-4A1E-9B32-AD203C983C20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{07189B84-B33B-4A1E-9B32-AD203C983C20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{0eeaa2c3-0cd7-4364-b82e-f9257081c860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXPLORER\BROWSER HELPER OBJECTS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\SETTINGS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\STATS\{0EEAA2C3-0CD7-4364-B82E-F9257081C860}, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings, , [f3e4eb73087441f5fba438c96b98758b],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings.1, , [81564a14275570c6e6b9bc4561a2c33d],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings, , [81564a14275570c6e6b9bc4561a2c33d],
PUP.Optional.FunWebProducts.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.SkinLauncherSettings.1, , [81564a14275570c6e6b9bc4561a2c33d],
PUP.Adware.Gotclip.ScamLotto, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\UNINSTALL\GotClip, , [894e5fffaece3cfa1e412d71c9378d73],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [3b9c3e2075078ea8692fd8e5a65eda26],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\DataMngr, , [f4e33f1f7c0006306094c0a8a55ea55b],
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\MediaBuzzV1mode8195, , [399edd81730988aeccf9adc444bf9070],
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MediaWatchV1home7104, , [16c1f9651e5ef83e196a9d181be942be],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release4186, , [86518cd2116b53e3a25a46257390867a],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release6582, , [6e6907577c005adc23d9aebd55aed42c],
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\RichMediaViewV1release927, , [6c6b95c999e35adcfefe5a11867d5fa1],
PUP.Optional.TrustMediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\TrustMediaViewerV1alpha3397, , [7760372787f554e247edee73649ff010],
PUP.Optional.MoviesToolBar.A, HKLM\SOFTWARE\WOW6432NODE\GOOGLE\CHROME\EXTENSIONS\aaaaabcbmongicmdegkmmfgdickgnnob, , [27b059055d1f94a24d6feb83788b15eb],
PUP.Optional.DataMangr.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\${dtUserElevationPolicyID}, , [d0078cd2f58752e444549e1ffd0720e0],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLAPLUGINS\@MarineAquarium3Free_57.com/Plugin, , [5087e07e2b51d95d32a00c6734cf2dd3],
PUP.Optional.MindSpark.A, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\APPDATALOW\SOFTWARE\MarineAquarium3Free_57, , [86511a445c204ee8935ad694c93a6f91],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3ca77147-e5a4-43ba-80b2-efa3245f8d88}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{09e63ba3-09c7-4d20-9e4b-2ebad3be5b50}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{AD6CED5C-457E-43DC-BD4B-D5ED0B87FAB4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F1FD4F87-D0FD-4A5C-90A7-9A7696FFAEC0}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{F62FBB9B-25D9-41C5-97C0-7ED7AFBF2410}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{AD6CED5C-457E-43DC-BD4B-D5ED0B87FAB4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F1FD4F87-D0FD-4A5C-90A7-9A7696FFAEC0}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{F62FBB9B-25D9-41C5-97C0-7ED7AFBF2410}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{09e63ba3-09c7-4d20-9e4b-2ebad3be5b50}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ToolbarProtector.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ToolbarProtector, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ToolbarProtector, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ToolbarProtector.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{3f9c1414-58f0-4fbb-9ee6-ab948b604ebd}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{2f868090-a282-4c80-ac30-f743c9becadf}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{2BEA8EF6-4B9D-43DF-9C32-5B91B65E3E58}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C8D39FE3-DCB1-4E94-9192-A176FC1F19BB}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D4517E61-49A5-4712-B487-950FEC8DB4B9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{2BEA8EF6-4B9D-43DF-9C32-5B91B65E3E58}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C8D39FE3-DCB1-4E94-9192-A176FC1F19BB}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D4517E61-49A5-4712-B487-950FEC8DB4B9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{2f868090-a282-4c80-ac30-f743c9becadf}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{536e7ae2-c94c-4256-b035-8ec24e6245dd}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{a29ba259-04a2-426b-949f-d486e674df9b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C9FA2928-5ED3-47AD-996C-997F6A9003EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C9FA2928-5ED3-47AD-996C-997F6A9003EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{a29ba259-04a2-426b-949f-d486e674df9b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{b4b7b983-0df7-4153-8551-a82806009611}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.DynamicBarButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.DynamicBarButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.DynamicBarButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.DynamicBarButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f153e08e-19e7-4ece-bb2b-afe06394c6ea}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{199350af-34c3-496f-a764-f4bf91cf2835}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{A91067AB-9AC6-4607-B9F2-FB62228195EF}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C17F2CA9-F618-4D8C-9C7E-78F9779D3FAA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{A91067AB-9AC6-4607-B9F2-FB62228195EF}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C17F2CA9-F618-4D8C-9C7E-78F9779D3FAA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{199350af-34c3-496f-a764-f4bf91cf2835}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.FeedManager.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.FeedManager, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.FeedManager, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.FeedManager.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{C0FD73B4-C692-4061-B36F-BC15B111314C}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLMenu.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLMenu, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLMenu, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLMenu.