Jump to content


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.

Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't run AdwCleaner - please help!


  • Please log in to reply
9 replies to this topic

#1 Olyabusha

Olyabusha

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 05 January 2013 - 07:38 PM

Hello everyone!

I wanted to delete any adware I may have, that's why I downloaded AdwCleaner. I clicked on Search and saw a .txt file with the a bunch of stuff I want removed. BUT when I click on Delete I get this message Posted Image
I press OK - and nothing happens, my laptop won't restart and AdwCleaner doesn't start deleting. I tried to restart manually, tried running the program in the safe mode - but the result is the same. It seems I can't get AdwCleaner to run properly. I open it as an administrator every time.

Could you please help me with my problem? I have no idea what to do :(

P.S. When I press OK and nothing happens, AdwCleaner freezes and I can't even close it properly. I get the message that this program is not responding, and even after that message I can't close it...

Edited by Olyabusha, 05 January 2013 - 08:06 PM.


BC AdBot (Login to Remove)

 


#2 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Study Hall Senior
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:01:16 AM

Posted 06 January 2013 - 06:22 AM

Hi, Olyabusha! I'm going to try to help you out. :)

That is very strange indeed. :o I reported the problem to the creator of AdwCleaner, so maybe he'll be able to work out what's wrong. In the meantime, I'll use some other tools to check out your PC.

TDSSKiller

I need you to run a scan using TDSSKiller.

  • Download TDSSKiller from here, and save it to your desktop.
  • Double click the file to launch the program. Once the program starts, click Start Scan. Don't change any default scan settings.
  • Once the scan is finished, you'll find a log in your root drive (usually C: ) that will start with TDSS in the file name, please copy and paste it into your reply.

Malwarebytes

I need you to run a scan with Malwarebytes Anti-Malware.

  • Download MBAM from here, and save it to your desktop.
  • Double-click the installer to run it. During the installation, simply follow the prompts and let the program install. However, if you do not want to start a trial of the full version, please decline, and if offered any external toolbars/programs, feel free to uncheck to install them, unless you want them.
  • Once the program is done installing and updating, select the Perform full scan option on the main interface. The click the Scan button, hit Scan, and let the scan run.
  • Once the scan is finished, a log will pop up. If any malware was found, click the Show Results button, and make sure everything present is checked and click Remove Selected. If MBAM asks you to reboot, do so immediately. Either way, please copy and paste the log into your reply. If your PC is rebooted, you can find the log by opening up MBAM and going to the Logs tab.

RogueKiller

I need you to run RogueKiller to see if it removes anything.

  • Download RogueKiller from here, and save it to your desktop.
  • Close all open programs.
  • Double click the file on your desktop. Once the automatic check completes, hit the Scan button.
  • Once the full scan has finished, click on the Delete button. Once it's done removing things, open the newest log on your desktop (should be called RKreport[2].txt) and copy and paste it into your reply.

Gunto

renardsig1_zps37f3a38c.jpg

It's pronounced Goon-toe!
Member of the Bleeping Computer A.I.I. early response team!


#3 Olyabusha

Olyabusha
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 15 January 2013 - 08:49 PM

Hi Gunto!
Thank you so much for trying to help me!
I'm sorry I couldn't reply earlier :(
When I was performing full scan, I realised it was taking too long (and noticed a folder the scan was stuck in). I googled my problem :) Turns out, I had a LocalMLS folder filled with tons of little .jpg files. It took me a while to delete them all - 2 000 000+ files total (that's about 40 GB worth of space) - the files were hidden, etc.
Meanwhile, I noticed that a new version of AdwCleaner had become available. I downloaded it, but I still have the same problem - the program simply won't run on my computer.
Anyway, here are the logs:

16:19:13.0176 7132  TDSS rootkit removing tool 2.8.15.0 Oct 31 2012 21:47:35
16:19:13.0535 7132  ============================================================
16:19:13.0535 7132  Current date / time: 2013/01/15 16:19:13.0535
16:19:13.0535 7132  SystemInfo:
16:19:13.0535 7132  
16:19:13.0535 7132  OS Version: 6.1.7601 ServicePack: 1.0
16:19:13.0535 7132  Product type: Workstation
16:19:13.0535 7132  ComputerName: AS7741G
16:19:13.0536 7132  UserName: acer
16:19:13.0536 7132  Windows directory: C:\Windows
16:19:13.0536 7132  System windows directory: C:\Windows
16:19:13.0536 7132  Running under WOW64
16:19:13.0536 7132  Processor architecture: Intel x64
16:19:13.0536 7132  Number of processors: 4
16:19:13.0536 7132  Page size: 0x1000
16:19:13.0536 7132  Boot type: Normal boot
16:19:13.0536 7132  ============================================================
16:19:16.0145 7132  Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
16:19:16.0167 7132  ============================================================
16:19:16.0167 7132  \Device\Harddisk0\DR0:
16:19:16.0167 7132  MBR partitions:
16:19:16.0167 7132  \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x1A5E800, BlocksNum 0x32000
16:19:16.0167 7132  \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x1A90800, BlocksNum 0x388F5030
16:19:16.0167 7132  ============================================================
16:19:16.0370 7132  C: <-> \Device\Harddisk0\DR0\Partition2
16:19:16.0371 7132  ============================================================
16:19:16.0371 7132  Initialize success
16:19:16.0371 7132  ============================================================
16:20:58.0163 9128  ============================================================
16:20:58.0163 9128  Scan started
16:20:58.0163 9128  Mode: Manual; 
16:20:58.0163 9128  ============================================================
16:20:58.0467 9128  ================ Scan system memory ========================
16:20:58.0467 9128  System memory - ok
16:20:58.0467 9128  ================ Scan services =============================
16:20:58.0736 9128  [ A87D604AEA360176311474C87A63BB88 ] 1394ohci        C:\Windows\system32\drivers\1394ohci.sys
16:20:58.0770 9128  1394ohci - ok
16:20:58.0958 9128  [ 309E130E78BAF666D65395D950F30885 ] ABBYY.Licensing.FineReader.Professional.10.0 C:\Program Files (x86)\Common Files\ABBYY\FineReader\10.00\Licensing\PE\NetworkLicenseServer.exe
16:20:58.0979 9128  ABBYY.Licensing.FineReader.Professional.10.0 - ok
16:20:59.0037 9128  [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI            C:\Windows\system32\drivers\ACPI.sys
16:20:59.0042 9128  ACPI - ok
16:20:59.0082 9128  [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi         C:\Windows\system32\drivers\acpipmi.sys
16:20:59.0084 9128  AcpiPmi - ok
16:20:59.0285 9128  [ D19C4EE2AC7C47B8F5F84FFF1A789D8A ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
16:20:59.0287 9128  AdobeARMservice - ok
16:20:59.0584 9128  [ 424877CB9D5517F980FF7BACA2EB379D ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
16:20:59.0590 9128  AdobeFlashPlayerUpdateSvc - ok
16:20:59.0677 9128  [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx         C:\Windows\system32\DRIVERS\adp94xx.sys
16:20:59.0685 9128  adp94xx - ok
16:20:59.0741 9128  [ 597F78224EE9224EA1A13D6350CED962 ] adpahci         C:\Windows\system32\DRIVERS\adpahci.sys
16:20:59.0748 9128  adpahci - ok
16:20:59.0796 9128  [ E109549C90F62FB570B9540C4B148E54 ] adpu320         C:\Windows\system32\DRIVERS\adpu320.sys
16:20:59.0800 9128  adpu320 - ok
16:20:59.0854 9128  [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc     C:\Windows\System32\aelupsvc.dll
16:20:59.0856 9128  AeLookupSvc - ok
16:20:59.0924 9128  [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD             C:\Windows\system32\drivers\afd.sys
16:20:59.0932 9128  AFD - ok
16:21:00.0005 9128  [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440          C:\Windows\system32\drivers\agp440.sys
16:21:00.0008 9128  agp440 - ok
16:21:00.0055 9128  [ 3290D6946B5E30E70414990574883DDB ] ALG             C:\Windows\System32\alg.exe
16:21:00.0057 9128  ALG - ok
16:21:00.0116 9128  [ 5812713A477A3AD7363C7438CA2EE038 ] aliide          C:\Windows\system32\drivers\aliide.sys
16:21:00.0118 9128  aliide - ok
16:21:00.0198 9128  [ FF779F9DE1CDF477033858B7681CEDA8 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
16:21:00.0202 9128  AMD External Events Utility - ok
16:21:00.0257 9128  [ 1FF8B4431C353CE385C875F194924C0C ] amdide          C:\Windows\system32\drivers\amdide.sys
16:21:00.0259 9128  amdide - ok
16:21:00.0325 9128  [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8           C:\Windows\system32\DRIVERS\amdk8.sys
16:21:00.0328 9128  AmdK8 - ok
16:21:00.0581 9128  [ EF2B99DCEE397B45F50594696D7B5339 ] amdkmdag        C:\Windows\system32\DRIVERS\atikmdag.sys
16:21:00.0733 9128  amdkmdag - ok
16:21:00.0785 9128  [ 239DCE60BEE6E1576C803948AB4D54C5 ] amdkmdap        C:\Windows\system32\DRIVERS\atikmpag.sys
16:21:00.0791 9128  amdkmdap - ok
16:21:00.0827 9128  [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM          C:\Windows\system32\DRIVERS\amdppm.sys
16:21:00.0829 9128  AmdPPM - ok
16:21:00.0878 9128  [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata         C:\Windows\system32\drivers\amdsata.sys
16:21:00.0882 9128  amdsata - ok
16:21:00.0937 9128  [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs          C:\Windows\system32\DRIVERS\amdsbs.sys
16:21:00.0941 9128  amdsbs - ok
16:21:00.0961 9128  [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata         C:\Windows\system32\drivers\amdxata.sys
16:21:00.0963 9128  amdxata - ok
16:21:01.0024 9128  [ 391887990CDAA83DE5C56C3FDE966DA1 ] AmUStor         C:\Windows\system32\drivers\AmUStor.SYS
16:21:01.0026 9128  AmUStor - ok
16:21:01.0094 9128  [ 89A69C3F2F319B43379399547526D952 ] AppID           C:\Windows\system32\drivers\appid.sys
16:21:01.0096 9128  AppID - ok
16:21:01.0132 9128  [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc        C:\Windows\System32\appidsvc.dll
16:21:01.0134 9128  AppIDSvc - ok
16:21:01.0187 9128  [ 3977D4A871CA0D4F2ED1E7DB46829731 ] Appinfo         C:\Windows\System32\appinfo.dll
16:21:01.0189 9128  Appinfo - ok
16:21:01.0305 9128  [ A5299D04ED225D64CF07A568A3E1BF8C ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
16:21:01.0307 9128  Apple Mobile Device - ok
16:21:01.0368 9128  [ C484F8CEB1717C540242531DB7845C4E ] arc             C:\Windows\system32\DRIVERS\arc.sys
16:21:01.0371 9128  arc - ok
16:21:01.0386 9128  [ 019AF6924AEFE7839F61C830227FE79C ] arcsas          C:\Windows\system32\DRIVERS\arcsas.sys
16:21:01.0389 9128  arcsas - ok
16:21:01.0441 9128  [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac        C:\Windows\system32\DRIVERS\asyncmac.sys
16:21:01.0443 9128  AsyncMac - ok
16:21:01.0530 9128  [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi           C:\Windows\system32\drivers\atapi.sys
16:21:01.0532 9128  atapi - ok
16:21:01.0614 9128  [ 1C60A629AD4FFD06D80CD522B92CDB7C ] AthBTPort       C:\Windows\system32\DRIVERS\btath_flt.sys
16:21:01.0616 9128  AthBTPort - ok
16:21:01.0674 9128  [ 4ECC791539F23982411864037D1AC8FC ] ATHDFU          C:\Windows\system32\Drivers\AthDfu.sys
16:21:01.0677 9128  ATHDFU - ok
16:21:01.0787 9128  [ A31F72621C938048CBA02E82542F0715 ] AtherosSvc      C:\Program Files (x86)\Bluetooth Suite\adminservice.exe
16:21:01.0788 9128  AtherosSvc - ok
16:21:01.0886 9128  [ E642491F64E58CD5BC8FB8B347DCF65F ] athr            C:\Windows\system32\DRIVERS\athrx.sys
16:21:01.0962 9128  athr - ok
16:21:02.0109 9128  [ FDA1E117A7E880BFF5540D180C06EA87 ] AtiHDAudioService C:\Windows\system32\drivers\AtihdW76.sys
16:21:02.0113 9128  AtiHDAudioService - ok
16:21:02.0188 9128  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
16:21:02.0198 9128  AudioEndpointBuilder - ok
16:21:02.0240 9128  [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv        C:\Windows\System32\Audiosrv.dll
16:21:02.0246 9128  AudioSrv - ok
16:21:02.0326 9128  [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV        C:\Windows\System32\AxInstSV.dll
16:21:02.0330 9128  AxInstSV - ok
16:21:02.0399 9128  [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv         C:\Windows\system32\DRIVERS\bxvbda.sys
16:21:02.0409 9128  b06bdrv - ok
16:21:02.0500 9128  [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a        C:\Windows\system32\DRIVERS\b57nd60a.sys
16:21:02.0506 9128  b57nd60a - ok
16:21:02.0575 9128  [ 9E84A931DBEE0292E38ED672F6293A99 ] BCM43XX         C:\Windows\system32\DRIVERS\bcmwl664.sys
16:21:02.0608 9128  BCM43XX - ok
16:21:02.0669 9128  [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC          C:\Windows\System32\bdesvc.dll
16:21:02.0673 9128  BDESVC - ok
16:21:02.0781 9128  [ 16A47CE2DECC9B099349A5F840654746 ] Beep            C:\Windows\system32\drivers\Beep.sys
16:21:02.0783 9128  Beep - ok
16:21:02.0895 9128  [ 82974D6A2FD19445CC5171FC378668A4 ] BFE             C:\Windows\System32\bfe.dll
16:21:02.0912 9128  BFE - ok
16:21:02.0995 9128  [ 1EA7969E3271CBC59E1730697DC74682 ] BITS            C:\Windows\System32\qmgr.dll
16:21:03.0072 9128  BITS - ok
16:21:03.0104 9128  [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive        C:\Windows\system32\DRIVERS\blbdrive.sys
16:21:03.0106 9128  blbdrive - ok
16:21:03.0341 9128  [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
16:21:03.0350 9128  Bonjour Service - ok
16:21:03.0422 9128  [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser          C:\Windows\system32\DRIVERS\bowser.sys
16:21:03.0424 9128  bowser - ok
16:21:03.0480 9128  [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo        C:\Windows\system32\DRIVERS\BrFiltLo.sys
16:21:03.0483 9128  BrFiltLo - ok
16:21:03.0489 9128  [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp        C:\Windows\system32\DRIVERS\BrFiltUp.sys
16:21:03.0491 9128  BrFiltUp - ok
16:21:03.0539 9128  [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser         C:\Windows\System32\browser.dll
16:21:03.0542 9128  Browser - ok
16:21:03.0775 9128  [ 4C260DE6B554A670546578426BB0C604 ] BrowserProtect  C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe
16:21:03.0828 9128  BrowserProtect - ok
16:21:03.0892 9128  [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid         C:\Windows\System32\Drivers\Brserid.sys
16:21:03.0898 9128  Brserid - ok
16:21:03.0905 9128  [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm        C:\Windows\System32\Drivers\BrSerWdm.sys
16:21:03.0907 9128  BrSerWdm - ok
16:21:03.0941 9128  [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm        C:\Windows\System32\Drivers\BrUsbMdm.sys
16:21:03.0943 9128  BrUsbMdm - ok
16:21:03.0948 9128  [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer        C:\Windows\System32\Drivers\BrUsbSer.sys
16:21:03.0950 9128  BrUsbSer - ok
16:21:04.0003 9128  [ 89F5586E80B42CA4E98B3EFDAFCAD1B8 ] BTATH_A2DP      C:\Windows\system32\drivers\btath_a2dp.sys
16:21:04.0010 9128  BTATH_A2DP - ok
16:21:04.0080 9128  [ BC14A513C0120919A019E18061FACA46 ] BTATH_BUS       C:\Windows\system32\DRIVERS\btath_bus.sys
16:21:04.0081 9128  BTATH_BUS - ok
16:21:04.0106 9128  [ 76E867C34242D16E3418AA9A9430D96A ] BTATH_HCRP      C:\Windows\system32\DRIVERS\btath_hcrp.sys
16:21:04.0111 9128  BTATH_HCRP - ok
16:21:04.0143 9128  [ 6409827297DAF3699643E9F6EC5C2CD2 ] BTATH_LWFLT     C:\Windows\system32\DRIVERS\btath_lwflt.sys
16:21:04.0146 9128  BTATH_LWFLT - ok
16:21:04.0189 9128  [ 2B53167C52A1730A59EDFD3C83DEFF70 ] BTATH_RCP       C:\Windows\system32\DRIVERS\btath_rcp.sys
16:21:04.0192 9128  BTATH_RCP - ok
16:21:04.0261 9128  [ 9B014E62BD3541812A0B2A46459B31D7 ] BtFilter        C:\Windows\system32\DRIVERS\btfilter.sys
16:21:04.0267 9128  BtFilter - ok
16:21:04.0343 9128  [ CF98190A94F62E405C8CB255018B2315 ] BthEnum         C:\Windows\system32\drivers\BthEnum.sys
16:21:04.0345 9128  BthEnum - ok
16:21:04.0394 9128  [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM        C:\Windows\system32\DRIVERS\bthmodem.sys
16:21:04.0396 9128  BTHMODEM - ok
16:21:04.0440 9128  [ 02DD601B708DD0667E1331FA8518E9FF ] BthPan          C:\Windows\system32\DRIVERS\bthpan.sys
16:21:04.0443 9128  BthPan - ok
16:21:04.0538 9128  [ 738D0E9272F59EB7A1449C3EC118E6C4 ] BTHPORT         C:\Windows\System32\Drivers\BTHport.sys
16:21:04.0549 9128  BTHPORT - ok
16:21:04.0638 9128  [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv         C:\Windows\system32\bthserv.dll
16:21:04.0642 9128  bthserv - ok
16:21:04.0712 9128  [ F188B7394D81010767B6DF3178519A37 ] BTHUSB          C:\Windows\System32\Drivers\BTHUSB.sys
16:21:04.0715 9128  BTHUSB - ok
16:21:04.0764 9128  [ B8BD2BB284668C84865658C77574381A ] cdfs            C:\Windows\system32\DRIVERS\cdfs.sys
16:21:04.0767 9128  cdfs - ok
16:21:04.0839 9128  [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom           C:\Windows\system32\drivers\cdrom.sys
16:21:04.0843 9128  cdrom - ok
16:21:04.0892 9128  [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc     C:\Windows\System32\certprop.dll
16:21:04.0894 9128  CertPropSvc - ok
16:21:04.0959 9128  [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass        C:\Windows\system32\DRIVERS\circlass.sys
16:21:04.0961 9128  circlass - ok
16:21:05.0007 9128  [ FE1EC06F2253F691FE36217C592A0206 ] CLFS            C:\Windows\system32\CLFS.sys
16:21:05.0013 9128  CLFS - ok
16:21:05.0143 9128  [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
16:21:05.0148 9128  clr_optimization_v2.0.50727_32 - ok
16:21:05.0199 9128  [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
16:21:05.0206 9128  clr_optimization_v2.0.50727_64 - ok
16:21:05.0450 9128  [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
16:21:05.0527 9128  clr_optimization_v4.0.30319_32 - ok
16:21:05.0579 9128  [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
16:21:05.0583 9128  clr_optimization_v4.0.30319_64 - ok
16:21:05.0642 9128  [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt          C:\Windows\system32\DRIVERS\CmBatt.sys
16:21:05.0643 9128  CmBatt - ok
16:21:05.0681 9128  [ E19D3F095812725D88F9001985B94EDD ] cmdide          C:\Windows\system32\drivers\cmdide.sys
16:21:05.0683 9128  cmdide - ok
16:21:05.0742 9128  [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG             C:\Windows\system32\Drivers\cng.sys
16:21:05.0751 9128  CNG - ok
16:21:05.0865 9128  [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt        C:\Windows\system32\DRIVERS\compbatt.sys
16:21:05.0867 9128  Compbatt - ok
16:21:05.0937 9128  [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus    C:\Windows\system32\drivers\CompositeBus.sys
16:21:05.0939 9128  CompositeBus - ok
16:21:05.0951 9128  COMSysApp - ok
16:21:05.0976 9128  [ 1C827878A998C18847245FE1F34EE597 ] crcdisk         C:\Windows\system32\DRIVERS\crcdisk.sys
16:21:05.0979 9128  crcdisk - ok
16:21:06.0029 9128  [ 9C01375BE382E834CC26D1B7EAF2C4FE ] CryptSvc        C:\Windows\system32\cryptsvc.dll
16:21:06.0044 9128  CryptSvc - ok
16:21:06.0209 9128  [ 72794D112CBAFF3BC0C29BF7350D4741 ] cvhsvc          C:\Program Files (x86)\Common Files\Microsoft Shared\Virtualization Handler\CVHSVC.EXE
16:21:06.0222 9128  cvhsvc - ok
16:21:06.0330 9128  [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch      C:\Windows\system32\rpcss.dll
16:21:06.0342 9128  DcomLaunch - ok
16:21:06.0436 9128  [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc       C:\Windows\System32\defragsvc.dll
16:21:06.0442 9128  defragsvc - ok
16:21:06.0514 9128  [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC            C:\Windows\system32\Drivers\dfsc.sys
16:21:06.0517 9128  DfsC - ok
16:21:06.0618 9128  [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp            C:\Windows\system32\dhcpcore.dll
16:21:06.0625 9128  Dhcp - ok
16:21:06.0691 9128  [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache        C:\Windows\system32\drivers\discache.sys
16:21:06.0693 9128  discache - ok
16:21:06.0727 9128  [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk            C:\Windows\system32\DRIVERS\disk.sys
16:21:06.0730 9128  Disk - ok
16:21:06.0787 9128  [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache        C:\Windows\System32\dnsrslvr.dll
16:21:06.0792 9128  Dnscache - ok
16:21:06.0852 9128  [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc         C:\Windows\System32\dot3svc.dll
16:21:06.0858 9128  dot3svc - ok
16:21:06.0910 9128  [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS             C:\Windows\system32\dps.dll
16:21:06.0915 9128  DPS - ok
16:21:06.0969 9128  [ 9B19F34400D24DF84C858A421C205754 ] drmkaud         C:\Windows\system32\drivers\drmkaud.sys
16:21:06.0970 9128  drmkaud - ok
16:21:07.0072 9128  [ 9CF46FDF163E06B83D03FF929EF2296C ] DsiWMIService   C:\Program Files (x86)\Launch Manager\dsiwmis.exe
16:21:07.0077 9128  DsiWMIService - ok
16:21:07.0158 9128  [ F5BEE30450E18E6B83A5012C100616FD ] DXGKrnl         C:\Windows\System32\drivers\dxgkrnl.sys
16:21:07.0176 9128  DXGKrnl - ok
16:21:07.0223 9128  [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost         C:\Windows\System32\eapsvc.dll
16:21:07.0226 9128  EapHost - ok
16:21:07.0408 9128  [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv           C:\Windows\system32\DRIVERS\evbda.sys
16:21:07.0519 9128  ebdrv - ok
16:21:07.0611 9128  [ C118A82CD78818C29AB228366EBF81C3 ] EFS             C:\Windows\System32\lsass.exe
16:21:07.0614 9128  EFS - ok
16:21:07.0778 9128  [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr         C:\Windows\ehome\ehRecvr.exe
16:21:07.0796 9128  ehRecvr - ok
16:21:07.0852 9128  [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched         C:\Windows\ehome\ehsched.exe
16:21:07.0855 9128  ehSched - ok
16:21:07.0927 9128  [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor         C:\Windows\system32\DRIVERS\elxstor.sys
16:21:07.0939 9128  elxstor - ok
16:21:08.0210 9128  [ 3EA2C4F68A782839D97B3C83595575B6 ] ePowerSvc       C:\Program Files\Acer\Acer ePower Management\ePowerSvc.exe
16:21:08.0229 9128  ePowerSvc - ok
16:21:08.0287 9128  [ 34A3C54752046E79A126E15C51DB409B ] ErrDev          C:\Windows\system32\drivers\errdev.sys
16:21:08.0289 9128  ErrDev - ok
16:21:08.0382 9128  [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem     C:\Windows\system32\es.dll
16:21:08.0389 9128  EventSystem - ok
16:21:08.0478 9128  [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat           C:\Windows\system32\drivers\exfat.sys
16:21:08.0483 9128  exfat - ok
16:21:08.0512 9128  [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat         C:\Windows\system32\drivers\fastfat.sys
16:21:08.0516 9128  fastfat - ok
16:21:08.0582 9128  [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax             C:\Windows\system32\fxssvc.exe
16:21:08.0592 9128  Fax - ok
16:21:08.0693 9128  [ D765D19CD8EF61F650C384F62FAC00AB ] fdc             C:\Windows\system32\DRIVERS\fdc.sys
16:21:08.0695 9128  fdc - ok
16:21:08.0735 9128  [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost         C:\Windows\system32\fdPHost.dll
16:21:08.0737 9128  fdPHost - ok
16:21:08.0755 9128  [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub        C:\Windows\system32\fdrespub.dll
16:21:08.0757 9128  FDResPub - ok
16:21:08.0805 9128  [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo        C:\Windows\system32\drivers\fileinfo.sys
16:21:08.0807 9128  FileInfo - ok
16:21:08.0822 9128  [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace       C:\Windows\system32\drivers\filetrace.sys
16:21:08.0824 9128  Filetrace - ok
16:21:08.0897 9128  [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk        C:\Windows\system32\DRIVERS\flpydisk.sys
16:21:08.0900 9128  flpydisk - ok
16:21:08.0953 9128  [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr          C:\Windows\system32\drivers\fltmgr.sys
16:21:08.0958 9128  FltMgr - ok
16:21:09.0046 9128  [ 5C4CB4086FB83115B153E47ADD961A0C ] FontCache       C:\Windows\system32\FntCache.dll
16:21:09.0079 9128  FontCache - ok
16:21:09.0171 9128  [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
16:21:09.0174 9128  FontCache3.0.0.0 - ok
16:21:09.0219 9128  [ D43703496149971890703B4B1B723EAC ] FsDepends       C:\Windows\system32\drivers\FsDepends.sys
16:21:09.0221 9128  FsDepends - ok
16:21:09.0275 9128  [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec          C:\Windows\system32\drivers\Fs_Rec.sys
16:21:09.0277 9128  Fs_Rec - ok
16:21:09.0393 9128  [ 1F7B25B858FA27015169FE95E54108ED ] fvevol          C:\Windows\system32\DRIVERS\fvevol.sys
16:21:09.0398 9128  fvevol - ok
16:21:09.0432 9128  [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx        C:\Windows\system32\DRIVERS\gagp30kx.sys
16:21:09.0434 9128  gagp30kx - ok
16:21:09.0479 9128  [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM     C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
16:21:09.0481 9128  GEARAspiWDM - ok
16:21:09.0551 9128  [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc           C:\Windows\System32\gpsvc.dll
16:21:09.0584 9128  gpsvc - ok
16:21:09.0758 9128  [ 9D784A0C003D34AF9CE2F0001D28725F ] Guard.Mail.ru   C:\Program Files (x86)\Mail.Ru\Guard\GuardMailRu.exe
16:21:09.0811 9128  Guard.Mail.ru - ok
16:21:09.0955 9128  [ F02A533F517EB38333CB12A9E8963773 ] gupdate         C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:09.0958 9128  gupdate - ok
16:21:09.0980 9128  [ F02A533F517EB38333CB12A9E8963773 ] gupdatem        C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
16:21:09.0982 9128  gupdatem - ok
16:21:10.0046 9128  [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir        C:\Windows\system32\drivers\hcw85cir.sys
16:21:10.0048 9128  hcw85cir - ok
16:21:10.0116 9128  [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
16:21:10.0122 9128  HdAudAddService - ok
16:21:10.0171 9128  [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus        C:\Windows\system32\drivers\HDAudBus.sys
16:21:10.0175 9128  HDAudBus - ok
16:21:10.0229 9128  [ B6AC71AAA2B10848F57FC49D55A651AF ] HECIx64         C:\Windows\system32\DRIVERS\HECIx64.sys
16:21:10.0231 9128  HECIx64 - ok
16:21:10.0280 9128  [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt         C:\Windows\system32\DRIVERS\HidBatt.sys
16:21:10.0282 9128  HidBatt - ok
16:21:10.0289 9128  [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth          C:\Windows\system32\DRIVERS\hidbth.sys
16:21:10.0292 9128  HidBth - ok
16:21:10.0312 9128  [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr           C:\Windows\system32\DRIVERS\hidir.sys
16:21:10.0314 9128  HidIr - ok
16:21:10.0365 9128  [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv         C:\Windows\system32\hidserv.dll
16:21:10.0367 9128  hidserv - ok
16:21:10.0420 9128  [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb          C:\Windows\system32\DRIVERS\hidusb.sys
16:21:10.0422 9128  HidUsb - ok
16:21:10.0455 9128  [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc          C:\Windows\system32\kmsvc.dll
16:21:10.0459 9128  hkmsvc - ok
16:21:10.0573 9128  [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
16:21:10.0580 9128  HomeGroupListener - ok
16:21:10.0654 9128  [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