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{C0FD73B4-C692-4061-B36F-BC15B111314C}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{7706dcce-fed8-4ed7-80b2-5f88c33ee317}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{83783d62-ec4a-4cdd-acb3-b2a4bf184959}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{107C2EDD-3388-452B-A6B8-2AAD8EF816B6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{D5CEC7EB-7D25-47BF-AA42-5DB03938509F}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{107C2EDD-3388-452B-A6B8-2AAD8EF816B6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{D5CEC7EB-7D25-47BF-AA42-5DB03938509F}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{83783d62-ec4a-4cdd-acb3-b2a4bf184959}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{ad750e83-1c56-4196-90e3-e5a0f3c5421c}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.MultipleButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.MultipleButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.MultipleButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.MultipleButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{d66a4b11-4d17-4383-8090-ec2045d241c5}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{e9b11175-96ea-4919-b73b-3be71d2e8954}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0CD3C780-F128-4E7F-BA5C-A7B4FE0B904E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{6DBD484A-FAA1-4E09-9D82-5B472D9774E8}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{76A9FB77-FA97-4656-8B91-25848DC7BFD6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0CD3C780-F128-4E7F-BA5C-A7B4FE0B904E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{6DBD484A-FAA1-4E09-9D82-5B472D9774E8}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{76A9FB77-FA97-4656-8B91-25848DC7BFD6}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{e9b11175-96ea-4919-b73b-3be71d2e8954}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.XMLSessionPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{D66A4B11-4D17-4383-8090-EC2045D241C5}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{77225af4-00ff-49de-94ae-7818936b6631}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{09252fa9-17ba-453c-9890-644aace70b2b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{67C605D7-71E7-40B7-AF78-8E382E039E8B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{67C605D7-71E7-40B7-AF78-8E382E039E8B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{09252fa9-17ba-453c-9890-644aace70b2b}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.RadioSettings.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.RadioSettings, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.RadioSettings, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.RadioSettings.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f6e8add0-7744-4d57-8ab7-1ca4c6e0d0a0}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.Radio.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.Radio, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.Radio, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.Radio.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{94c67622-4e77-495a-9457-c8064c92a228}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ScriptButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ScriptButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ScriptButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ScriptButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{cc721fc9-8900-4e3d-a4be-359e6af8e9bb}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{00c5edb1-1261-41eb-8fee-9c0c2cd98058}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{0A4376DD-C64A-4499-86BA-54578FD3BE3E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{1E66D651-C63F-4B5A-8DBB-4C093647BF9B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{3E3BEAE8-5B73-4AA4-8191-6AAD3E17D7CC}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{E1700B22-E107-4EC6-943E-5FBBADF213B3}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{0A4376DD-C64A-4499-86BA-54578FD3BE3E}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{1E66D651-C63F-4B5A-8DBB-4C093647BF9B}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{3E3BEAE8-5B73-4AA4-8191-6AAD3E17D7CC}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{E1700B22-E107-4EC6-943E-5FBBADF213B3}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{00c5edb1-1261-41eb-8fee-9c0c2cd98058}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.PseudoTransparentPlugin.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{CC721FC9-8900-4E3D-A4BE-359E6AF8E9BB}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{e55ebb8c-fb31-4a98-a514-4ecc5fd9c634}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{f90c885b-332c-4379-965c-3ef665f369dc}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\LOW RIGHTS\ELEVATIONPOLICY\{F90C885B-332C-4379-965C-3EF665F369DC}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{dd4285fa-3345-4b73-92e5-4de464edc3b2}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{d458d0d1-08f3-4dc9-9c67-ade048ae0ef9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{C71EA797-7B15-438B-894A-9AB54D752430}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{DA60568C-C30E-4680-ADEA-89BF1DD050EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{C71EA797-7B15-438B-894A-9AB54D752430}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{DA60568C-C30E-4680-ADEA-89BF1DD050EA}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{d458d0d1-08f3-4dc9-9c67-ade048ae0ef9}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.ThirdPartyInstaller.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{DD4285FA-3345-4B73-92E5-4DE464EDC3B2}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{2284a20f-8e7e-4eae-ad01-3c983281c570}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.UrlAlertButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.UrlAlertButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.UrlAlertButton, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.UrlAlertButton.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\CLSID\{eda1dca1-c71d-46e7-b504-6cefd21ee60d}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\TYPELIB\{fb84548c-47c9-4323-820b-9e46b50e9947}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{5777FB26-1203-4D16-A47F-24B3FF5E0476}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\INTERFACE\{71AC0D70-4274-4B53-8101-26F7249EAFE4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{5777FB26-1203-4D16-A47F-24B3FF5E0476}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\INTERFACE\{71AC0D70-4274-4B53-8101-26F7249EAFE4}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\TYPELIB\{fb84548c-47c9-4323-820b-9e46b50e9947}, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLPanel.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\CLASSES\MarineAquarium3Free_57.HTMLPanel, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLPanel, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\CLASSES\MarineAquarium3Free_57.HTMLPanel.1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\EXT\PREAPPROVED\{EDA1DCA1-C71D-46E7-B504-6CEFD21EE60D}, , [1abd273769133ef84a52da442bd89d63],
Registry Values: 13
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR|{07189B84-B33B-4A1E-9B32-AD203C983C20}, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\{07189b84-b33b-4a1e-9b32-ad203c983c20}, , [e0f793cb6319d95d13ed4a7f1ae842be],
PUP.Optional.MindSpark, HKLM\SOFTWARE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Marine Aquarium Lite Home Page Guard 64 bit, "C:\PROGRA~2\MARINE~1\bar\1.bin\AppIntegrator64.exe", , [d4038bd3fb8173c37cdde7c1b25221df]
PUP.Optional.MindSpark, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\WINDOWS\CURRENTVERSION\RUN|Marine Aquarium Lite Search Scope Monitor, "C:\PROGRA~2\MARINE~1\bar\1.bin\57srchmn.exe" /m=2 /w /h, , [1abd144adaa2e74f7a10a91306febd43]
PUP.Optional.MediaWatch.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaWatchV1home7104.net, C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home7104\ff, , [b522114d7606e452e2a28e27d52f8f71]
PUP.Optional.MediaBuzz.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@MediaBuzzV1mode8195.net, C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8195\ff, , [73641d41e597d6604b7bb7ba679c30d0]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release927.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release927\ff, , [dff8b3abcab2da5ce516313a13f0e21e]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release6582.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release6582\ff, , [6c6b1c424d2f50e6c6352e3d6b98926e]
PUP.Optional.TrustMediaViewer.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@TrustMediaViewerV1alpha3397.net, C:\Program Files (x86)\TrustMediaViewerV1\TrustMediaViewerV1alpha3397\ff, , [597ea8b6e399280e42f3f26f5aa918e8]
PUP.Optional.RichMediaView.A, HKLM\SOFTWARE\WOW6432NODE\MOZILLA\FIREFOX\EXTENSIONS|ext@RichMediaViewV1release4186.net, C:\Program Files (x86)\RichMediaViewV1\RichMediaViewV1release4186\ff, , [0bcc2b33136940f6e91272f9c142817f]
PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x64, c:\program files (x86)\movies toolbar\datamngr\x64\apcrtldr.dll, , [36a1f26c512b3df9fc9d615c8f7528d8]
PUP.Optional.DataMangr.A, HKLM\SYSTEM\CURRENTCONTROLSET\CONTROL\SESSION MANAGER\APPCERTDLLS|x86, c:\program files (x86)\movies toolbar\datamngr\apcrtldr.dll, , [2aad0a546f0de05655446e4f6a9afd03]
PUP.Optional.SpeedTest, HKU\S-1-5-21-3435964710-805018482-336169385-1001-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MOZILLA\FIREFOX\EXTENSIONS|speedtest4354@BestOffers, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, , [95420b53314b2c0a4496ed6ebd467090]
Registry Data: 0
(No malicious items detected)
Folders: 35
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\common, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\_metadata, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\chrome, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\ThirdPartyInstallers, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\gen1, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\IE9Mesg, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Message, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Settings, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin, , [1cbb4d11f18ba78f35eb49e358abdf21],
Files: 245
PUP.Optional.AudioToAudioToolBar.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57barsvc.exe, , [a92e5707f389db5baf5782b40af63dc3],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bar.dll, , [6e6963fb7a0294a22bd5dcedf30ffe02],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrcAs.dll, , [3b9cf46af884c5710ff3eedb02001ae6],
PUP.Optional.MyPCBackup.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\MyPC Backup.exe.vir, , [f9debba34c30d46264c613ce40c11ee2],
PUP.Optional.MyPCBackup.A, C:\AdwCleaner\Quarantine\C\Program Files (x86)\MyPC Backup\Service Start.exe.vir, , [35a2c995bcc0aa8c8d9dab368978649c],
PUP.Optional.Ilivid, C:\AdwCleaner\Quarantine\C\Users\Pavel\AppData\Local\iLivid\Uninstall.exe.vir, , [6176c49a413b37ffa1c315d0f20f9967],
PUP.Optional.PCPerformer.A, C:\AdwCleaner\Quarantine\C\windows\System32\roboot64.exe.vir, , [c710a3bb8fedec4abf6d43dec9377d83],
PUP.Optional.NetFilter, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\hfpapi.dll.vir, , [439466f8bfbd0234090b09be13ee946c],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\nethtsrv.exe.vir, , [e4f30a54760670c60f6e129799688a76],
PUP.Optional.Amonetize, C:\AdwCleaner\Quarantine\C\windows\SysWOW64\netupdsrv.exe.vir, , [449366f8512bfb3bf08e5158728f07f9],
PUP.Optional.NetFilter, C:\Windows\SysWOW64\hfnapi.dll, , [cd0a2f2f433988ae898a4f7851b017e9],
PUP.Optional.Amonetize, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[1].exe, , [9a3d3b23f88435016b06ce01e61b11ef],
PUP.Optional.Amonetize, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[2].exe, , [4e893d21afcd9b9bfc75d9f61ae7ca36],
PUP.Optional.Amonetize, C:\Windows\SysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\inethnfd-setup[3].exe, , [2bac1d4117651a1c9ed3ffd0dd242dd3],
PUP.Optional.Amonetize, C:\Windows\Temp\0195efd7-b9eb-4671-df2d-7997f82867d3.exe, , [0ccbea74473587af98d9438cb44deb15],
PUP.Optional.Amonetize, C:\Windows\Temp\78419ea7-dc6b-4b46-9336-ee53d75ac533.exe, , [b027d88607759b9b92df9d32f011df21],
PUP.Optional.Amonetize, C:\Windows\Temp\Updater.exe, , [4196abb32b512511bdb4824d21e0d22e],
PUP.Optional.Amonetize, C:\Windows\Temp\f3704209-6d15-4298-8408-bc7fca399fba.exe, , [6e69c896601c8fa7640d408fcc35c838],
PUP.Optional.Amonetize, C:\Windows\Temp\fdded0d7-1d8e-45a1-8f75-13b24cb2231e.exe, , [8e497fdf81fb59ddc4add5fa9f62e020],
PUP.Optional.Ilivid, C:\Windows\Temp\5e581c25\SetupDataMngr_iLivid.exe, , [399e045a4e2ee254fa6af5f039c8728e],
PUP.Optional.Ilivid, C:\Windows\Temp\b54e6703\SetupDataMngr_iLivid.exe, , [d205c19d8cf04bebe77de6ff20e16b95],
Trojan.BitMiner, C:\Program Files (x86)\DoubleOptMedia\deinstaller.exe, , [8156035b97e5b482c91b04a79f6331cf],
Trojan.BitMiner, C:\Program Files (x86)\DoubleOptMedia\Installer.exe, , [9c3b025c3d3f61d58d5853589a686c94],
Trojan.BitMiner, C:\Program Files (x86)\DoubleOptMedia\ProcessUsage.exe, , [06d18ed07ffdce684cf3f90a5fa37888],
Trojan.Agent.VU, C:\Program Files (x86)\DoubleOptMedia\VideoUsage.exe, , [24b3e47af88467cf001330a5a460867a],
PUP.Adware.Gotclip.ScamLotto, C:\Program Files (x86)\GotClip\Uninstall.exe, , [894e5fffaece3cfa1e412d71c9378d73],
PUP.Optional.BitMiner, C:\Program Files (x86)\PCData\cgminer.exe, , [8f48fc622854191d4745adefe61cd927],
Riskware.BitcoinMiner, C:\Program Files (x86)\PCData\minerd.exe, , [b81fc896c9b34fe758876bf246bbc43c],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8EXTPEX.DLL, , [d40337274b31ac8a2bb8e5672ad641bf],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8TICKER.DLL, , [bd1ac49a017b84b287b495fb9471ed13],
PUP.Optional.Amonetize.A, C:\Users\Pavel\AppData\Local\18362\a19002.exe, , [9e39065888f4b482a25177c2f808a858],
PUP.Optional.Amonetize, C:\Users\Pavel\AppData\Local\29614\Updater.exe, , [3f989cc2c4b856e0e58c7b54629fd12f],
PUP.Optional.Amonetize.A, C:\Users\Pavel\AppData\Local\6984\a30422.exe, , [d304e6785725191d68d3c097e917e818],
PUP.Optional.MyPCBackup.A, C:\Users\Pavel\AppData\Local\Temp\BackupSetup.exe, , [7a5da7b797e55dd93ded6c757190da26],
PUP.Optional.Amonetize, C:\Users\Pavel\AppData\Local\Temp\Updater.exe, , [ba1d76e82c506cca2b46329dd62b926e],
PUP.Optional.Amonetize, C:\Users\Pavel\AppData\Local\Temp\drv90201.exe, , [fed968f68def85b16b067e5171908878],
PUP.Optional.Delta.A, C:\Users\Pavel\AppData\Local\Temp\DeltaTB.exe, , [15c225394834df577d101f0406fb827e],
PUP.Optional.RichMediaView.A, C:\Users\Pavel\AppData\Local\Temp\aplinstal.exe, , [0ec90955e3999a9c4599018d18ed19e7],
PUP.Optional.ShoppingSuggestion.A, C:\Users\Pavel\AppData\Local\Temp\presetup.exe, , [0ccb0e50215b70c67e595e7e39c833cd],
PUP.Optional.Btcmine, C:\Users\Pavel\AppData\Local\Temp\compatibility.exe, , [af28c995522aa096c0848c4945bf53ad],
PUP.Optional.Babylon.A, C:\Users\Pavel\AppData\Local\Temp\CB70A985-BAB0-7891-A29F-14023A238CFC\Latest\BExternal.dll, , [4196302ed2aa58debd7e6fb4b14f03fd],
PUP.Optional.Babylon.A, C:\Users\Pavel\AppData\Local\Temp\CB70A985-BAB0-7891-A29F-14023A238CFC\Latest\CrxInstaller.dll, , [a037015d8def2c0a95a860d53fc2c838],
PUP.Optional.Babylon.A, C:\Users\Pavel\AppData\Local\Temp\CB70A985-BAB0-7891-A29F-14023A238CFC\Latest\Setup.exe, , [2fa8015df6866dc99ef16eb204fc956b],
PUP.Optional.OpenCandy, C:\Users\Pavel\AppData\Local\Temp\nsc2932.tmp\DTLite.exe, , [7760d985dca043f388445f27cb3acb35],
PUP.Optional.OpenCandy, C:\Users\Pavel\Desktop\Pavel\DTLite-setup.exe, , [b6219ac4f28a082edcf088fedd28ad53],