16:21:10.0661 9128  HomeGroupProvider - ok
16:21:10.0694 9128  [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD          C:\Windows\system32\drivers\HpSAMD.sys
16:21:10.0696 9128  HpSAMD - ok
16:21:10.0773 9128  [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP            C:\Windows\system32\drivers\HTTP.sys
16:21:10.0791 9128  HTTP - ok
16:21:10.0848 9128  [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy        C:\Windows\system32\drivers\hwpolicy.sys
16:21:10.0850 9128  hwpolicy - ok
16:21:10.0905 9128  [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt        C:\Windows\system32\drivers\i8042prt.sys
16:21:10.0908 9128  i8042prt - ok
16:21:10.0976 9128  [ ABBF174CB394F5C437410A788B7E404A ] iaStor          C:\Windows\system32\DRIVERS\iaStor.sys
16:21:10.0982 9128  iaStor - ok
16:21:11.0114 9128  [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV         C:\Windows\system32\drivers\iaStorV.sys
16:21:11.0122 9128  iaStorV - ok
16:21:11.0265 9128  [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc           C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
16:21:11.0296 9128  idsvc - ok
16:21:11.0484 9128  [ A87261EF1546325B559374F5689CF5BC ] igfx            C:\Windows\system32\DRIVERS\igdkmd64.sys
16:21:11.0616 9128  igfx - ok
16:21:11.0658 9128  [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp           C:\Windows\system32\DRIVERS\iirsp.sys
16:21:11.0660 9128  iirsp - ok
16:21:11.0725 9128  [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT          C:\Windows\System32\ikeext.dll
16:21:11.0745 9128  IKEEXT - ok
16:21:11.0860 9128  [ E8017F1662D9142F45CEAB694D013C00 ] IntcAzAudAddService C:\Windows\system32\drivers\RTKVHD64.sys
16:21:11.0923 9128  IntcAzAudAddService - ok
16:21:11.0981 9128  [ F00F20E70C6EC3AA366910083A0518AA ] intelide        C:\Windows\system32\drivers\intelide.sys
16:21:11.0983 9128  intelide - ok
16:21:12.0061 9128  [ ADA036632C664CAA754079041CF1F8C1 ] intelppm        C:\Windows\system32\DRIVERS\intelppm.sys
16:21:12.0063 9128  intelppm - ok
16:21:12.0104 9128  io.sys - ok
16:21:12.0144 9128  [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum       C:\Windows\system32\ipbusenum.dll
16:21:12.0148 9128  IPBusEnum - ok
16:21:12.0217 9128  [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver  C:\Windows\system32\DRIVERS\ipfltdrv.sys
16:21:12.0220 9128  IpFilterDriver - ok
16:21:12.0323 9128  [ 08C2957BB30058E663720C5606885653 ] iphlpsvc        C:\Windows\System32\iphlpsvc.dll
16:21:12.0333 9128  iphlpsvc - ok
16:21:12.0378 9128  [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV         C:\Windows\system32\drivers\IPMIDrv.sys
16:21:12.0381 9128  IPMIDRV - ok
16:21:12.0426 9128  [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT           C:\Windows\system32\drivers\ipnat.sys
16:21:12.0429 9128  IPNAT - ok
16:21:12.0518 9128  [ B474C756C13960793C7583B766F904C4 ] iPod Service    C:\Program Files\iPod\bin\iPodService.exe
16:21:12.0534 9128  iPod Service - ok
16:21:12.0556 9128  [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM          C:\Windows\system32\drivers\irenum.sys
16:21:12.0558 9128  IRENUM - ok
16:21:12.0594 9128  [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp          C:\Windows\system32\drivers\isapnp.sys
16:21:12.0596 9128  isapnp - ok
16:21:12.0646 9128  [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt        C:\Windows\system32\drivers\msiscsi.sys
16:21:12.0652 9128  iScsiPrt - ok
16:21:12.0742 9128  [ 44353CA620C4C679F0FAF41D6623EDDA ] jakndis         C:\Windows\system32\DRIVERS\jakndis.sys
16:21:12.0812 9128  jakndis - ok
16:21:12.0817 9128  [ 44353CA620C4C679F0FAF41D6623EDDA ] jakndisMP       C:\Windows\system32\DRIVERS\jakndis.sys
16:21:12.0818 9128  jakndisMP - ok
16:21:12.0936 9128  [ 12E27942DBB7C91880163634B0D8A776 ] k57nd60a        C:\Windows\system32\DRIVERS\k57nd60a.sys
16:21:12.0945 9128  k57nd60a - ok
16:21:12.0997 9128  [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass        C:\Windows\system32\drivers\kbdclass.sys
16:21:12.0999 9128  kbdclass - ok
16:21:13.0037 9128  [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid          C:\Windows\system32\drivers\kbdhid.sys
16:21:13.0039 9128  kbdhid - ok
16:21:13.0067 9128  [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso          C:\Windows\system32\lsass.exe
16:21:13.0069 9128  KeyIso - ok
16:21:13.0113 9128  [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD          C:\Windows\system32\Drivers\ksecdd.sys
16:21:13.0116 9128  KSecDD - ok
16:21:13.0130 9128  [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg         C:\Windows\system32\Drivers\ksecpkg.sys
16:21:13.0134 9128  KSecPkg - ok
16:21:13.0192 9128  [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk         C:\Windows\system32\drivers\ksthunk.sys
16:21:13.0194 9128  ksthunk - ok
16:21:13.0285 9128  [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm           C:\Windows\system32\msdtckrm.dll
16:21:13.0295 9128  KtmRm - ok
16:21:13.0331 9128  [ 2AC603C3188C704CFCE353659AA7AD71 ] L1E             C:\Windows\system32\DRIVERS\L1E62x64.sys
16:21:13.0334 9128  L1E - ok
16:21:13.0410 9128  [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer    C:\Windows\system32\srvsvc.dll
16:21:13.0417 9128  LanmanServer - ok
16:21:13.0465 9128  [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
16:21:13.0470 9128  LanmanWorkstation - ok
16:21:13.0512 9128  [ 1538831CF8AD2979A04C423779465827 ] lltdio          C:\Windows\system32\DRIVERS\lltdio.sys
16:21:13.0514 9128  lltdio - ok
16:21:13.0571 9128  [ C1185803384AB3FEED115F79F109427F ] lltdsvc         C:\Windows\System32\lltdsvc.dll
16:21:13.0578 9128  lltdsvc - ok
16:21:13.0638 9128  [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts         C:\Windows\System32\lmhsvc.dll
16:21:13.0641 9128  lmhosts - ok
16:21:13.0837 9128  [ 23DE5B62B0445A6F874BE633C95B483E ] LMS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
16:21:13.0843 9128  LMS - ok
16:21:13.0900 9128  [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC          C:\Windows\system32\DRIVERS\lsi_fc.sys
16:21:13.0904 9128  LSI_FC - ok
16:21:13.0916 9128  [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS         C:\Windows\system32\DRIVERS\lsi_sas.sys
16:21:13.0919 9128  LSI_SAS - ok
16:21:13.0939 9128  [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2        C:\Windows\system32\DRIVERS\lsi_sas2.sys
16:21:13.0942 9128  LSI_SAS2 - ok
16:21:13.0961 9128  [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI        C:\Windows\system32\DRIVERS\lsi_scsi.sys
16:21:13.0964 9128  LSI_SCSI - ok
16:21:13.0987 9128  [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv           C:\Windows\system32\drivers\luafv.sys
16:21:13.0989 9128  luafv - ok
16:21:14.0221 9128  [ 2E1652D8AB971403EAADDC921800B1FA ] mbmiodrvr       C:\Windows\syswow64\mbmiodrvr.sys
16:21:14.0240 9128  mbmiodrvr - ok
16:21:14.0286 9128  [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc         C:\Windows\system32\Mcx2Svc.dll
16:21:14.0290 9128  Mcx2Svc - ok
16:21:14.0315 9128  [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas         C:\Windows\system32\DRIVERS\megasas.sys
16:21:14.0317 9128  megasas - ok
16:21:14.0365 9128  [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR          C:\Windows\system32\DRIVERS\MegaSR.sys
16:21:14.0371 9128  MegaSR - ok
16:21:14.0432 9128  [ E40E80D0304A73E8D269F7141D77250B ] MMCSS           C:\Windows\system32\mmcss.dll
16:21:14.0453 9128  MMCSS - ok
16:21:14.0476 9128  [ 800BA92F7010378B09F9ED9270F07137 ] Modem           C:\Windows\system32\drivers\modem.sys
16:21:14.0478 9128  Modem - ok
16:21:14.0517 9128  [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor         C:\Windows\system32\DRIVERS\monitor.sys
16:21:14.0519 9128  monitor - ok
16:21:14.0571 9128  [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass        C:\Windows\system32\DRIVERS\mouclass.sys
16:21:14.0573 9128  mouclass - ok
16:21:14.0614 9128  [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid          C:\Windows\system32\DRIVERS\mouhid.sys
16:21:14.0616 9128  mouhid - ok
16:21:14.0670 9128  [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr        C:\Windows\system32\drivers\mountmgr.sys
16:21:14.0672 9128  mountmgr - ok
16:21:14.0749 9128  [ 730A519505621DF46BCBF9CDAC9FB6AD ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
16:21:14.0793 9128  MozillaMaintenance - ok
16:21:14.0897 9128  [ 05BF204EC0E82CC4A054DB189C8A3D84 ] MpFilter        C:\Windows\system32\DRIVERS\MpFilter.sys
16:21:14.0902 9128  MpFilter - ok
16:21:14.0933 9128  [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio            C:\Windows\system32\drivers\mpio.sys
16:21:14.0937 9128  mpio - ok
16:21:14.0991 9128  [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv          C:\Windows\system32\drivers\mpsdrv.sys
16:21:14.0994 9128  mpsdrv - ok
16:21:15.0058 9128  [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc          C:\Windows\system32\mpssvc.dll
16:21:15.0074 9128  MpsSvc - ok
16:21:15.0147 9128  [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV          C:\Windows\system32\drivers\mrxdav.sys
16:21:15.0151 9128  MRxDAV - ok
16:21:15.0204 9128  [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb          C:\Windows\system32\DRIVERS\mrxsmb.sys
16:21:15.0207 9128  mrxsmb - ok
16:21:15.0318 9128  [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10        C:\Windows\system32\DRIVERS\mrxsmb10.sys
16:21:15.0324 9128  mrxsmb10 - ok
16:21:15.0384 9128  [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20        C:\Windows\system32\DRIVERS\mrxsmb20.sys
16:21:15.0387 9128  mrxsmb20 - ok
16:21:15.0440 9128  [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci          C:\Windows\system32\drivers\msahci.sys
16:21:15.0443 9128  msahci - ok
16:21:15.0495 9128  [ DB801A638D011B9633829EB6F663C900 ] msdsm           C:\Windows\system32\drivers\msdsm.sys
16:21:15.0498 9128  msdsm - ok
16:21:15.0534 9128  [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC           C:\Windows\System32\msdtc.exe
16:21:15.0539 9128  MSDTC - ok
16:21:15.0583 9128  [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs            C:\Windows\system32\drivers\Msfs.sys
16:21:15.0584 9128  Msfs - ok
16:21:15.0601 9128  [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf       C:\Windows\System32\drivers\mshidkmdf.sys
16:21:15.0603 9128  mshidkmdf - ok
16:21:15.0653 9128  [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv        C:\Windows\system32\drivers\msisadrv.sys
16:21:15.0655 9128  msisadrv - ok
16:21:15.0756 9128  [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI         C:\Windows\system32\iscsiexe.dll
16:21:15.0760 9128  MSiSCSI - ok
16:21:15.0773 9128  msiserver - ok
16:21:15.0811 9128  [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV         C:\Windows\system32\drivers\MSKSSRV.sys
16:21:15.0813 9128  MSKSSRV - ok
16:21:16.0009 9128  [ CC8E4F72F21340A4D3A3D4DB50313EF5 ] MsMpSvc         c:\Program Files\Microsoft Security Client\MsMpEng.exe
16:21:16.0010 9128  MsMpSvc - ok
16:21:16.0036 9128  [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK        C:\Windows\system32\drivers\MSPCLOCK.sys
16:21:16.0037 9128  MSPCLOCK - ok
16:21:16.0046 9128  [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM           C:\Windows\system32\drivers\MSPQM.sys
16:21:16.0047 9128  MSPQM - ok
16:21:16.0094 9128  [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC           C:\Windows\system32\drivers\MsRPC.sys
16:21:16.0100 9128  MsRPC - ok
16:21:16.0162 9128  [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios        C:\Windows\system32\drivers\mssmbios.sys
16:21:16.0164 9128  mssmbios - ok
16:21:16.0198 9128  [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE           C:\Windows\system32\drivers\MSTEE.sys
16:21:16.0200 9128  MSTEE - ok
16:21:16.0228 9128  [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig        C:\Windows\system32\DRIVERS\MTConfig.sys
16:21:16.0230 9128  MTConfig - ok
16:21:16.0269 9128  [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup             C:\Windows\system32\Drivers\mup.sys
16:21:16.0271 9128  Mup - ok
16:21:16.0331 9128  [ 582AC6D9873E31DFA28A4547270862DD ] napagent        C:\Windows\system32\qagentRT.dll
16:21:16.0342 9128  napagent - ok
16:21:16.0398 9128  [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP     C:\Windows\system32\DRIVERS\nwifi.sys
16:21:16.0404 9128  NativeWifiP - ok
16:21:16.0482 9128  [ 760E38053BF56E501D562B70AD796B88 ] NDIS            C:\Windows\system32\drivers\ndis.sys
16:21:16.0501 9128  NDIS - ok
16:21:16.0530 9128  [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap         C:\Windows\system32\DRIVERS\ndiscap.sys
16:21:16.0531 9128  NdisCap - ok
16:21:16.0560 9128  [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi        C:\Windows\system32\DRIVERS\ndistapi.sys
16:21:16.0562 9128  NdisTapi - ok
16:21:16.0633 9128  [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio         C:\Windows\system32\DRIVERS\ndisuio.sys
16:21:16.0635 9128  Ndisuio - ok
16:21:16.0696 9128  [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan         C:\Windows\system32\DRIVERS\ndiswan.sys
16:21:16.0700 9128  NdisWan - ok
16:21:16.0765 9128  [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy         C:\Windows\system32\drivers\NDProxy.sys
16:21:16.0767 9128  NDProxy - ok
16:21:16.0802 9128  [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS         C:\Windows\system32\DRIVERS\netbios.sys
16:21:16.0804 9128  NetBIOS - ok
16:21:16.0849 9128  [ 09594D1089C523423B32A4229263F068 ] NetBT           C:\Windows\system32\DRIVERS\netbt.sys
16:21:16.0854 9128  NetBT - ok
16:21:16.0889 9128  [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon        C:\Windows\system32\lsass.exe
16:21:16.0891 9128  Netlogon - ok
16:21:16.0947 9128  [ 847D3AE376C0817161A14A82C8922A9E ] Netman          C:\Windows\System32\netman.dll
16:21:16.0956 9128  Netman - ok
16:21:16.0986 9128  [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm        C:\Windows\System32\netprofm.dll
16:21:16.0993 9128  netprofm - ok
16:21:17.0060 9128  [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
16:21:17.0063 9128  NetTcpPortSharing - ok
16:21:17.0174 9128  [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960         C:\Windows\system32\DRIVERS\nfrd960.sys
16:21:17.0176 9128  nfrd960 - ok
16:21:17.0242 9128  [ 5FF89F20317309D28AC1EDEB0CD1BA72 ] NisDrv          C:\Windows\system32\DRIVERS\NisDrvWFP.sys
16:21:17.0245 9128  NisDrv - ok
16:21:17.0331 9128  [ 79E80B10FE8F6662E0C9162A68C43444 ] NisSrv          c:\Program Files\Microsoft Security Client\NisSrv.exe
16:21:17.0336 9128  NisSrv - ok
16:21:17.0403 9128  [ 8AD77806D336673F270DB31645267293 ] NlaSvc          C:\Windows\System32\nlasvc.dll
16:21:17.0412 9128  NlaSvc - ok
16:21:17.0516 9128  [ 351533ACC2A069B94E80BBFC177E8FDF ] NPF             C:\Windows\system32\drivers\npf.sys
16:21:17.0548 9128  NPF - ok
16:21:17.0599 9128  [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs            C:\Windows\system32\drivers\Npfs.sys
16:21:17.0601 9128  Npfs - ok
16:21:17.0648 9128  [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi             C:\Windows\system32\nsisvc.dll
16:21:17.0651 9128  nsi - ok
16:21:17.0662 9128  [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy        C:\Windows\system32\drivers\nsiproxy.sys
16:21:17.0663 9128  nsiproxy - ok
16:21:17.0747 9128  [ E453ACF4E7D44E5530B5D5F2B9CA8563 ] Ntfs            C:\Windows\system32\drivers\Ntfs.sys
16:21:17.0794 9128  Ntfs - ok
16:21:17.0834 9128  [ 9899284589F75FA8724FF3D16AED75C1 ] Null            C:\Windows\system32\drivers\Null.sys
16:21:17.0836 9128  Null - ok
16:21:17.0891 9128  [ 0A92CB65770442ED0DC44834632F66AD ] nvraid          C:\Windows\system32\drivers\nvraid.sys
16:21:17.0895 9128  nvraid - ok
16:21:17.0956 9128  [ DAB0E87525C10052BF65F06152F37E4A ] nvstor          C:\Windows\system32\drivers\nvstor.sys
16:21:17.0959 9128  nvstor - ok
16:21:18.0030 9128  [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp          C:\Windows\system32\drivers\nv_agp.sys
16:21:18.0033 9128  nv_agp - ok
16:21:18.0076 9128  [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394        C:\Windows\system32\drivers\ohci1394.sys
16:21:18.0078 9128  ohci1394 - ok
16:21:18.0281 9128  [ 9D10F99A6712E28F8ACD5641E3A7EA6B ] ose             C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
16:21:18.0285 9128  ose - ok
16:21:18.0578 9128  [ 61BFFB5F57AD12F83AB64B7181829B34 ] osppsvc         C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
16:21:18.0700 9128  osppsvc - ok
16:21:22.0585 9128  [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc        C:\Windows\system32\pnrpsvc.dll
16:21:22.0594 9128  p2pimsvc - ok
16:21:22.0702 9128  [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc          C:\Windows\system32\p2psvc.dll
16:21:22.0712 9128  p2psvc - ok
16:21:22.0760 9128  [ 0086431C29C35BE1DBC43F52CC273887 ] Parport         C:\Windows\system32\DRIVERS\parport.sys
16:21:22.0763 9128  Parport - ok
16:21:22.0834 9128  [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr         C:\Windows\system32\drivers\partmgr.sys
16:21:22.0837 9128  partmgr - ok
16:21:22.0868 9128  [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc          C:\Windows\System32\pcasvc.dll
16:21:22.0873 9128  PcaSvc - ok
16:21:22.0991 9128  [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci             C:\Windows\system32\drivers\pci.sys
16:21:22.0995 9128  pci - ok
16:21:23.0053 9128  [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide          C:\Windows\system32\drivers\pciide.sys
16:21:23.0055 9128  pciide - ok
16:21:23.0095 9128  [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia          C:\Windows\system32\DRIVERS\pcmcia.sys
16:21:23.0100 9128  pcmcia - ok
16:21:23.0134 9128  [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw             C:\Windows\system32\drivers\pcw.sys
16:21:23.0136 9128  pcw - ok
16:21:23.0163 9128  [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH          C:\Windows\system32\drivers\peauth.sys
16:21:23.0172 9128  PEAUTH - ok
16:21:23.0245 9128  [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost        C:\Windows\SysWow64\perfhost.exe
16:21:23.0249 9128  PerfHost - ok
16:21:23.0264 9128  pfc - ok
16:21:23.0355 9128  [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla             C:\Windows\system32\pla.dll
16:21:23.0395 9128  pla - ok
16:21:23.0483 9128  [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay        C:\Windows\system32\umpnpmgr.dll
16:21:23.0492 9128  PlugPlay - ok
16:21:23.0530 9128  [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg     C:\Windows\system32\pnrpauto.dll
16:21:23.0534 9128  PNRPAutoReg - ok
16:21:23.0585 9128  [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc         C:\Windows\system32\pnrpsvc.dll
16:21:23.0592 9128  PNRPsvc - ok
16:21:23.0719 9128  [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent     C:\Windows\System32\ipsecsvc.dll
16:21:23.0729 9128  PolicyAgent - ok
16:21:23.0777 9128  [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power           C:\Windows\system32\umpo.dll
16:21:23.0782 9128  Power - ok
16:21:23.0839 9128  [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport    C:\Windows\system32\DRIVERS\raspptp.sys
16:21:23.0842 9128  PptpMiniport - ok
16:21:23.0898 9128  [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor       C:\Windows\system32\DRIVERS\processr.sys
16:21:23.0901 9128  Processor - ok
16:21:23.0981 9128  [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc         C:\Windows\system32\profsvc.dll
16:21:23.0987 9128  ProfSvc - ok
16:21:24.0000 9128  [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
16:21:24.0002 9128  ProtectedStorage - ok
16:21:24.0064 9128  [ 0557CF5A2556BD58E26384169D72438D ] Psched          C:\Windows\system32\DRIVERS\pacer.sys
16:21:24.0067 9128  Psched - ok
16:21:24.0200 9128  [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300          C:\Windows\system32\DRIVERS\ql2300.sys
16:21:24.0272 9128  ql2300 - ok
16:21:24.0322 9128  [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx          C:\Windows\system32\DRIVERS\ql40xx.sys
16:21:24.0326 9128  ql40xx - ok
16:21:24.0371 9128  [ 906191634E99AEA92C4816150BDA3732 ] QWAVE           C:\Windows\system32\qwave.dll
16:21:24.0378 9128  QWAVE - ok
16:21:24.0397 9128  [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv        C:\Windows\system32\drivers\qwavedrv.sys
16:21:24.0399 9128  QWAVEdrv - ok
16:21:24.0417 9128  [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd          C:\Windows\system32\DRIVERS\rasacd.sys
16:21:24.0418 9128  RasAcd - ok
16:21:24.0476 9128  [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn     C:\Windows\system32\DRIVERS\AgileVpn.sys
16:21:24.0479 9128  RasAgileVpn - ok
16:21:24.0525 9128  [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto         C:\Windows\System32\rasauto.dll
16:21:24.0530 9128  RasAuto - ok
16:21:24.0595 9128  [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp         C:\Windows\system32\DRIVERS\rasl2tp.sys
16:21:24.0599 9128  Rasl2tp - ok
16:21:24.0648 9128  [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan          C:\Windows\System32\rasmans.dll
16:21:24.0656 9128  RasMan - ok
16:21:24.0706 9128  [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe        C:\Windows\system32\DRIVERS\raspppoe.sys
16:21:24.0709 9128  RasPppoe - ok
16:21:24.0785 9128  [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp         C:\Windows\system32\DRIVERS\rassstp.sys
16:21:24.0788 9128  RasSstp - ok
16:21:24.0899 9128  [ 77F665941019A1594D887A74F301FA2F ] rdbss           C:\Windows\system32\DRIVERS\rdbss.sys
16:21:24.0905 9128  rdbss - ok
16:21:24.0933 9128  [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus          C:\Windows\system32\DRIVERS\rdpbus.sys
16:21:24.0935 9128  rdpbus - ok
16:21:24.0975 9128  [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD          C:\Windows\system32\DRIVERS\RDPCDD.sys
16:21:24.0977 9128  RDPCDD - ok
16:21:25.0002 9128  [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD        C:\Windows\system32\drivers\rdpencdd.sys
16:21:25.0003 9128  RDPENCDD - ok
16:21:25.0018 9128  [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP        C:\Windows\system32\drivers\rdprefmp.sys
16:21:25.0020 9128  RDPREFMP - ok
16:21:25.0078 9128  [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD           C:\Windows\system32\drivers\RDPWD.sys
16:21:25.0082 9128  RDPWD - ok
16:21:25.0143 9128  [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost        C:\Windows\system32\drivers\rdyboost.sys
16:21:25.0148 9128  rdyboost - ok
16:21:25.0187 9128  [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess    C:\Windows\System32\mprdim.dll
16:21:25.0191 9128  RemoteAccess - ok
16:21:25.0229 9128  [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry  C:\Windows\system32\regsvc.dll
16:21:25.0235 9128  RemoteRegistry - ok
16:21:25.0289 9128  [ 3DD798846E2C28102B922C56E71B7932 ] RFCOMM          C:\Windows\system32\DRIVERS\rfcomm.sys
16:21:25.0293 9128  RFCOMM - ok