PUP.Optional.OpenCandy, C:\Users\Pavel\Desktop\Spore-CZ-plnÄ?Ë?-verze!!\Spore-FALLOS\Daemon tools\DTLite4461-0327.exe, , [ebeca9b5cfad9e98e0ecbbcbb64f15eb],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-Nbj9y7gOj.exe, , [587f3b23bcc03ef8e9bd01cfc93b4fb1],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-Nd5zDzT6C.exe, , [8453520c82fa7cba297d0dc37391f010],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-NfoKBYfVN.exe, , [7b5c431b6d0f93a39f07725ed72d8a76],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N0nyau2CC.exe, , [0dca2c32bcc052e4881e20b00ef6857b],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N38OmMdt9.exe, , [c017025caad21c1ad7cfa52ba163f010],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N3XhjFP5q.exe, , [19be5a04fc807cbaf6b0fed20103936d],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N4dBJ9LVP.exe, , [9344bba3314bde58bfe78d430cf80cf4],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-N89GBJSA0.exe, , [cc0b67f7d1ab9b9bc7df973908fcac54],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NaW5HixpN.exe, , [cb0cafaff08c8ea8b8ee6c6447bd07f9],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NaWHpb4gw.exe, , [7f58421c6a1295a1ccda7f51f50f03fd],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NcZ6HHQQy.exe, , [9e3970eec9b3e452cdd9fdd38c78de22],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FreeZipSetup-NfG4NkSys.exe, , [26b1c09e502c69cda204369ab64eb848],
PUP.Optional.InstallBrain.A, C:\Users\Pavel\Downloads\VideoPerformerSetup.exe, , [c611510df8841e188895027f39c8e31d],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-NbEUvNrR1.exe, , [4a8d500e6a120333edb95080c34145bb],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N0kKRJYVV.exe, , [35a279e5ea92ba7c099d953b1aea639d],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N0uuUbsRc.exe, , [f5e23c223a42fc3a8026a32d7b89d828],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N21WVux8D.exe, , [815663fb403cd85e8a1cb31df80c16ea],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N24gIShNT.exe, , [23b4312d03793600fea8735d38cc4fb1],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N4kyIkOud.exe, , [14c3b9a54537af871c8acf01689cb050],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N5ALQ3Kpc.exe, , [9c3b441af28ab680287e29a7689c53ad],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N659Djewg.exe, , [c5121f3f98e46dc90e9877596f955fa1],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N6o4VNVcC.exe, , [c116500e621ace683b6b686817edec14],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N7CraYYSr.exe, , [06d199c59ce04fe7396d963a12f2a25e],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N7o0J3XqM.exe, , [5483035be59788aeadf97b55857f3cc4],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N8VVGpIe2.exe, , [498ec9959ddf053102a4a72954b012ee],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-N9LCt1hcH.exe, , [dafd2935fa8267cf22840cc44bb9ab55],
PUP.Optional.Somoto.A, C:\Users\Pavel\Downloads\FLVPlayerSetup-Na8Buw4gr.exe, , [b91e5905285434022284ffd1e61ec53b],
PUP.Optional.ClientConnect, C:\Users\Pavel\Downloads\SweetPlayer_TSA24GCG0.exe, , [b7204c12a9d348ee586e9f1ca061d030],
PUP.Optional.Conduit, C:\Users\Pavel\Downloads\SweetPlayer_TSA24GCGE.exe, , [b522d08eb2cad85ed400aa0c56ab2bd5],
PUP.Optional.Conduit, C:\Users\Pavel\Downloads\SweetPlayer_TSA24GCGI.exe, , [c71098c66517cb6b2fa5a5112bd60cf4],
PUP.Optional.Amonetize.A, C:\Users\Pavel\Downloads\GotClipDownloader__6629_i431998959_il4753234.exe, , [1cbbcd91740864d203b2d862817fc23e],
PUP.Optional.Amonetize.A, C:\Users\Pavel\Downloads\GotClipDownloader__6629_i431999524_il4753234.exe, , [0dcacb9384f852e491245bdfdc242fd1],
PUP.Optional.Bandoo, C:\Users\Pavel\Downloads\iLividSetup-r706-n-bc.exe, , [b0270f4f215b43f3e8f348dd5ba6ac54],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\ver.xml, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\data.xml, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.OffersWizard.A, C:\Program Files (x86)\Common Files\Config\uninstinethnfd.exe, , [e8ef9dc1f18b62d4efd260fe07fc17e9],
PUP.Optional.MindSpark, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\AppIntegrator64.exe, , [d4038bd3fb8173c37cdde7c1b25221df],
PUP.Optional.MindSpark, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57SrchMn.exe, , [1abd144adaa2e74f7a10a91306febd43],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\manifest.json, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\background.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\config.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\registry.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\reporting.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\common\utils.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\build.json, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_128x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_19x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_24x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_32x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\logo_grey_19x.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\config\skin\images\logo\toolbar-icons.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\popup.html, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css\bootstrap.css, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css\bootstrap.css.map, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\css\uninstallInfo.css, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\ask_logo.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\cinema.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\comedy.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\m.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\magazine.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\movies.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\options.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\reviews.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\search.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\star.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\toolbar-icon-ask.ico, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\images\trailers.png, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js\bootstrap.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js\jquery.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\dropdown\js\popup.js, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MoviesToolBar.A, C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\aaaaabcbmongicmdegkmmfgdickgnnob\35.4_0\_metadata\verified_contents.json, , [9c3b401e760664d2218cb66283807e82],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57auxstb.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57bprtct.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brmon.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57brstub.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57datact.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57dlghk.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57dyn.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57feedmg.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57highin.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57hkstub.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57htmlmu.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57httpct.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57idle.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57ieovr.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57impipe.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57medint.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57mlbtn.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57msg.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57Plugin.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57radio.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57regfft.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57reghk.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57regiet.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57script.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57skin.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57sknlcr.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57skplay.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57tpinst.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\57uabtn.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\AppIntegratorStub64.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\BOOTSTRAP.JS, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\CHROME.MANIFEST, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\CREXT.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\CrExtP57.exe, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\DPNMNGR.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\EXEMANAGER.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\Hpg64.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\INSTALL.RDF, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\installKeys.js, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\LOGO.BMP, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\NP57Stub.dll, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8EXTEX.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8HTML.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\T8RES.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\VERIFY.DLL, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\1.bin\chrome\57ffxtbr.jar, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\gen1\COMMON.T8S, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\IE9Mesg\COMMON.T8S, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Message\COMMON.T8S, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Program Files (x86)\MarineAquarium3Free_57\bar\Settings\s_pid.dat, , [1abd273769133ef84a52da442bd89d63],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\8_step1.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\anemone.js, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\bd_grad.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpguard.js, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpguard1.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpguard2.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpp_ok.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpp_x.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\hpp_x2.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\index.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\mid_dots.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\mws_logo.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\protect.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\rebut4b.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\shield.png, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\stop.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\systrayp.htm, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.MindSpark.A, C:\Users\Pavel\AppData\LocalLow\MarineAquarium3Free_57\bar\Message\COMMON\tp_grad.gif, , [08cfe07e4b3189ad4f94bd677e855ba5],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome.manifest, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\icon.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\install.rdf, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\background.html, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\button.xml, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\config.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\content.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\framework.xul, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon128.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon16.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon18.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon24.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon32.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon48.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.ico, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\icon64.png, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\jquery-1.9.1.min.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\options.xul, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\rjs.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\settings.json, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\content\subscriptloader.js, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.SpeedTest.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\speedtest4354@BestOffers\chrome\skin\framework.css, , [1dba6bf3116b2d09928c1d0f2ed527d9],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome.manifest, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\icon.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\install.rdf, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\background.html, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\button.xml, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\config.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\content.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\framework.xul, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon128.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon16.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon18.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon24.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon32.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.ico, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\icon48.png, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\jquery-1.9.1.min.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\options.xul, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\rjs.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\settings.json, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\content\subscriptloader.js, , [1cbb4d11f18ba78f35eb49e358abdf21],
PUP.Optional.FreeGames.A, C:\Users\Pavel\AppData\Roaming\Mozilla\Extensions\freegames4357@BestOffers\chrome\skin\framework.css, , [1cbb4d11f18ba78f35eb49e358abdf21],
Physical Sectors: 0
(No malicious items detected)
(end)
Re: Totálně zahumusené pc
Vsechny nalezy hodte do karanteny a restartujte pc. Postupujte podle navodu kolegyvyosek píše:
- Pokud pouzivate Win Vista ci W7, kliknete na Zoek pravym a dejte Run As Administrator ci Spustit jako spravce
- Do okna vlozte skript nize
Kód: Vybrat vše
autoclean; resethosts; emptyclsid; IEdefaults; FFdefaults; CHRdefaults; emptyIEcache; emptyFFcache; emptyCHRcache; emptyalltemp; emptyflash; emptyjava; emptyrecycle.bin;- Nasledne kliknete na Run Script
- PC provede opravu, restartuje se a da Vam log, jeho obsah vlozte sem
Pokud máte dotaz, který není určen pro veřejnost, můžete mi napsat na mail marty84zavináčforum.viry.cz
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
Možnost podpořit naše fórum https://platba.viry.cz/payment/
Z časových důvodů teď budu na fóru méně často. V případě delšího čekání na odpověď kontaktujte prosím některého z kolegů (většina má mailovou adresu ve svém podpisu).