16:21:25.0339 9128  [ B60F58F175DE20A6739194E85B035178 ] rpcapd          C:\Program Files (x86)\WinPcap\rpcapd.exe
16:21:25.0342 9128  rpcapd - ok
16:21:25.0395 9128  [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper    C:\Windows\System32\RpcEpMap.dll
16:21:25.0400 9128  RpcEptMapper - ok
16:21:25.0424 9128  [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator      C:\Windows\system32\locator.exe
16:21:25.0427 9128  RpcLocator - ok
16:21:25.0542 9128  [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs           C:\Windows\system32\rpcss.dll
16:21:25.0551 9128  RpcSs - ok
16:21:25.0612 9128  [ DDC86E4F8E7456261E637E3552E804FF ] rspndr          C:\Windows\system32\DRIVERS\rspndr.sys
16:21:25.0615 9128  rspndr - ok
16:21:25.0644 9128  [ C118A82CD78818C29AB228366EBF81C3 ] SamSs           C:\Windows\system32\lsass.exe
16:21:25.0646 9128  SamSs - ok
16:21:25.0687 9128  [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port        C:\Windows\system32\drivers\sbp2port.sys
16:21:25.0690 9128  sbp2port - ok
16:21:25.0721 9128  [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr        C:\Windows\System32\SCardSvr.dll
16:21:25.0726 9128  SCardSvr - ok
16:21:25.0780 9128  [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter        C:\Windows\system32\DRIVERS\scfilter.sys
16:21:25.0782 9128  scfilter - ok
16:21:25.0847 9128  [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule        C:\Windows\system32\schedsvc.dll
16:21:25.0882 9128  Schedule - ok
16:21:25.0936 9128  [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc     C:\Windows\System32\certprop.dll
16:21:25.0937 9128  SCPolicySvc - ok
16:21:25.0974 9128  [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC          C:\Windows\System32\SDRSVC.dll
16:21:25.0980 9128  SDRSVC - ok
16:21:26.0051 9128  [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv          C:\Windows\system32\drivers\secdrv.sys
16:21:26.0052 9128  secdrv - ok
16:21:26.0093 9128  [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon        C:\Windows\system32\seclogon.dll
16:21:26.0097 9128  seclogon - ok
16:21:26.0148 9128  [ C32AB8FA018EF34C0F113BD501436D21 ] SENS            C:\Windows\System32\sens.dll
16:21:26.0152 9128  SENS - ok
16:21:26.0175 9128  [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc        C:\Windows\system32\sensrsvc.dll
16:21:26.0179 9128  SensrSvc - ok
16:21:26.0218 9128  [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum         C:\Windows\system32\DRIVERS\serenum.sys
16:21:26.0219 9128  Serenum - ok
16:21:26.0291 9128  [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial          C:\Windows\system32\DRIVERS\serial.sys
16:21:26.0294 9128  Serial - ok
16:21:26.0352 9128  [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse        C:\Windows\system32\DRIVERS\sermouse.sys
16:21:26.0354 9128  sermouse - ok
16:21:26.0400 9128  [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv      C:\Windows\system32\sessenv.dll
16:21:26.0405 9128  SessionEnv - ok
16:21:26.0438 9128  [ A554811BCD09279536440C964AE35BBF ] sffdisk         C:\Windows\system32\drivers\sffdisk.sys
16:21:26.0440 9128  sffdisk - ok
16:21:26.0464 9128  [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc        C:\Windows\system32\drivers\sffp_mmc.sys
16:21:26.0466 9128  sffp_mmc - ok
16:21:26.0475 9128  [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd         C:\Windows\system32\drivers\sffp_sd.sys
16:21:26.0477 9128  sffp_sd - ok
16:21:26.0535 9128  [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy         C:\Windows\system32\DRIVERS\sfloppy.sys
16:21:26.0537 9128  sfloppy - ok
16:21:26.0600 9128  [ C6CC9297BD53E5229653303E556AA539 ] Sftfs           C:\Windows\system32\DRIVERS\Sftfslh.sys
16:21:26.0615 9128  Sftfs - ok
16:21:26.0716 9128  [ 13693B6354DD6E72DC5131DA7D764B90 ] sftlist         C:\Program Files (x86)\Microsoft Application Virtualization Client\sftlist.exe
16:21:26.0726 9128  sftlist - ok
16:21:26.0745 9128  [ 390AA7BC52CEE43F6790CDEA1E776703 ] Sftplay         C:\Windows\system32\DRIVERS\Sftplaylh.sys
16:21:26.0751 9128  Sftplay - ok
16:21:26.0771 9128  [ 617E29A0B0A2807466560D4C4E338D3E ] Sftredir        C:\Windows\system32\DRIVERS\Sftredirlh.sys
16:21:26.0773 9128  Sftredir - ok
16:21:26.0792 9128  [ 8F571F016FA1976F445147E9E6C8AE9B ] Sftvol          C:\Windows\system32\DRIVERS\Sftvollh.sys
16:21:26.0794 9128  Sftvol - ok
16:21:26.0815 9128  [ C3CDDD18F43D44AB713CF8C4916F7696 ] sftvsa          C:\Program Files (x86)\Microsoft Application Virtualization Client\sftvsa.exe
16:21:26.0819 9128  sftvsa - ok
16:21:26.0860 9128  [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess    C:\Windows\System32\ipnathlp.dll
16:21:26.0866 9128  SharedAccess - ok
16:21:26.0920 9128  [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
16:21:26.0929 9128  ShellHWDetection - ok
16:21:26.0994 9128  [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2        C:\Windows\system32\DRIVERS\SiSRaid2.sys
16:21:26.0996 9128  SiSRaid2 - ok
16:21:27.0022 9128  [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4        C:\Windows\system32\DRIVERS\sisraid4.sys
16:21:27.0025 9128  SiSRaid4 - ok
16:21:27.0131 9128  [ A4FAB5F7818A69DA6E740943CB8F7CA9 ] SkypeUpdate     C:\Program Files (x86)\Skype\Updater\Updater.exe
16:21:27.0135 9128  SkypeUpdate - ok
16:21:27.0196 9128  [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb             C:\Windows\system32\DRIVERS\smb.sys
16:21:27.0199 9128  Smb - ok
16:21:27.0285 9128  [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP        C:\Windows\System32\snmptrap.exe
16:21:27.0289 9128  SNMPTRAP - ok
16:21:27.0390 9128  [ 12583AF6CBE0050651EAF2723B3AD7B3 ] speedfan        C:\Windows\syswow64\speedfan.sys
16:21:27.0459 9128  speedfan - ok
16:21:27.0524 9128  [ B9E31E5CACDFE584F34F730A677803F9 ] spldr           C:\Windows\system32\drivers\spldr.sys
16:21:27.0526 9128  spldr - ok
16:21:27.0581 9128  [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler         C:\Windows\System32\spoolsv.exe
16:21:27.0591 9128  Spooler - ok
16:21:27.0719 9128  [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc          C:\Windows\system32\sppsvc.exe
16:21:27.0790 9128  sppsvc - ok
16:21:27.0824 9128  [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify     C:\Windows\system32\sppuinotify.dll
16:21:27.0827 9128  sppuinotify - ok
16:21:27.0908 9128  [ 4C33F139236FD9BD14A920F60C1CB072 ] sptd            C:\Windows\system32\Drivers\sptd.sys
16:21:27.0908 9128  Suspicious file (NoAccess): C:\Windows\system32\Drivers\sptd.sys. md5: 4C33F139236FD9BD14A920F60C1CB072
16:21:27.0910 9128  sptd ( LockedFile.Multi.Generic ) - warning
16:21:27.0910 9128  sptd - detected LockedFile.Multi.Generic (1)
16:21:27.0970 9128  [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv             C:\Windows\system32\DRIVERS\srv.sys
16:21:27.0976 9128  srv - ok
16:21:28.0040 9128  [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2            C:\Windows\system32\DRIVERS\srv2.sys
16:21:28.0045 9128  srv2 - ok
16:21:28.0061 9128  [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet          C:\Windows\system32\DRIVERS\srvnet.sys
16:21:28.0064 9128  srvnet - ok
16:21:28.0126 9128  [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV         C:\Windows\System32\ssdpsrv.dll
16:21:28.0130 9128  SSDPSRV - ok
16:21:28.0146 9128  [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc         C:\Windows\system32\sstpsvc.dll
16:21:28.0149 9128  SstpSvc - ok
16:21:28.0336 9128  [ B1691AF4A072CB674D600DB16DD7308E ] StarWindServiceAE C:\Program Files (x86)\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe
16:21:28.0341 9128  StarWindServiceAE - ok
16:21:28.0383 9128  [ F3817967ED533D08327DC73BC4D5542A ] stexstor        C:\Windows\system32\DRIVERS\stexstor.sys
16:21:28.0385 9128  stexstor - ok
16:21:28.0528 9128  [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc          C:\Windows\System32\wiaservc.dll
16:21:28.0538 9128  stisvc - ok
16:21:28.0574 9128  [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum          C:\Windows\system32\drivers\swenum.sys
16:21:28.0576 9128  swenum - ok
16:21:28.0645 9128  [ E08E46FDD841B7184194011CA1955A0B ] swprv           C:\Windows\System32\swprv.dll
16:21:28.0653 9128  swprv - ok
16:21:28.0755 9128  [ ED6D1424E5B0C21A57B28DD8508D6843 ] SynTP           C:\Windows\system32\DRIVERS\SynTP.sys
16:21:28.0760 9128  SynTP - ok
16:21:28.0859 9128  [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain         C:\Windows\system32\sysmain.dll
16:21:28.0905 9128  SysMain - ok
16:21:28.0950 9128  [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
16:21:28.0954 9128  TabletInputService - ok
16:21:28.0995 9128  [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv         C:\Windows\System32\tapisrv.dll
16:21:29.0001 9128  TapiSrv - ok
16:21:29.0067 9128  [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS             C:\Windows\System32\tbssvc.dll
16:21:29.0070 9128  TBS - ok
16:21:29.0188 9128  [ 37608401DFDB388CAF66917F6B2D6FB0 ] Tcpip           C:\Windows\system32\drivers\tcpip.sys
16:21:29.0235 9128  Tcpip - ok
16:21:29.0346 9128  [ 37608401DFDB388CAF66917F6B2D6FB0 ] TCPIP6          C:\Windows\system32\DRIVERS\tcpip.sys
16:21:29.0356 9128  TCPIP6 - ok
16:21:29.0417 9128  [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg        C:\Windows\system32\drivers\tcpipreg.sys
16:21:29.0419 9128  tcpipreg - ok
16:21:29.0457 9128  [ 3371D21011695B16333A3934340C4E7C ] TDPIPE          C:\Windows\system32\drivers\tdpipe.sys
16:21:29.0459 9128  TDPIPE - ok
16:21:29.0521 9128  [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP           C:\Windows\system32\drivers\tdtcp.sys
16:21:29.0523 9128  TDTCP - ok
16:21:29.0600 9128  [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx             C:\Windows\system32\DRIVERS\tdx.sys
16:21:29.0603 9128  tdx - ok
16:21:29.0665 9128  [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD          C:\Windows\system32\drivers\termdd.sys
16:21:29.0668 9128  TermDD - ok
16:21:29.0738 9128  [ 2E648163254233755035B46DD7B89123 ] TermService     C:\Windows\System32\termsrv.dll
16:21:29.0766 9128  TermService - ok
16:21:29.0809 9128  [ F0344071948D1A1FA732231785A0664C ] Themes          C:\Windows\system32\themeservice.dll
16:21:29.0812 9128  Themes - ok
16:21:29.0854 9128  [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER     C:\Windows\system32\mmcss.dll
16:21:29.0856 9128  THREADORDER - ok
16:21:29.0905 9128  [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks          C:\Windows\System32\trkwks.dll
16:21:29.0909 9128  TrkWks - ok
16:21:30.0005 9128  [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
16:21:30.0008 9128  TrustedInstaller - ok
16:21:30.0043 9128  [ CE18B2CDFC837C99E5FAE9CA6CBA5D30 ] tssecsrv        C:\Windows\system32\DRIVERS\tssecsrv.sys
16:21:30.0045 9128  tssecsrv - ok
16:21:30.0130 9128  [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt        C:\Windows\system32\drivers\tsusbflt.sys
16:21:30.0133 9128  TsUsbFlt - ok
16:21:30.0207 9128  [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel          C:\Windows\system32\DRIVERS\tunnel.sys
16:21:30.0210 9128  tunnel - ok
16:21:30.0267 9128  [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35          C:\Windows\system32\DRIVERS\uagp35.sys
16:21:30.0270 9128  uagp35 - ok
16:21:30.0327 9128  [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs            C:\Windows\system32\DRIVERS\udfs.sys
16:21:30.0332 9128  udfs - ok
16:21:30.0377 9128  [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect       C:\Windows\system32\UI0Detect.exe
16:21:30.0380 9128  UI0Detect - ok
16:21:30.0432 9128  [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx        C:\Windows\system32\drivers\uliagpkx.sys
16:21:30.0434 9128  uliagpkx - ok
16:21:30.0503 9128  [ DC54A574663A895C8763AF0FA1FF7561 ] umbus           C:\Windows\system32\drivers\umbus.sys
16:21:30.0505 9128  umbus - ok
16:21:30.0510 9128  [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass          C:\Windows\system32\DRIVERS\umpass.sys
16:21:30.0513 9128  UmPass - ok
16:21:30.0663 9128  [ CC3775100ABA633984F73DFAE1F55CAE ] UNS             C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
16:21:30.0763 9128  UNS - ok
16:21:30.0806 9128  [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost        C:\Windows\System32\upnphost.dll
16:21:30.0813 9128  upnphost - ok
16:21:30.0863 9128  [ 43228F8EDD1B0BCDD3145AD246E63D39 ] USBAAPL64       C:\Windows\system32\Drivers\usbaapl64.sys
16:21:30.0865 9128  USBAAPL64 - ok
16:21:30.0938 9128  [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp         C:\Windows\system32\DRIVERS\usbccgp.sys
16:21:30.0941 9128  usbccgp - ok
16:21:30.0981 9128  [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir          C:\Windows\system32\drivers\usbcir.sys
16:21:30.0983 9128  usbcir - ok
16:21:31.0030 9128  [ C025055FE7B87701EB042095DF1A2D7B ] usbehci         C:\Windows\system32\drivers\usbehci.sys
16:21:31.0033 9128  usbehci - ok
16:21:31.0133 9128  [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub          C:\Windows\system32\DRIVERS\usbhub.sys
16:21:31.0139 9128  usbhub - ok
16:21:31.0196 9128  [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci         C:\Windows\system32\drivers\usbohci.sys
16:21:31.0200 9128  usbohci - ok
16:21:31.0257 9128  [ 73188F58FB384E75C4063D29413CEE3D ] usbprint        C:\Windows\system32\DRIVERS\usbprint.sys
16:21:31.0259 9128  usbprint - ok
16:21:31.0308 9128  [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR         C:\Windows\system32\DRIVERS\USBSTOR.SYS
16:21:31.0311 9128  USBSTOR - ok
16:21:31.0371 9128  [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci         C:\Windows\system32\drivers\usbuhci.sys
16:21:31.0373 9128  usbuhci - ok
16:21:31.0470 9128  [ 454800C2BC7F3927CE030141EE4F4C50 ] usbvideo        C:\Windows\System32\Drivers\usbvideo.sys
16:21:31.0475 9128  usbvideo - ok
16:21:31.0539 9128  [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms           C:\Windows\System32\uxsms.dll
16:21:31.0541 9128  UxSms - ok
16:21:31.0645 9128  [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc        C:\Windows\system32\lsass.exe
16:21:31.0647 9128  VaultSvc - ok
16:21:31.0776 9128  [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot        C:\Windows\system32\drivers\vdrvroot.sys
16:21:31.0778 9128  vdrvroot - ok
16:21:32.0038 9128  [ 8D6B481601D01A456E75C3210F1830BE ] vds             C:\Windows\System32\vds.exe
16:21:32.0047 9128  vds - ok
16:21:32.0167 9128  [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga             C:\Windows\system32\DRIVERS\vgapnp.sys
16:21:32.0170 9128  vga - ok
16:21:32.0260 9128  [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave         C:\Windows\System32\drivers\vga.sys
16:21:32.0262 9128  VgaSave - ok
16:21:32.0387 9128  [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp           C:\Windows\system32\drivers\vhdmp.sys
16:21:32.0392 9128  vhdmp - ok
16:21:32.0468 9128  [ E5689D93FFE4E5D66C0178761240DD54 ] viaide          C:\Windows\system32\drivers\viaide.sys
16:21:32.0471 9128  viaide - ok
16:21:32.0617 9128  VICX - ok
16:21:32.0733 9128  [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr          C:\Windows\system32\drivers\volmgr.sys
16:21:32.0736 9128  volmgr - ok
16:21:32.0828 9128  [ A255814907C89BE58B79EF2F189B843B ] volmgrx         C:\Windows\system32\drivers\volmgrx.sys
16:21:32.0832 9128  volmgrx - ok
16:21:32.0947 9128  [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap         C:\Windows\system32\drivers\volsnap.sys
16:21:32.0950 9128  volsnap - ok
16:21:33.0021 9128  [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid         C:\Windows\system32\DRIVERS\vsmraid.sys
16:21:33.0026 9128  vsmraid - ok
16:21:33.0278 9128  [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS             C:\Windows\system32\vssvc.exe
16:21:33.0309 9128  VSS - ok
16:21:33.0387 9128  [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus        C:\Windows\system32\DRIVERS\vwifibus.sys
16:21:33.0429 9128  vwifibus - ok
16:21:33.0478 9128  [ 6A3D66263414FF0D6FA754C646612F3F ] vwififlt        C:\Windows\system32\DRIVERS\vwififlt.sys
16:21:33.0480 9128  vwififlt - ok
16:21:33.0515 9128  [ 6A638FC4BFDDC4D9B186C28C91BD1A01 ] vwifimp         C:\Windows\system32\DRIVERS\vwifimp.sys
16:21:33.0518 9128  vwifimp - ok
16:21:33.0579 9128  [ 1C9D80CC3849B3788048078C26486E1A ] W32Time         C:\Windows\system32\w32time.dll
16:21:33.0585 9128  W32Time - ok
16:21:33.0620 9128  [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen        C:\Windows\system32\DRIVERS\wacompen.sys
16:21:33.0621 9128  WacomPen - ok
16:21:33.0672 9128  [ 356AFD78A6ED4457169241AC3965230C ] WANARP          C:\Windows\system32\DRIVERS\wanarp.sys
16:21:33.0674 9128  WANARP - ok
16:21:33.0686 9128  [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6        C:\Windows\system32\DRIVERS\wanarp.sys
16:21:33.0688 9128  Wanarpv6 - ok
16:21:33.0757 9128  [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc     C:\Windows\system32\Wat\WatAdminSvc.exe
16:21:33.0792 9128  WatAdminSvc - ok
16:21:33.0899 9128  [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine        C:\Windows\system32\wbengine.exe
16:21:33.0945 9128  wbengine - ok
16:21:34.0016 9128  [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc        C:\Windows\System32\wbiosrvc.dll
16:21:34.0026 9128  WbioSrvc - ok
16:21:34.0074 9128  [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc         C:\Windows\System32\wcncsvc.dll
16:21:34.0079 9128  wcncsvc - ok
16:21:34.0108 9128  [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
16:21:34.0110 9128  WcsPlugInService - ok
16:21:34.0149 9128  [ 72889E16FF12BA0F235467D6091B17DC ] Wd              C:\Windows\system32\DRIVERS\wd.sys
16:21:34.0151 9128  Wd - ok
16:21:34.0245 9128  [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000        C:\Windows\system32\drivers\Wdf01000.sys
16:21:34.0260 9128  Wdf01000 - ok
16:21:34.0281 9128  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost  C:\Windows\system32\wdi.dll
16:21:34.0285 9128  WdiServiceHost - ok
16:21:34.0290 9128  [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost   C:\Windows\system32\wdi.dll
16:21:34.0293 9128  WdiSystemHost - ok
16:21:34.0325 9128  [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient       C:\Windows\System32\webclnt.dll
16:21:34.0330 9128  WebClient - ok
16:21:34.0412 9128  [ C749025A679C5103E575E3B48E092C43 ] Wecsvc          C:\Windows\system32\wecsvc.dll
16:21:34.0420 9128  Wecsvc - ok
16:21:34.0483 9128  [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport   C:\Windows\System32\wercplsupport.dll
16:21:34.0488 9128  wercplsupport - ok
16:21:34.0532 9128  [ 6D137963730144698CBD10F202E9F251 ] WerSvc          C:\Windows\System32\WerSvc.dll
16:21:34.0537 9128  WerSvc - ok
16:21:34.0589 9128  [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf          C:\Windows\system32\DRIVERS\wfplwf.sys
16:21:34.0591 9128  WfpLwf - ok
16:21:34.0632 9128  [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount        C:\Windows\system32\drivers\wimmount.sys
16:21:34.0634 9128  WIMMount - ok
16:21:34.0661 9128  WinDefend - ok
16:21:34.0669 9128  WinHttpAutoProxySvc - ok
16:21:34.0752 9128  [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt         C:\Windows\system32\wbem\WMIsvc.dll
16:21:34.0757 9128  Winmgmt - ok
16:21:34.0846 9128  [ BCB1310604AA415C4508708975B3931E ] WinRM           C:\Windows\system32\WsmSvc.dll
16:21:34.0909 9128  WinRM - ok
16:21:34.0990 9128  [ FE88B288356E7B47B74B13372ADD906D ] WinUsb          C:\Windows\system32\DRIVERS\WinUsb.sys
16:21:34.0992 9128  WinUsb - ok
16:21:35.0061 9128  [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc         C:\Windows\System32\wlansvc.dll
16:21:35.0095 9128  Wlansvc - ok
16:21:35.0288 9128  [ 7E47C328FC4768CB8BEAFBCFAFA70362 ] wlidsvc         C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
16:21:35.0365 9128  wlidsvc - ok
16:21:35.0431 9128  [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi         C:\Windows\system32\drivers\wmiacpi.sys
16:21:35.0434 9128  WmiAcpi - ok
16:21:35.0533 9128  [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv        C:\Windows\system32\wbem\WmiApSrv.exe
16:21:35.0538 9128  wmiApSrv - ok
16:21:35.0613 9128  WMPNetworkSvc - ok
16:21:35.0652 9128  [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc          C:\Windows\System32\wpcsvc.dll
16:21:35.0656 9128  WPCSvc - ok
16:21:35.0706 9128  [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum      C:\Windows\system32\wpdbusenum.dll
16:21:35.0713 9128  WPDBusEnum - ok
16:21:35.0755 9128  [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl         C:\Windows\system32\drivers\ws2ifsl.sys
16:21:35.0757 9128  ws2ifsl - ok
16:21:35.0785 9128  [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc          C:\Windows\System32\wscsvc.dll
16:21:35.0789 9128  wscsvc - ok
16:21:35.0793 9128  WSearch - ok
16:21:35.0905 9128  [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv        C:\Windows\system32\wuaueng.dll
16:21:36.0003 9128  wuauserv - ok
16:21:36.0058 9128  [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf          C:\Windows\system32\drivers\WudfPf.sys
16:21:36.0062 9128  WudfPf - ok
16:21:36.0113 9128  [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd          C:\Windows\system32\DRIVERS\WUDFRd.sys
16:21:36.0117 9128  WUDFRd - ok
16:21:36.0157 9128  [ B20F051B03A966392364C83F009F7D17 ] wudfsvc         C:\Windows\System32\WUDFSvc.dll
16:21:36.0163 9128  wudfsvc - ok
16:21:36.0216 9128  [ 9A3452B3C2A46C073166C5CF49FAD1AE ] WwanSvc         C:\Windows\System32\wwansvc.dll
16:21:36.0223 9128  WwanSvc - ok
16:21:36.0254 9128  ================ Scan global ===============================
16:21:36.0292 9128  [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
16:21:36.0341 9128  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:21:36.0352 9128  [ 9E479C2B605C25DA4971ABA36250FAEF ] C:\Windows\system32\winsrv.dll
16:21:36.0397 9128  [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
16:21:36.0435 9128  [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
16:21:36.0442 9128  [Global] - ok
16:21:36.0442 9128  ================ Scan MBR ==================================
16:21:36.0489 9128  [ 5C616939100B85E558DA92B899A0FC36 ] \Device\Harddisk0\DR0
16:21:36.0801 9128  \Device\Harddisk0\DR0 - ok
16:21:36.0802 9128  ================ Scan VBR ==================================
16:21:36.0810 9128  [ 1570A4CD274FAE990D297AE98981CA93 ] \Device\Harddisk0\DR0\Partition1
16:21:36.0811 9128  \Device\Harddisk0\DR0\Partition1 - ok
16:21:36.0844 9128  [ BA513C544E4CC98B5B1B026DA215884D ] \Device\Harddisk0\DR0\Partition2
16:21:36.0846 9128  \Device\Harddisk0\DR0\Partition2 - ok
16:21:36.0847 9128  ============================================================
16:21:36.0847 9128  Scan finished
16:21:36.0847 9128  ============================================================
16:21:36.0861 10644  Detected object count: 1
16:21:36.0861 10644  Actual detected object count: 1
16:21:51.0891 10644  sptd ( LockedFile.Multi.Generic ) - skipped by user
16:21:51.0892 10644  sptd ( LockedFile.Multi.Generic ) - User select action: Skip 