-
Kachnacicek
Re: Totálně zahumusené pc
Zdravím, test musím jet znova, tentokrát v nouzovém režimu. Pc jsem včera večer po testu uspal, bohužel se vyplo. Teď jsem ho zkoušel tak 10x zapnout jak do normálu, tak do nouzového režimu, až teď se to konečně povedlo - zajímavou věcí je, že bootování nouzového režimu se pokaždé zastavilo na: AtiPcie64.sys - napadlo mě, jestli není nějaký problém s ovladačem grafiky?
Až doběhne test, udělám, jak jste řekl a dám vědět. Díky moc!
Až doběhne test, udělám, jak jste řekl a dám vědět. Díky moc!
-
Kachnacicek
Re: Totálně zahumusené pc
Tak tady máme log:
Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Pavel on so 06.12.2014 at 0:17:57,20.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
6.12.2014 0:19:53 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\Users\Pavel\AppData\Local\cache deleted successfully
C:\Users\Pavel\AppData\Local\PDFC deleted successfully
C:\Users\stasa\AppData\Local\PDFC deleted successfully
C:\Users\stasa\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{F6C07882-D703-4DD5-905A-2C4E815A5066} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{48ec14f4-b765-4558-8732-ba064d2fead1} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{01a5fb66-fb7c-4488-8790-60c5cc254243} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\mozilla\Firefox\Extensions\freegames4357@BestOffers deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Pavel\AppData\Local\18362 deleted
C:\Users\Pavel\AppData\Local\29614 deleted
C:\Users\Pavel\AppData\Local\6984 deleted
C:\Users\Pavel\.android deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\extensions.ini deleted
C:\awh188E.tmp deleted
C:\awh1DED.tmp deleted
C:\awh1F14.tmp deleted
C:\awh2C6C.tmp deleted
C:\awh36B9.tmp deleted
C:\awh387D.tmp deleted
C:\awh494F.tmp deleted
C:\awh4EBB.tmp deleted
C:\awh5060.tmp deleted
C:\awh5ADB.tmp deleted
C:\awh637.tmp deleted
C:\awh6F84.tmp deleted
C:\awh7425.tmp deleted
C:\awh8215.tmp deleted
C:\awh8610.tmp deleted
C:\awh8C76.tmp deleted
C:\awh8D41.tmp deleted
C:\awh8EB7.tmp deleted
C:\awh91E2.tmp deleted
C:\awh927E.tmp deleted
C:\awh93E7.tmp deleted
C:\awh97C3.tmp deleted
C:\awh9A99.tmp deleted
C:\awh9B25.tmp deleted
C:\awh9DF3.tmp deleted
C:\awhA295.tmp deleted
C:\awhA5C0.tmp deleted
C:\awhA794.tmp deleted
C:\awhAB92.tmp deleted
C:\awhAD00.tmp deleted
C:\awhB1BC.tmp deleted
C:\awhB2BB.tmp deleted
C:\awhB338.tmp deleted
C:\awhB4EC.tmp deleted
C:\awhB52B.tmp deleted
C:\awhB619.tmp deleted
C:\awhBFD5.tmp deleted
C:\awhC087.tmp deleted
C:\awhC24E.tmp deleted
C:\awhC264.tmp deleted
C:\awhC2D1.tmp deleted
C:\awhCA50.tmp deleted
C:\awhCBD6.tmp deleted
C:\awhCC82.tmp deleted
C:\awhD34E.tmp deleted
C:\awhD433.tmp deleted
C:\awhD825.tmp deleted
C:\awhD951.tmp deleted
C:\awhDF08.tmp deleted
C:\awhDF94.tmp deleted
C:\awhE47C.tmp deleted
C:\awhF0C4.tmp deleted
C:\awhF140.tmp deleted
C:\awhF314.tmp deleted
C:\awhF608.tmp deleted
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\PROGRA~3\ICQ deleted
C:\Users\Pavel\AppData\Local\avgchrome deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\Pavel\Desktop\Savoir\iLivid.lnk deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt" [10.12.2010 14:31]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hojjdgfbnjabloekliajhaeabaioiohf - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home7104\ch\MediaWatchV1home7104.crx[]
jlcmdibnfndilnecopohnkpncnjniohf - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8195\ch\MediaBuzzV1mode8195.crx[]
AdBlock - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
"Default_Page_URL"="http://www.bing.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://start.alawarhry.cz/?pid=6"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://start.alawarhry.cz/?pid=6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{A3761D7B-8901-4081-A19A-49094CC84480}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{27E5F2BB-7308-46B7-B726-EBA870CDF2A9} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13906"
{2DD3A5ED-9F28-4615-85EA-A6B94BF37E79} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13906"
{421AACB1-6577-4847-B204-95A15F6C827E} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_13906"
{63788942-3DD8-4313-BAF2-3F5C223EA2A6} (search.seznam.cz) Seznam Url="http://search.seznam.cz/?q={searchTerms ... chmodule_2"
{7980C0ED-8DC2-4353-B128-4A6FEA7B2B81} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13906"
{87B5B7B0-6AF1-4C52-8716-3CB5A027F518} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13906"
{8EA7A4F3-0F4E-4EF3-8059-9ED285FA8FAF} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13906"
{A3761D7B-8901-4081-A19A-49094CC84480} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{BEB537AD-8BC5-4E35-B509-6534B3D9DEC8} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13906"
{D9B595D4-BF07-4D76-96E3-264D01FEBCB9} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13906"
{EB6D7220-C2DA-4CD0-AEB9-58B0581CA2FD} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906"
==== Reset Google Chrome ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hojjdgfbnjabloekliajhaeabaioiohf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jlcmdibnfndilnecopohnkpncnjniohf deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\stasa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\strnad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=109 folders=18 1642848 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pavel\AppData\Local\Temp will be emptied at reboot
C:\Users\stasa\AppData\Local\Temp emptied successfully
C:\Users\strnad\AppData\Local\Temp emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Pavel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 06.12.2014 at 0:39:49,84 ======================
Děkuji moc za pomoc
Zoek.exe v5.0.0.0 Updated 03-December-2014
Tool run by Pavel on so 06.12.2014 at 0:17:57,20.