Malwarebytes Anti-Malware (PRO) 1.70.0.1100
www.malwarebytes.org

Database version: v2013.01.15.13

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 9.0.8112.16421
acer :: AS7741G [administrator]

Protection: Disabled

15.01.2013 22:29:41
mbam-log-2013-01-15 (22-29-41).txt

Scan type: Full scan (C:\|)
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 722267
Time elapsed: 4 hour(s), 17 minute(s), 4 second(s)

Memory Processes Detected: 0
(No malicious items detected)

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 0
(No malicious items detected)

Registry Values Detected: 0
(No malicious items detected)

Registry Data Items Detected: 0
(No malicious items detected)

Folders Detected: 0
(No malicious items detected)

Files Detected: 8
C:\Program Files (x86)\Alcohol Soft\Alcohol 120\Langs\AX_RU.dll (Malware.Packer.GenX) -> Quarantined and deleted successfully.
C:\Program Files (x86)\HighCriteria\TotalRecorder\patch.exe (Malware.Packer) -> Quarantined and deleted successfully.
C:\Program Files (x86)\Pickup\MakeJpeg.exe (Trojan.Ransom.ANC) -> Quarantined and deleted successfully.
C:\Users\acer\Desktop\дискC\Program Files\RelevantKnowledge\rlls.dll (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\acer\Desktop\дискC\Program Files\RelevantKnowledge\rlvknlg.exe (PUP.Adware.RelevantKnowledge) -> Quarantined and deleted successfully.
C:\Users\acer\Desktop\дискC\Users\Ольга\Desktop\Stuff\Subtitles\Download_Movie_Subtitles_3.00.exe (PUP.Adware.Agent) -> Quarantined and deleted successfully.
C:\Users\acer\Desktop\дискC\Users\Ольга\Documents\Олябуша\Sherlock Holmes ru\SHERLO~1.exe (Trojan.Ransom) -> Quarantined and deleted successfully.
C:\Users\acer\Desktop\дискD\flash2\Ice Cream Mania\WrapperInstall.exe (Spyware.Banker) -> Quarantined and deleted successfully.

(end)

RogueKiller V8.4.3 [Jan 10 2013] by Tigzy
mail : tigzyRK<at>gmail<dot>com
Feedback : http://www.geekstogo.com/forum/files/file/413-roguekiller/
Website : http://tigzy.geekstogo.com/roguekiller.php
Blog : http://tigzyrk.blogspot.com/

Operating System : Windows 7 (6.1.7601 Service Pack 1) 64 bits version
Started in : Normal mode
User : acer [Admin rights]
Mode : Remove -- Date : 01/16/2013 03:42:27

 Bad processes : 6 
[SUSP PATH] BrowserProtect.exe -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -> KILLED [TermProc]
[SUSP PATH] BrowserProtect.exe -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -> KILLED [TermProc]
[RESIDUE] BrowserProtect.exe -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -> KILLED [TermProc]
[RESIDUE] BrowserProtect.exe -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -> KILLED [TermProc]
[RESIDUE] BrowserProtect.exe -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -> KILLED [TermProc]
[RESIDUE] BrowserProtect.exe -- C:\ProgramData\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe -> KILLED [TermProc]

 Registry Entries : 3 
[TASK][SUSP PATH] {258896BD-933B-4E77-A335-1940A0495670} : C:\Users\acer\Desktop\дискC\Users\Ольга\Desktop\Stuff\CuteFTP Professional 8.3.2 Rus Portable\CuteFTP 8 Professional.exe  -> DELETED
[HJ DESK] HKLM\[...]\NewStartPanel : {59031a47-3f72-44a7-89c5-5595fe6b30ee} (1) -> REPLACED (0)
[HJ DESK] HKLM\[...]\NewStartPanel : {20D04FE0-3AEA-1069-A2D8-08002B30309D} (1) -> REPLACED (0)

 Particular Files / Folders: 

 Driver : [NOT LOADED] 

 HOSTS File: 
--> C:\Windows\system32\drivers\etc\hosts



 MBR Check: 

+++++ PhysicalDrive0: WDC WD5000BEVT-22A0RT0 +++++
--- User ---
[MBR] f5cc60a7225143c491ba60475d3ed63a
[BSP] a8418311c4db3b7fb08d1c3c4e4a2faf : Windows Vista MBR Code
Partition table:
0 - [XXXXXX] ACER (0x27) [VISIBLE] Offset (sectors): 2048 | Size: 13500 Mo
1 - [ACTIVE] NTFS (0x07) [VISIBLE] Offset (sectors): 27650048 | Size: 100 Mo
2 - [XXXXXX] NTFS (0x07) [VISIBLE] Offset (sectors): 27854848 | Size: 463338 Mo
User = LL1 ... OK!
User = LL2 ... OK!

Finished : << RKreport[3]_D_01162013_02d0342.txt >>
RKreport[1]_S_01162013_02d0333.txt ; RKreport[2]_S_01162013_02d0340.txt ; RKreport[3]_D_01162013_02d0342.txt


#4 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Study Hall Senior
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:01:16 AM

Posted 15 January 2013 - 11:42 PM

Hi,

Could you please run AdwCleaner one more time, but this time only search and not delete, and give me the log? I need to send it to the developer to see if he can found out what's wrong. :)

SUPERAntiSpyware

I need you to run a scan with SUPERAntiSpyware.

  • Download SAS from here, and save it to your desktop.
  • Double click the installer to start the installation. If you do not want to start the trial of the full version, please decline, and feel free to uncheck options to install external toolbars/software, unless you want them. Otherwise, follow the prompts and let the program install.
  • Once the program is done installing and updating, tick the Complete Scan option on the interface, and press the big Scan your Computer... button. Ensure that the options Activate Scan Boost™ > Low boost and Scan inside .ZIP archives are selected and Start Complete Scan.
  • After scanning, be sure to remove all detected threats if any were detected. If asked to reboot to remove threats, do so immediately.
  • Once finished, return to the main interface, go to View Scan Logs and view the newest log. Copy and paste it into your reply.

ESET Online Scanner

I need you to run a scan with ESET Online Scanner.

  • Download the scanner from here, and save it to your desktop.
  • Double click the file to install the program. Once it's done, accept the terms of use and click Start. Be sure the following settings are checked before beginning:
    Scan archives
    Remove found threats
    Scan potentially unwanted applications
    Scan for potentially unsafe applications
    Enable Anti-Stealth technology
  • Once the scan is done, if anything was found, click List of found threats, and then Export to text file..., and save the log to your desktop.
  • Click << Back, and then Finish. If you have to reboot, do so immediately.
  • After ESET finishes scanning and removing threats, copy and paste the log into your reply.

Junkware Removal Tool

I need you to run a scan with Junkware Removal Tool.

  • Download JRT from here, and save it to your desktop.
  • Double click the file to open it, and hit any key as per the instructions of the popped up window.
  • Once the scan is done, copy and paste the contents of the resulting log into your reply.

Please tell me how your computer is running in your next reply.

Gunto

renardsig1_zps37f3a38c.jpg

It's pronounced Goon-toe!
Member of the Bleeping Computer A.I.I. early response team!


#5 Olyabusha

Olyabusha
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 17 January 2013 - 08:08 PM

There is one thing that's been bothering me lately. My browser is Google Chrome, and I was always happy with it, but the speed has been really bad recently. For example, a 3 mb file is taking about 8 minutes to download, when I could always get it in about 3 seconds. Also, the pages are loading really slowly most of the time. I am sure it's not the provider's fault, my speed is about 10mb/2mb. It's like my computer hasn't been able to get this speed from the provider lately, and I have no idea why. That's when I figured, maybe, I have some adware that's preventing Chrome or even my computer from working properly. I download AdwCleaner, and you know the rest of the story.

Now, I've encountered a problem with one of the programs you asked me to run. SUPERAntiSpyware scanned the computer, and deleted all the threats. But ESET Online Scanner crashed several times. It scans my computer for over 13 hours, finds about 130 threats, then it freezes and I get the pop-up message about this program encountering some problem and that it needs to close. The thing is, I got the log with all the threats on it, but they weren't deleted because the program crashed. I tried running 3 times, and the result is the same.

# AdwCleaner v2.105 - Logfile created 01/16/2013 at 13:40:55
# Updated 08/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : acer - AS7741G
# Boot Mode : Normal
# Running from : C:\Users\acer\Downloads\adwcleaner (1).exe
# Option [Search]


***** [Services] *****

Found : BrowserProtect

***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\SearchResults.xml
File Found : C:\user.js
File Found : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\id48uezy.default\bprotector_extensions.sqlite
File Found : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\id48uezy.default\bprotector_prefs.js
File Found : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\id48uezy.default\searchplugins\SearchResults.xml
Folder Found : C:\Program Files (x86)\Conduit
Folder Found : C:\Program Files (x86)\Vuze_Remote
Folder Found : C:\Program Files (x86)\Vuze_Remote
Folder Found : C:\ProgramData\Babylon
Folder Found : C:\ProgramData\boost_interprocess
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\ProgramData\InstallMate
Folder Found : C:\ProgramData\Premium
Folder Found : C:\Users\acer\AppData\Local\Conduit
Folder Found : C:\Users\acer\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Users\acer\AppData\LocalLow\Conduit
Folder Found : C:\Users\acer\AppData\LocalLow\Vuze_Remote
Folder Found : C:\Users\acer\AppData\LocalLow\Vuze_Remote
Folder Found : C:\Users\acer\AppData\Roaming\Babylon
Folder Found : C:\Users\acer\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\BrowserProtect
Folder Found : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\id48uezy.default\extensions\[email protected]
Folder Found : C:\Windows\SysWOW64\BrowserProtect

***** [Registry] *****

Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~2\contin~1\sprote~1.dll
Data Found : HKLM\..\Windows [AppInit_DLLs] = c:\progra~3\browse~1\251005~1.80\{c16c1~1\browse~1.dll
Key Found : HKCU\Software\AppDataLow\Software\Conduit
Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\Conduit
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Softonic
Key Found : HKCU\Software\a2dddfb238e449
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\Software\Babylon
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\Prod.cap
Key Found : HKLM\SOFTWARE\Classes\Toolbar.CT2504091
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\Conduit
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASAPI32
Key Found : HKLM\SOFTWARE\Microsoft\Tracing\MyBabylontb_RASMANCS
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin
Key Found : HKLM\Software\SP Global
Key Found : HKLM\Software\SProtector
Key Found : HKLM\Software\Vuze_Remote
Key Found : HKLM\SOFTWARE\Wow6432Node\a2dddfb238e449
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E46C8196-B634-44A1-AF6E-957C64278AB1}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\10
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B328637-A3D4-42F8-B981-451981DB906B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95A4EF23-BFFC-4E85-B1CC-B09D7C22F2C0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4EFD-BAD7-B9B4CB4BC693}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKU\S-1-5-21-3902568943-794505653-1485652950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKU\S-1-5-21-3902568943-794505653-1485652950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKU\S-1-5-21-3902568943-794505653-1485652950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{AFDBDDAA-5D3F-42EE-B79C-185A7020515B}
Value Found : HKCU\Software\Microsoft\Internet Explorer\Main [bprotector start page]
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKCU\Software\Mozilla\Firefox\extensions [{58BD07EB-0EE0-4DF0-8121-DC9B693373DF}]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{BA14329E-9550-4989-B3F2-9732E92D17CC}]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[HKCU\Software\Microsoft\Internet Explorer\Main - Start Page] = hxxp://www.claro-search.com/?affID=117452&tt=231112_9103_5212_4&babsrc=HP_ss&mntrId=a43664880000000000002a7c8f3d609e
[HKCU\Software\Microsoft\Internet Explorer\Main - bProtector Start Page] = hxxp://www.claro-search.com/?affID=117452&tt=231112_9103_5212_4&babsrc=HP_ss&mntrId=a43664880000000000002a7c8f3d609e

-\\ Mozilla Firefox v18.0 (ru)

File : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\id48uezy.default\prefs.js

Found : user_pref("aol_toolbar.default.homepage.check", false);
Found : user_pref("aol_toolbar.default.search.check", false);
Found : user_pref("extensions.BabylonToolbar.prtkDS", 0);
Found : user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
Found : user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
Found : user_pref("extensions.BabylonToolbar_i.babExt", "");
Found : user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111378");
Found : user_pref("extensions.BabylonToolbar_i.hardId", "a4366488000000000000006a8a1ead89");
Found : user_pref("extensions.BabylonToolbar_i.id", "a4366488000000000000006a8a1ead89");
Found : user_pref("extensions.BabylonToolbar_i.instlDay", "15416");
Found : user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
Found : user_pref("extensions.BabylonToolbar_i.newTab", false);
Found : user_pref("extensions.BabylonToolbar_i.newTabUrl", "hxxp://www.claro-search.com/?affID=117452&tt=231[...]
Found : user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
Found : user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
Found : user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
Found : user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
Found : user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
Found : user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
Found : user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.170:53:28");
Found : user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
Found : user_pref("extensions.claro.admin", false);
Found : user_pref("extensions.claro.aflt", "babsst");
Found : user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
Found : user_pref("extensions.claro.dfltLng", "en");
Found : user_pref("extensions.claro.excTlbr", false);
Found : user_pref("extensions.claro.id", "a43664880000000000002a7c8f3d609e");
Found : user_pref("extensions.claro.instlDay", "15698");
Found : user_pref("extensions.claro.instlRef", "sst");
Found : user_pref("extensions.claro.prdct", "claro");
Found : user_pref("extensions.claro.prtnrId", "claro");
Found : user_pref("extensions.claro.tlbrId", "claro");
Found : user_pref("extensions.claro.tlbrSrchUrl", "");
Found : user_pref("extensions.claro.vrsn", "1.8.3.10");
Found : user_pref("extensions.claro.vrsni", "1.8.3.10");
Found : user_pref("extensions.claro_i.smplGrp", "none");
Found : user_pref("extensions.claro_i.vrsnTs", "1.8.3.100:08:26");
Found : user_pref("extensions.nurit5562nurit235.scode", "(function(){try{if('aol.com,mail.google.com,mystart[...]
Found : user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
Found : user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
Found : user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
Found : user_pref("sweetim.toolbar.previous.keyword.URL", "");
Found : user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
Found : user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
Found : user_pref("sweetim.toolbar.searchguard.enable", "");

-\\ Google Chrome v24.0.1312.52

File : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences

[OK] File is clean.

*************************

AdwCleaner[R1].txt - [19056 octets] - [06/01/2013 01:31:57]
AdwCleaner[R2].txt - [19118 octets] - [06/01/2013 02:14:25]
AdwCleaner[R3].txt - [16750 octets] - [06/01/2013 16:25:50]
AdwCleaner[R4].txt - [16158 octets] - [08/01/2013 22:31:05]
AdwCleaner[R5].txt - [16106 octets] - [13/01/2013 17:34:44]
AdwCleaner[R6].txt - [11913 octets] - [16/01/2013 13:40:55]

########## EOF - C:\AdwCleaner[R6].txt - [11974 octets] ##########

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 01/16/2013 at 05:32 PM

Application Version : 5.6.1014

Core Rules Database Version : 9878
Trace Rules Database Version: 7690

Scan type       : Complete Scan
Total Scan Time : 03:53:00

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned      : 706
Memory threats detected   : 0
Registry items scanned    : 73440
Registry threats detected : 17
File items scanned        : 156285
File threats detected     : 631

PUP.BabylonToolbar
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}#AppID
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\InprocServer32
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\InprocServer32#ThreadingModel
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\ProgID
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\Programmable
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\TypeLib
	(x86) HKCR\CLSID\{2EECD738-5844-4A99-B4B6-146BF802613B}\VersionIndependentProgID

PUP.bProtector
	(x86) HKU\S-1-5-21-3902568943-794505653-1485652950-1000\Software\Microsoft\Internet Explorer\Main#bProtector Start Page [ http://www.claro-search.com/?affID=117452&tt=231112_9103_5212_4&babsrc=HP_ss&mntrId=a43664880000000000002a7c8f3d609e ]
	(x86) HKU\S-1-5-21-3902568943-794505653-1485652950-1000\Software\Microsoft\Internet Explorer\SearchScopes#bProtectorDefaultScope [ {0ECDF796-C2DC-4d79-A620-CCE0C0A66CC9} ]
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#DisplayName
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#UninstallString
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#UninstalLinkPath
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#Publisher
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#URLInfoAbout
	(x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Uninstall\{15D2D75C-9CB2-4efd-BAD7-B9B4CB4BC693}#HelpLink