Microsoft Windows 7 Professional 6.1.7601 Service Pack 1 x64
Running in: Normal Mode Internet Access Detected
Launched: C:\Users\Pavel\Desktop\zoek.exe [Scan all users] [Script inserted]
==== System Restore Info ======================
6.12.2014 0:19:53 Zoek.exe System Restore Point Created Succesfully.
==== Reset Hosts File ======================
# Copyright (c) 1993-2006 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host
# localhost name resolution is handle within DNS itself.
127.0.0.1 localhost
::1 localhost
==== Empty Folders Check ======================
C:\PROGRA~2\MSXML 4.0 deleted successfully
C:\PROGRA~2\Origin Games deleted successfully
C:\PROGRA~3\AWEM deleted successfully
C:\Users\Pavel\AppData\Local\cache deleted successfully
C:\Users\Pavel\AppData\Local\PDFC deleted successfully
C:\Users\stasa\AppData\Local\PDFC deleted successfully
C:\Users\stasa\AppData\Local\VirtualStore deleted successfully
==== Deleting CLSID Registry Keys ======================
==== Deleting CLSID Registry Values ======================
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{4D2D3B0F-69BE-477A-90F5-FDDB05357975} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{F6C07882-D703-4DD5-905A-2C4E815A5066} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{48ec14f4-b765-4558-8732-ba064d2fead1} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{A40DC6C5-79D0-4CA8-A185-8FF989AF1115} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Approved Extensions\{01a5fb66-fb7c-4488-8790-60c5cc254243} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\Microsoft\Internet Explorer\Toolbar\WebBrowser\{7FEBEFE3-6B19-4349-98D2-FFB09D4B49CA} deleted successfully
HKEY_USERS\S-1-5-21-3435964710-805018482-336169385-1001\Software\mozilla\Firefox\Extensions\freegames4357@BestOffers deleted successfully
==== Deleting Services ======================
==== Deleting Files \ Folders ======================
C:\Users\Pavel\AppData\Local\18362 deleted
C:\Users\Pavel\AppData\Local\29614 deleted
C:\Users\Pavel\AppData\Local\6984 deleted
C:\Users\Pavel\.android deleted
C:\PROGRA~2\Alawarhry.cz deleted
C:\extensions.ini deleted
C:\awh188E.tmp deleted
C:\awh1DED.tmp deleted
C:\awh1F14.tmp deleted
C:\awh2C6C.tmp deleted
C:\awh36B9.tmp deleted
C:\awh387D.tmp deleted
C:\awh494F.tmp deleted
C:\awh4EBB.tmp deleted
C:\awh5060.tmp deleted
C:\awh5ADB.tmp deleted
C:\awh637.tmp deleted
C:\awh6F84.tmp deleted
C:\awh7425.tmp deleted
C:\awh8215.tmp deleted
C:\awh8610.tmp deleted
C:\awh8C76.tmp deleted
C:\awh8D41.tmp deleted
C:\awh8EB7.tmp deleted
C:\awh91E2.tmp deleted
C:\awh927E.tmp deleted
C:\awh93E7.tmp deleted
C:\awh97C3.tmp deleted
C:\awh9A99.tmp deleted
C:\awh9B25.tmp deleted
C:\awh9DF3.tmp deleted
C:\awhA295.tmp deleted
C:\awhA5C0.tmp deleted
C:\awhA794.tmp deleted
C:\awhAB92.tmp deleted
C:\awhAD00.tmp deleted
C:\awhB1BC.tmp deleted
C:\awhB2BB.tmp deleted
C:\awhB338.tmp deleted
C:\awhB4EC.tmp deleted
C:\awhB52B.tmp deleted
C:\awhB619.tmp deleted
C:\awhBFD5.tmp deleted
C:\awhC087.tmp deleted
C:\awhC24E.tmp deleted
C:\awhC264.tmp deleted
C:\awhC2D1.tmp deleted
C:\awhCA50.tmp deleted
C:\awhCBD6.tmp deleted
C:\awhCC82.tmp deleted
C:\awhD34E.tmp deleted
C:\awhD433.tmp deleted
C:\awhD825.tmp deleted
C:\awhD951.tmp deleted
C:\awhDF08.tmp deleted
C:\awhDF94.tmp deleted
C:\awhE47C.tmp deleted
C:\awhF0C4.tmp deleted
C:\awhF140.tmp deleted
C:\awhF314.tmp deleted
C:\awhF608.tmp deleted
C:\install.exe deleted
C:\found.000 deleted
C:\found.001 deleted
C:\PROGRA~3\ICQ deleted
C:\Users\Pavel\AppData\Local\avgchrome deleted
C:\windows\SysNative\GroupPolicy\Machine deleted
C:\windows\SysNative\GroupPolicy\User deleted
C:\windows\SysNative\GroupPolicy\GPT.INI deleted
C:\windows\Syswow64\GroupPolicy\gpt.ini deleted
C:\windows\Syswow64\InstallUtil.InstallLog deleted
C:\windows\SysWow64\searchplugins deleted
C:\windows\SysWow64\Extensions deleted
C:\Users\Pavel\Desktop\Savoir\iLivid.lnk deleted
==== Firefox Extensions Registry ======================
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Mozilla\Firefox\Extensions]
"otis@digitalpersona.com"="c:\Program Files (x86)\Hewlett-Packard\HP ProtectTools Security Manager\Bin\FirefoxExt" [10.12.2010 14:31]
==== Chromium Look ======================
HKEY_LOCAL_MACHINE\SOFTWARE\Google\Chrome\Extensions
hojjdgfbnjabloekliajhaeabaioiohf - C:\Program Files (x86)\MediaWatchV1\MediaWatchV1home7104\ch\MediaWatchV1home7104.crx[]
jlcmdibnfndilnecopohnkpncnjniohf - C:\Program Files (x86)\MediaBuzzV1\MediaBuzzV1mode8195\ch\MediaBuzzV1mode8195.crx[]
AdBlock - Pavel\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom
==== Set IE to Default ======================
Old Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
"Default_Page_URL"="http://www.bing.com"