Adware.Tracking Cookie
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /ad.doubleclick ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\acer@atdmt[2].txt [ /atdmt ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\acer@doubleclick[1].txt [ /doubleclick ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][2].txt [ /googleads.g.doubleclick ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\acer@megaporn[1].txt [ /megaporn ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /www.googleadservices ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\4CM92ZQF.txt [ /media6degrees.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\FGTVNQON.txt [ /adbrite.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\JG6KB9X1.txt [ /zedo.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\CYZMV6VT.txt [ /realnetworks.112.2o7.net ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\WBRQFA15.txt [ /yadro.ru ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\S5L7BISD.txt [ /ad.yieldmanager.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\55IUFM63.txt [ /top100.rambler.ru ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\TTFXV1SU.txt [ /invitemedia.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\VQOE26Y8.txt [ /revsci.net ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\HS8QZHGW.txt [ /imrworldwide.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\ZOEXBN4V.txt [ /insightexpressai.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\1U7SAU1B.txt [ /wizard.mediacoderhq.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\3RQGMYRM.txt [ /tribalfusion.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\K69DOIRB.txt [ /megaporn.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\OF80TE36.txt [ /c.atdmt.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\8PYONFOS.txt [ /lucidmedia.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\D1Y6T2UM.txt [ /fastclick.net ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\38ZCL7Q3.txt [ /doubleclick.net ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\71NFZIIC.txt [ /mediacoderhq.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\F1E13G48.txt [ /ru4.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\J79WT8JX.txt [ /overture.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\7VGHFWQM.txt [ /ad2.adfarm1.adition.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\Z0ETR8LW.txt [ /questionmarket.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\4BQ8RSZ2.txt [ /mmstat.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\ICOLDDLM.txt [ /statcounter.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\YCAAOPKE.txt [ /apmebf.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\WVUEWV1P.txt [ /bs.serving-sys.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\YYI4052I.txt [ /2o7.net ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\8WKKP10E.txt [ /atdmt.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\0G7WLE2G.txt [ /serving-sys.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\HHWGA87K.txt [ /adfarm1.adition.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\HMAU7LR0.txt [ /cnzz.mmstat.com ]
	C:\Users\acer\AppData\Roaming\Microsoft\Windows\Cookies\9A1M36VK.txt [ /advertising.com ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZC4T8NEV.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][4].txt [ Cookie:[email protected]/eurosport/yahoouk/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\6SIU64EJ.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/eurosport/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\HNG4MBWW.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\BB20SWBM.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZQBKJ9NT.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\YKWIT8UQ.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\6PQ41GMT.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\BUXM9LQ8.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\CWFNXY4H.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@rutracker[1].txt [ Cookie:[email protected]/forum/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@liga[1].txt [ Cookie:[email protected]/Statistics/Counter ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\1C461KY3.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\87ONOIZ0.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\PFY2VX0A.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\WDHV97BM.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\S6K00DN2.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0JEWMKT1.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\XTG3QF9I.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@gigamir[1].txt [ Cookie:[email protected]/adverts/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\EMP6MCRM.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@hotlog[1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/fcoweb/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\GNZG0QB6.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\40SOV0CA.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\2R8GFHHU.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\03Q35A0Y.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@clickaider[1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\1ADF49C2.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\T0BR8TQR.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ILURQ72N.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q7N7QFMW.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt [ Cookie:[email protected]/eurosport/eurosportru/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\I8U8O3UV.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\P4KMZ7SW.txt [ Cookie:[email protected]/pagead/conversion/958420493/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\XSLELMSX.txt [ Cookie:[email protected]/StatsCollector/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@tns-counter[1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OAEMM0AI.txt [ Cookie:[email protected]/ak/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/counter ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@xiti[1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/eurosport/eurosportcom/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q7MLP65M.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QEH77VI1.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\E70AMSAK.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\RTWS1V3V.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\462E930B.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\OS5TKXO2.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\IP4YW3VJ.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\EOKDKAWS.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0OFPXPKP.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\JV4OTXQS.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\NZMBBOEO.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\QB14IRW8.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\3T34NM9O.txt [ Cookie:[email protected]/adsense/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\BEHOCUJ2.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\0UUUPRVD.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\YLO18MIQ.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\23C99V4W.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][1].txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][3].txt [ Cookie:[email protected]/fcoweb/ukingov/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\S34EYQY2.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\YE3WOLRP.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\KUBFMDII.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\J526ZMTM.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\4JIB2GUM.txt [ Cookie:[email protected]/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\MPFR33GW.txt [ Cookie:acer@www.googleadservices.com/pagead/conversion/1000951773/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\X5RY17CS.txt [ Cookie:acer@interclick.com/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\SK0T9ZAD.txt [ Cookie:acer@forum.mediacoderhq.com/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\acer@statsnove.cybertest[1].txt [ Cookie:acer@statsnove.cybertest.cz/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\U4QTVT90.txt [ Cookie:acer@mediatraffic.com.ua/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\CNJNGDB3.txt [ Cookie:acer@webzavr.ru/proverbs_and_sayings/on_people_and_the_countries/the_latishskie_proverbs_and_sayings/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\KPS4C7W2.txt [ Cookie:acer@c.gigcount.com/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\RFXM8VBZ.txt [ Cookie:acer@ad3.bannerbank.ru/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\DQL3YVS6.txt [ Cookie:acer@audit.median.hu/ ]
	C:\USERS\ACER\AppData\Roaming\Microsoft\Windows\Cookies\Low\ADKS3ZP8.txt [ Cookie:acer@fr.sitestat.com/eurosport/yahoocom/ ]
	C:\USERS\ACER\Cookies\4CM92ZQF.txt [ Cookie:acer@media6degrees.com/ ]
	C:\USERS\ACER\Cookies\JG6KB9X1.txt [ Cookie:acer@zedo.com/ ]
	C:\USERS\ACER\Cookies\CYZMV6VT.txt [ Cookie:acer@realnetworks.112.2o7.net/ ]
	C:\USERS\ACER\Cookies\S5L7BISD.txt [ Cookie:acer@ad.yieldmanager.com/ ]
	C:\USERS\ACER\Cookies\55IUFM63.txt [ Cookie:acer@top100.rambler.ru/ ]
	C:\USERS\ACER\Cookies\TTFXV1SU.txt [ Cookie:acer@invitemedia.com/ ]
	C:\USERS\ACER\Cookies\ZOEXBN4V.txt [ Cookie:acer@insightexpressai.com/ ]
	C:\USERS\ACER\Cookies\1U7SAU1B.txt [ Cookie:acer@wizard.mediacoderhq.com/ ]
	C:\USERS\ACER\Cookies\3RQGMYRM.txt [ Cookie:acer@tribalfusion.com/ ]
	C:\USERS\ACER\Cookies\K69DOIRB.txt [ Cookie:acer@megaporn.com/ ]
	C:\USERS\ACER\Cookies\8PYONFOS.txt [ Cookie:acer@lucidmedia.com/ ]
	C:\USERS\ACER\Cookies\D1Y6T2UM.txt [ Cookie:acer@fastclick.net/ ]
	C:\USERS\ACER\Cookies\38ZCL7Q3.txt [ Cookie:acer@doubleclick.net/ ]
	C:\USERS\ACER\Cookies\71NFZIIC.txt [ Cookie:acer@mediacoderhq.com/ ]
	C:\USERS\ACER\Cookies\F1E13G48.txt [ Cookie:acer@ru4.com/ ]
	C:\USERS\ACER\Cookies\J79WT8JX.txt [ Cookie:acer@overture.com/ ]
	C:\USERS\ACER\Cookies\7VGHFWQM.txt [ Cookie:acer@ad2.adfarm1.adition.com/ ]
	C:\USERS\ACER\Cookies\4BQ8RSZ2.txt [ Cookie:acer@mmstat.com/ ]
	C:\USERS\ACER\Cookies\ICOLDDLM.txt [ Cookie:acer@statcounter.com/ ]
	C:\USERS\ACER\Cookies\WVUEWV1P.txt [ Cookie:acer@bs.serving-sys.com/ ]
	C:\USERS\ACER\Cookies\YYI4052I.txt [ Cookie:acer@2o7.net/ ]
	C:\USERS\ACER\Cookies\HHWGA87K.txt [ Cookie:acer@adfarm1.adition.com/ ]
	C:\USERS\ACER\Cookies\HMAU7LR0.txt [ Cookie:acer@cnzz.mmstat.com/ ]
	C:\USERS\ACER\Cookies\9A1M36VK.txt [ Cookie:acer@advertising.com/ ]
	.tns-counter.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.hotlog.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.imrworldwide.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.doubleclick.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.getclicky.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.static.getclicky.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	in.getclicky.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	counters.gigya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.liveperson.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.histats.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.c.gigcount.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rutracker.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.statcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.atdmt.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.histats.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	7.rotator.wigetmedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.xiti.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	7.rotator.wigetmedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ad6media.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ad6media.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.solvemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.solvemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.engine.goodadvert.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.engine2.goodadvert.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.statcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	count.rbc.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	wstat.wibiya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.estat.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.flagcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	pangea-livetracker.rferl.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.accounts.google.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.accounts.google.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mmstat.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.directadvert.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.adform.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediacet.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.amazon-adsystem.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.amazon-adsystem.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.sympatico.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.engine.adclick.lv [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.engine.adclick.lv [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.flagcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	insight.torbit.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.3dstats.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	uk.sitestat.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	uk.sitestat.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	tracking.fastbooking.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.vinsight.de [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.studygroup.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.liveperson.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.bizrate.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.serving-sys.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediacollege.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediacollege.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.countby.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.weborama.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.procter.solution.weborama.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.procter.solution.weborama.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.procter.solution.weborama.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.procter.solution.weborama.fr [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.tradedoubler.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.horyzon-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.horyzon-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.horyzon-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.horyzon-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.communityconnect.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www3.addfreestats.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.warez-bb.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.warez-bb.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.warez-bb.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.toplist.sk [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.flagcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.altexmedia.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.stcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	news.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	news.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.news.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.news.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.news.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.trinitymirror.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ehg-hollywood.hitbox.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.programaswarez.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.programaswarez.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.programaswarez.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.programaswarez.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.programaswarez.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.warezusa.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.waz-warez.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.liveperson.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	pautinaserial.ucoz.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	pautinaserial.ucoz.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.steelhousemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.px.steelhousemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.liveperson.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.microsoftsto.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.toplist.cz [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.deadaccountsonbroadway.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.deadaccountsonbroadway.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.toplist.eu [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	vclicks.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.warnerbros.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.ru4.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	stat.inforotor.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.media6degrees.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.adform.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adform.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.stcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.doubleclick.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.hubrus.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.hubrus.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	track.hubrus.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad3.bannerbank.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.collective-media.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.technoratimedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.technoratimedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.technoratimedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adinterax.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.adinterax.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.kontera.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ad.yieldmanager.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.kaspersky.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	forum.warez.ag [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	forum.warez.ag [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.solvemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.unimediaimages.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.w3counter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	wmedia.rotator.hadj7.adjuggler.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	statse.webtrendslive.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	ie-stat.bmmetrix.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediafire.im [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.mediafire.im [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.warez.ag [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.warez.ag [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.premiumaccountsgiveaway.blogspot.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.premiumaccountsgiveaway.blogspot.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.freepremiumaccounts-dxteam.blogspot.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.freepremiumaccounts-dxteam.blogspot.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.dmtracker.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.flagcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	accounts.google.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.yadro.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.linksynergy.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.linksynergy.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.linksynergy.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	testdata.coremetrics.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.legolas-media.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.www2.a-counter.kiev.ua [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	webtrack.bydeluxe.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.abcb2b.112.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	www.abcmedianet.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.timeinc.122.2o7.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rutracker.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	stats.neetee.tv [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.gostats.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.liveperson.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.invitemedia.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.statcounter.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	sales.liveperson.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.openstat.net [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rambler.ru [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	counters.gigya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	counters.gigya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	counters.gigya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	counters.gigya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	counters.gigya.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.rutracker.org [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	.spylog.com [ C:\USERS\ACER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
	C:\USERS\ACER\APPDATA\LOCAL\TEMP\COOKIES\ACER@MEGAPORN[2].TXT [ /MEGAPORN ]
	ad.insightexpressai.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	allserials.tv [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	bbca.channelfinder.net [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	cdn.insights.gravity.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	cdn.media.abc.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	countdownpage.createyourcountdown.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	counter.rambler.ru [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	ia.media-imdb.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	ictv-dread-ec.indieclicktv.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	ictv-tf-ec.indieclicktv.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	images.loveadvert.ru [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	imgs.adverticum.net [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media-vimg-net.vimg.net [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.5.ua [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.azfamily.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.ben-hollingsworth.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.hamptonroads.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.ign.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.james-franco.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.kyte.tv [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.margulies-fan.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.movieweb.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.mtvnservices.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.mtvu.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.nbcnewyork.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.nbcsandiego.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.salemwebnetwork.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media.whosay.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media1.break.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media15.onsugar.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media2.myfoxaustin.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	media34.onsugar.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	mediarussiaradio.ru [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	msnbcmedia.msn.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	objects.tremormedia.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	oddcast.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	s0.2mdn.net [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	s1.josho.yamedia.tw [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	secure-uk.imrworldwide.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	secure-us.imrworldwide.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	sftrack.searchforce.net [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	static.discoverymedia.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	tag.mediashakers.hiro.tv [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	vhss-d.oddcast.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	webfile.ru [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	www.99counters.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	www.jchambersmedia.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	www.media.michelle-williams.net [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	www.porntube.com [ C:\USERS\ACER\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\YGM3B9QL ]
	C:\USERS\ACER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ACER@ADS.ADFOX[4].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ACER@ADTECH[1].TXT [ /ADTECH ]
	C:\USERS\ACER\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ACER@ENGINE.GOODADVERT[1].TXT [ /ENGINE.GOODADVERT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@ADBRITE[1].TXT [ /ADBRITE ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@ADPLY.PLYMEDIA[2].TXT [ /ADPLY.PLYMEDIA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@ADTECH[1].TXT [ /ADTECH ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@ADVERTISING[2].TXT [ /ADVERTISING ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@AR.ATWOLA[1].TXT [ /AR.ATWOLA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@AT.ATWOLA[1].TXT [ /AT.ATWOLA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@ATWOLA[1].TXT [ /ATWOLA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@CDN.AT.ATWOLA[1].TXT [ /CDN.AT.ATWOLA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@HOST.ODDCAST[1].TXT [ /HOST.ODDCAST ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@MEGAPORN[1].TXT [ /MEGAPORN ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@MYWEBSEARCH[2].TXT [ /MYWEBSEARCH ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@TACODA[2].TXT [ /TACODA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\ольга@TNS-COUNTER[1].TXT [ /TNS-COUNTER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@247REALMEDIA[2].TXT [ /247REALMEDIA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.ADOCEAN[1].TXT [ /AD.ADOCEAN ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@2O7[2].TXT [ /2O7 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[5].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[6].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[7].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[8].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[9].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[4].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ACCOUNT.LIVE[2].TXT [ /ACCOUNT.LIVE ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.ADMIXER[1].TXT [ /AD.ADMIXER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.ADMIXER[2].TXT [ /AD.ADMIXER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.ADMIXER[4].TXT [ /AD.ADMIXER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.ISRALAND[2].TXT [ /AD.ISRALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADREVOLVER[2].TXT [ /ADREVOLVER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS2.5CI[1].TXT [ /ADS2.5CI ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.AD4GAME[1].TXT [ /ADS.AD4GAME ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[11].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[1].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[2].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.CLICMANAGER[2].TXT [ /ADS.CLICMANAGER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADSERVER.ADTECHUS[1].TXT [ /ADSERVER.ADTECHUS ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ROZETKA.COM[2].TXT [ /ADS.ROZETKA.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADTECH[1].TXT [ /ADTECH ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.TELEKRITIKA[2].TXT [ /AD.TELEKRITIKA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADVERTISING[2].TXT [ /ADVERTISING ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADV.FRAZA[2].TXT [ /ADV.FRAZA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADV.GO2NET.COM[1].TXT [ /ADV.GO2NET.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADV.GO2NET.COM[3].TXT [ /ADV.GO2NET.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADV.RUPOR[1].TXT [ /ADV.RUPOR ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AD.YIELDMANAGER[2].TXT [ /AD.YIELDMANAGER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ADS.ADFOX[3].TXT [ /ADS.ADFOX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@APMEBF[1].TXT [ /APMEBF ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@AT.ATWOLA[2].TXT [ /AT.ATWOLA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ATDMT[2].TXT [ /ATDMT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@BANNERS.DB[2].TXT [ /BANNERS.DB ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@BIZ.ADVERTARIUM.COM[1].TXT [ /BIZ.ADVERTARIUM.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@B.DCLICK[2].TXT [ /B.DCLICK ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@BOUYGUESTELECOM.SOLUTION.WEBORAMA[2].TXT [ /BOUYGUESTELECOM.SOLUTION.WEBORAMA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@BLUESTREAK[1].TXT [ /BLUESTREAK ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@BS.SERVING-SYS[1].TXT [ /BS.SERVING-SYS ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@CLICK.TOPTURIZM[1].TXT [ /CLICK.TOPTURIZM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@CLICK.VONGO[1].TXT [ /CLICK.VONGO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@CMS.TRAFFICMP[1].TXT [ /CMS.TRAFFICMP ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@CONTENT.YIELDMANAGER[1].TXT [ /CONTENT.YIELDMANAGER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@CONTENT.YIELDMANAGER[3].TXT [ /CONTENT.YIELDMANAGER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@CONTENT.YIELDMANAGER[4].TXT [ /CONTENT.YIELDMANAGER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@COUNT.RBC[2].TXT [ /COUNT.RBC ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@DIRECTADVERT[2].TXT [ /DIRECTADVERT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@DOUBLECLICK[2].TXT [ /DOUBLECLICK ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ELITE.ADVERTARIUM.COM[1].TXT [ /ELITE.ADVERTARIUM.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ENGINE.MEDIALAND[1].TXT [ /ENGINE.MEDIALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@FRONT2.DCLICK[2].TXT [ /FRONT2.DCLICK ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@GO.MEDIANETWORKS[3].TXT [ /GO.MEDIANETWORKS ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@GOODADVERT[2].TXT [ /GOODADVERT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@HALF.ADVERTARIUM.COM[1].TXT [ /HALF.ADVERTARIUM.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@HIT.TOPADVERT[2].TXT [ /HIT.TOPADVERT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@HOTLOG[1].TXT [ /HOTLOG ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@IMRWORLDWIDE[2].TXT [ /IMRWORLDWIDE ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@INSIGHTEXPRESSAI[1].TXT [ /INSIGHTEXPRESSAI ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIALAND[2].TXT [ /MEDIALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIAKADR[3].TXT [ /MEDIAKADR ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIALAND[1].TXT [ /MEDIALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIALAND[6].TXT [ /MEDIALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIAPLEX[2].TXT [ /MEDIAPLEX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIALAND[4].TXT [ /MEDIALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIALAND.RELAX[2].TXT [ /MEDIALAND.RELAX ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MADBANNER.AKADO[1].TXT [ /MADBANNER.AKADO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MASS.ADVERTARIUM.COM[1].TXT [ /MASS.ADVERTARIUM.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MICROSOFTMACHINETRANSLATION.112.2O7[1].TXT [ /MICROSOFTMACHINETRANSLATION.112.2O7 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIA6DEGREES[1].TXT [ /MEDIA6DEGREES ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIAKADR[1].TXT [ /MEDIAKADR ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIALAND[5].TXT [ /MEDIALAND ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIA.ADFARM[1].TXT [ /MEDIA.ADFARM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIA.ADREVOLVER[2].TXT [ /MEDIA.ADREVOLVER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIA.META[2].TXT [ /MEDIA.META ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MEDIA.META[3].TXT [ /MEDIA.META ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@MSNACCOUNTSERVICES.112.2O7[1].TXT [ /MSNACCOUNTSERVICES.112.2O7 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@NISSANEUROPE.112.2O7[1].TXT [ /NISSANEUROPE.112.2O7 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@N.PAY-CLICK[2].TXT [ /N.PAY-CLICK ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@OPENX.ADFORMER[1].TXT [ /OPENX.ADFORMER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@QUESTIONMARKET[2].TXT [ /QUESTIONMARKET ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@PREMIUM.ADVERTARIUM.COM[1].TXT [ /PREMIUM.ADVERTARIUM.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@PREMIUMTV.122.2O7[1].TXT [ /PREMIUMTV.122.2O7 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ROTABANNER468.UTRO[2].TXT [ /ROTABANNER468.UTRO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ROTABANNER.UTRO[1].TXT [ /ROTABANNER.UTRO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ROTABANNER100.UTRO[1].TXT [ /ROTABANNER100.UTRO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@ROTABANNER234.UTRO[1].TXT [ /ROTABANNER234.UTRO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@RU4[1].TXT [ /RU4 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@SERVING-SYS[1].TXT [ /SERVING-SYS ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@SKY.ADVERTARIUM.COM[1].TXT [ /SKY.ADVERTARIUM.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@SPYLOG[1].TXT [ /SPYLOG ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@SOL.ADBUREAU[2].TXT [ /SOL.ADBUREAU ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@STAT.ARBOCONTEXT[1].TXT [ /STAT.ARBOCONTEXT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@STAT.DELO[1].TXT [ /STAT.DELO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@STAT.STARS[1].TXT [ /STAT.STARS ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@STATS.ZMAGS[2].TXT [ /STATS.ZMAGS ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TIZER.MEDIAROTATOR[4].TXT [ /TIZER.MEDIAROTATOR ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TACODA[2].TXT [ /TACODA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TIZER.MEDIAROTATOR[1].TXT [ /TIZER.MEDIAROTATOR ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TIZER.MEDIAROTATOR[3].TXT [ /TIZER.MEDIAROTATOR ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TNS-COUNTER[1].TXT [ /TNS-COUNTER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TRACK.ADFORM[1].TXT [ /TRACK.ADFORM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TRACKER.COM[1].TXT [ /TRACKER.COM ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@TRADEDOUBLER[2].TXT [ /TRADEDOUBLER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@VIDEO.IZV.USER.MADBANNER[2].TXT [ /VIDEO.IZV.USER.MADBANNER ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@WEBORAMA[1].TXT [ /WEBORAMA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@WWW.COUNTRIES[1].TXT [ /WWW.COUNTRIES ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@WWW.GOOGLEADSERVICES[1].TXT [ /WWW.GOOGLEADSERVICES ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@X2.FANMEDIA[2].TXT [ /X2.FANMEDIA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@XITI[1].TXT [ /XITI ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\IEUAA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\ольга@YADRO[1].TXT [ /YADRO ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\OLGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OLGA@ATDMT[2].TXT [ /ATDMT ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\OLGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OLGA@COLLECTIVE-MEDIA[1].TXT [ /COLLECTIVE-MEDIA ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\OLGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OLGA@DOUBLECLICK[1].TXT [ /DOUBLECLICK ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\OLGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OLGA@MSNPORTAL.112.2O7[1].TXT [ /MSNPORTAL.112.2O7 ]
	C:\USERS\ACER\DESKTOP\AENEC\USERS\OLGA\APPDATA\ROAMING\MICROSOFT\WINDOWS\COOKIES\LOW\OLGA@TNS-COUNTER[1].TXT [ /TNS-COUNTER ]