"ICQ Search"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://start.alawarhry.cz/?pid=6"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://start.alawarhry.cz/?pid=6"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="C:\\ProgramData\\ICQ\\ICQNewTab\\newTab.html"
New Values:
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main]
"ICQ Search"="http://go.microsoft.com/fwlink/?LinkId=54896"
"Default_Page_URL"="http://go.microsoft.com/fwlink/?LinkId=69157"
"Start Page"="http://www.google.com"
"Secondary Start Pages"="http://www.google.com"
[HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\Software\Wow6432Node\Microsoft\Internet Explorer\Main]
"Start Page"="http://go.microsoft.com/fwlink/?LinkId=69157"
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\AboutURLs]
"Tabs"="res://ieframe.dll/tabswelcome.htm"
==== All HKCU SearchScopes ======================
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\SearchScopes
"DefaultScope"="{A3761D7B-8901-4081-A19A-49094CC84480}"
{012E1000-F331-11DB-8314-0800200C9A66} Google Url="http://www.google.com/search?q={searchTerms}"
{27E5F2BB-7308-46B7-B726-EBA870CDF2A9} Novinky.cz Url="http://www.novinky.cz/hledej?w={searchT ... arch_13906"
{2DD3A5ED-9F28-4615-85EA-A6B94BF37E79} Encyklopedie Seznam Url="http://encyklopedie.seznam.cz/search?q= ... arch_13906"
{421AACB1-6577-4847-B204-95A15F6C827E} Seznam Url="http://search.seznam.cz/?q={searchTerms ... arch_13906"
{63788942-3DD8-4313-BAF2-3F5C223EA2A6} (search.seznam.cz) Seznam Url="http://search.seznam.cz/?q={searchTerms ... chmodule_2"
{7980C0ED-8DC2-4353-B128-4A6FEA7B2B81} Mapy.cz Url="http://www.mapy.cz/?query={searchTerms} ... arch_13906"
{87B5B7B0-6AF1-4C52-8716-3CB5A027F518} Slovnˇk EN/CZ Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13906"
{8EA7A4F3-0F4E-4EF3-8059-9ED285FA8FAF} Slovnˇk CZ/EN Url="http://slovnik.seznam.cz/?q={searchTerm ... arch_13906"
{A3761D7B-8901-4081-A19A-49094CC84480} Bing Url="http://www.bing.com/search?q={searchTer ... -SearchBox"
{BEB537AD-8BC5-4E35-B509-6534B3D9DEC8} Seznam TV Program Url="http://tv.seznam.cz/hledej?w={searchTer ... arch_13906"
{D9B595D4-BF07-4D76-96E3-264D01FEBCB9} Firmy.cz Url="http://www.firmy.cz/?q={searchTerms}&so ... arch_13906"
{EB6D7220-C2DA-4CD0-AEB9-58B0581CA2FD} Zbo§ˇ.cz Url="http://www.zbozi.cz/?q={searchTerms}&r= ... arch_13906"
==== Reset Google Chrome ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Preferences was reset successfully
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Web Data was reset successfully
==== Deleting Registry Keys ======================
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\hojjdgfbnjabloekliajhaeabaioiohf deleted successfully
HKEY_LOCAL_MACHINE\SOFTWARE\wow6432node\Google\Chrome\Extensions\jlcmdibnfndilnecopohnkpncnjniohf deleted successfully
==== Empty IE Cache ======================
C:\windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Default\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\Pavel\AppData\Local\Microsoft\Windows\Temporary Internet Files\Low\Content.IE5 emptied successfully
C:\Users\stasa\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\Users\strnad\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\SysNative\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
C:\windows\sysWOW64\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5 emptied successfully
==== Empty FireFox Cache ======================
No FireFox Profiles found
==== Empty Chrome Cache ======================
C:\Users\Pavel\AppData\Local\Google\Chrome\User Data\Default\Cache emptied successfully
==== Empty All Flash Cache ======================
Flash Cache Emptied Successfully
==== Empty All Java Cache ======================
No Java Cache Found
==== C:\zoek_backup content ======================
C:\zoek_backup (files=109 folders=18 1642848 bytes)
==== Empty Temp Folders ======================
C:\Users\Default\AppData\Local\Temp emptied successfully
C:\Users\Default User\AppData\Local\Temp emptied successfully
C:\Users\Pavel\AppData\Local\Temp will be emptied at reboot
C:\Users\stasa\AppData\Local\Temp emptied successfully
C:\Users\strnad\AppData\Local\Temp emptied successfully
C:\windows\sysWoW64\config\systemprofile\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\networkservice\AppData\Local\Temp emptied successfully
C:\windows\serviceprofiles\Localservice\AppData\Local\Temp emptied successfully
C:\windows\Temp will be emptied at reboot
==== After Reboot ======================
==== Empty Temp Folders ======================
C:\windows\Temp successfully emptied
C:\Users\Pavel\AppData\Local\Temp successfully emptied
==== Empty Recycle Bin ======================
C:\$RECYCLE.BIN successfully emptied
==== EOF on so 06.12.2014 at 0:39:49,84 ======================
Děkuji moc za pomoc
Přispějete na provoz fóra?