Trojan.Agent/Gen-MultiPlug
	C:\USERS\ACER\APPDATA\LOCAL\TEMP\ADDONS\81E4CB63\CODECC_EXTENSION.EXE

PUP.CNETInstaller
	C:\USERS\ACER\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET2_MBM5370_EXE.EXE
	C:\USERS\ACER\APPDATA\LOCAL\TEMP\ICREINSTALL\CNET_EXTCHANGER_EXE.EXE
	C:\USERS\ACER\DOWNLOADS\CNET_EXTCHANGER_EXE.EXE
	C:\USERS\ACER\DOWNLOADS\CNET2_MBM5370_EXE.EXE

Trojan.Agent/Gen-Backdoor[FakeAlert]
	C:\USERS\ACER\APPDATA\LOCAL\TEMP\SPOON\CACHE\0XB1510586B680D04A\STUBEXE\0X68C963C5A6DDBDD8\NOTEPAD.EXE
	C:\USERS\ACER\APPDATA\LOCAL\TEMP\SPOON\CACHE\0XB1510586B680D04A\STUBEXE\0XECE9393625E81D22\NOTEPAD.EXE
	C:\Windows\Prefetch\NOTEPAD.EXE-49685B88.pf
	C:\Windows\Prefetch\NOTEPAD.EXE-56A6D594.pf

Trojan.Agent/Gen-Keylogger
	C:\USERS\ACER\DESKTOP\AENEC\PROGRAM FILES\MYCENTRIA\MYCENTRIAUNINSTALL.EXE

Trojan.Agent/Gen-Multi
	C:\USERS\ACER\DOWNLOADS\DOWNLOAD (1).EXE
	C:\USERS\ACER\DOWNLOADS\DOWNLOAD (2).EXE

Adware.OneClickDownload
	C:\USERS\ACER\DOWNLOADS\MAD_MEN_SEASON_1,2,3,4_480P_X264-BOB_.EXE

Adware.Somoto
	C:\USERS\ACER\DOWNLOADS\NEXUSDDL_DOWNLOADER_BY_NEXUSDDL.EXE

This is the ESET Scanner log (a list of threats that I saved to my desktop, they weren't deleted).
C:\Program Files (x86)\ContinueToSave\sprotector.dll	a variant of Win32/SProtector.A application	
C:\Program Files (x86)\Vuze\.install4j\i4j_extf_32_5p83tu.dll	a variant of Win32/Bunndle application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\bprotector-17.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-15.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-16.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\components\BrowserProtect-18.0.dll	a variant of Win32/bProtector.B application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\FirefoxExtension\content\BrowserProtect.js	Win32/bProtector.C application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.dll	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\BrowserProtect.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\BrowserProtect\2.5.1005.80\{c16c1ccb-7046-4e5c-a2f3-533ad2fec8e8}\uninstall.exe	a variant of Win32/bProtector.A application	
C:\ProgramData\All Users\All Users\continuetosave\50e60dc6667e0.dll	Win32/Adware.MultiPlug.G application	

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 4.4.4 (01.17.2013:1)
OS: Windows 7 Home Premium x64
Ran by acer on 18.01.2013 at  2:31:47,20
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] browserprotect 
Successfully deleted: [Service] browserprotect 



~~~ Registry Values

Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\windows nt\currentversion\windows\\AppInit_DLLs
Failed to delete: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\bprotectordefaultscope 
Successfully deleted: [Registry Value] hkey_current_user\software\microsoft\internet explorer\urlsearchhooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} 
Successfully deleted: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\urlsearchhooks\\{ba14329e-9550-4989-b3f2-9732e92d17cc} 
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-3902568943-794505653-1485652950-1000\software\microsoft\internet explorer\main\\Start Page
Successfully repaired: [Registry Value] hkey_current_user\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_local_machine\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\.default\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-18\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-19\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\s-1-5-20\software\microsoft\internet explorer\searchscopes\\DefaultScope
Successfully repaired: [Registry Value] hkey_users\S-1-5-21-3902568943-794505653-1485652950-1000\software\microsoft\internet explorer\searchscopes\\DefaultScope



~~~ Registry Keys

Successfully deleted: [Registry Key] hkey_local_machine\software\babylon
Successfully deleted: [Registry Key] hkey_current_user\software\conduit
Successfully deleted: [Registry Key] hkey_local_machine\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\datamngr
Failed to delete: [Registry Key] hkey_local_machine\software\datamngr
Successfully deleted: [Registry Key] hkey_current_user\software\softonic
Successfully deleted: [Registry Key] hkey_current_user\software\appdatalow\software\conduit
Failed to delete: [Registry Key] hkey_current_user\software\microsoft\windows\currentversion\ext\bprotectsettings
Successfully deleted: [Registry Key] hkey_local_machine\software\classes\prod.cap
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasapi32
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\tracing\mybabylontb_rasmancs
Failed to delete: [Registry Key] hkey_local_machine\software\wow6432node\datamngr
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sp global
Successfully deleted: [Registry Key] hkey_local_machine\software\wow6432node\sprotector
Successfully deleted: [Registry Key-Heur] HKEY_LOCAL_MACHINE\software\classes\Toolbar.CT2504091
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{0055c089-8582-441b-a0bf-17b458c2a3a8}
Failed to delete: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{0ecdf796-c2dc-4d79-a620-cce0c0a66cc9}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{2eecd738-5844-4a99-b4b6-146bf802613b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{3c471948-f874-49f5-b338-4f214a2ee0b1}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd22}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{9bb47c17-9c68-4bb3-b188-dd9af0fd22}
Successfully deleted: [Registry Key] hkey_current_user\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\internet explorer\searchscopes\{afdbddaa-5d3f-42ee-b79c-185a7020515b}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{ba14329e-9550-4989-b3f2-9732e92d17cc}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{e46c8196-b634-44a1-af6e-957c64278ab1}
Successfully deleted: [Registry Key] hkey_classes_root\clsid\{CD53BE4C-9F46-B8CF-A293-C64FDE210C85}
Successfully deleted: [Registry Key] hkey_local_machine\software\microsoft\windows\currentversion\explorer\browser helper objects\{CD53BE4C-9F46-B8CF-A293-C64FDE210C85}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\babylon"
Successfully deleted: [Folder] "C:\ProgramData\boost_interprocess"
Failed to delete: [Folder] "C:\ProgramData\browserprotect"
Successfully deleted: [Folder] "C:\ProgramData\continuetosave"
Successfully deleted: [Folder] "C:\ProgramData\installmate"
Successfully deleted: [Folder] "C:\ProgramData\premium"
Successfully deleted: [Folder] "C:\Users\acer\AppData\Roaming\babylon"
Successfully deleted: [Folder] "C:\Users\acer\AppData\Roaming\dvdvideosoftiehelpers"
Successfully deleted: [Folder] "C:\Users\acer\AppData\Roaming\red kawa"
Successfully deleted: [Folder] "C:\Users\acer\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\acer\appdata\locallow\codec-c"
Successfully deleted: [Folder] "C:\Users\acer\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Users\acer\appdata\locallow\continuetosave"
Successfully deleted: [Folder] "C:\Users\acer\appdata\locallow\datamngr"
Successfully deleted: [Folder] "C:\Users\acer\appdata\locallow\vuze_remote"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Failed to delete: [Folder] "C:\Program Files (x86)\continuetosave"
Successfully deleted: [Folder] "C:\Program Files (x86)\red kawa"
Successfully deleted: [Folder] "C:\Program Files (x86)\vuze_remote"
Successfully deleted: [Folder] "C:\Users\acer\AppData\Roaming\microsoft\windows\start menu\programs\browserprotect"



~~~ FireFox

Successfully deleted: [File] C:\user.js
Failed to delete: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml"
Successfully deleted: [File] "C:\Program Files (x86)\Mozilla Firefox\searchplugins\searchresults.xml"
Successfully deleted: [File] C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\user.js
Successfully deleted: [File] C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\bprotector_extensions.sqlite
Successfully deleted: [File] C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\bprotector_prefs.js
Successfully deleted: [File] C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\searchplugins\searchresults.xml
Successfully deleted: [Folder] C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\extensions\50e60dc666650@50e60dc666689.com
Successfully deleted: [Folder] C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\extensions\info@allpremiumplay.info
Successfully deleted: [Registry Value] hkey_local_machine\software\mozilla\firefox\extensions\\info@allpremiumplay.info
Successfully deleted: [Registry Value] hkey_current_user\software\mozilla\firefox\extensions\\{58bd07eb-0ee0-4df0-8121-dc9b693373df}
Successfully deleted the following from C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\prefs.js

user_pref("aol_toolbar.default.homepage.check", false);
user_pref("aol_toolbar.default.search.check", false);
user_pref("extensions.BabylonToolbar.prtkDS", 0);
user_pref("extensions.BabylonToolbar.prtkHmpg", 0);
user_pref("extensions.BabylonToolbar_i.aflt", "babsst");
user_pref("extensions.BabylonToolbar_i.babExt", "");
user_pref("extensions.BabylonToolbar_i.babTrack", "affID=111378");
user_pref("extensions.BabylonToolbar_i.hardId", "a4366488000000000000006a8a1ead89");
user_pref("extensions.BabylonToolbar_i.id", "a4366488000000000000006a8a1ead89");
user_pref("extensions.BabylonToolbar_i.instlDay", "15416");
user_pref("extensions.BabylonToolbar_i.instlRef", "sst");
user_pref("extensions.BabylonToolbar_i.newTab", false);
user_pref("extensions.BabylonToolbar_i.newTabUrl", "http://www.claro-search.com/?affID=117452&tt=231112_9103_5212_4&babsrc=NT_ss&mntrId=a43664880000000000002a7c8f3d609e");
user_pref("extensions.BabylonToolbar_i.prdct", "BabylonToolbar");
user_pref("extensions.BabylonToolbar_i.prtnrId", "babylon");
user_pref("extensions.BabylonToolbar_i.smplGrp", "none");
user_pref("extensions.BabylonToolbar_i.srcExt", "ss");
user_pref("extensions.BabylonToolbar_i.tlbrId", "base");
user_pref("extensions.BabylonToolbar_i.vrsn", "1.5.3.17");
user_pref("extensions.BabylonToolbar_i.vrsnTs", "1.5.3.170:53:28");
user_pref("extensions.BabylonToolbar_i.vrsni", "1.5.3.17");
user_pref("extensions.claro.admin", false);
user_pref("extensions.claro.aflt", "babsst");
user_pref("extensions.claro.appId", "{C3110516-8EFC-49D6-8B72-69354F332062}");
user_pref("extensions.claro.dfltLng", "en");
user_pref("extensions.claro.excTlbr", false);
user_pref("extensions.claro.id", "a43664880000000000002a7c8f3d609e");
user_pref("extensions.claro.instlDay", "15698");
user_pref("extensions.claro.instlRef", "sst");
user_pref("extensions.claro.prdct", "claro");
user_pref("extensions.claro.prtnrId", "claro");
user_pref("extensions.claro.tlbrId", "claro");
user_pref("extensions.claro.tlbrSrchUrl", "");
user_pref("extensions.claro.vrsn", "1.8.3.10");
user_pref("extensions.claro.vrsni", "1.8.3.10");
user_pref("extensions.claro_i.smplGrp", "none");
user_pref("extensions.claro_i.vrsnTs", "1.8.3.100:08:26");
user_pref("extensions.nurit5562nurit235.scode", "(function(){try{if('aol.com,mail.google.com,mystart.incredibar.com,premiumreports.info,search.babylon.com,search.funmoods.com,
user_pref("sweetim.toolbar.previous.browser.search.defaultenginename", "");
user_pref("sweetim.toolbar.previous.browser.search.selectedEngine", "");
user_pref("sweetim.toolbar.previous.browser.startup.homepage", "");
user_pref("sweetim.toolbar.previous.keyword.URL", "");
user_pref("sweetim.toolbar.scripts.1.domain-blacklist", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_DS", "");
user_pref("sweetim.toolbar.searchguard.UserRejectedGuard_HP", "");
user_pref("sweetim.toolbar.searchguard.enable", "");
Emptied folder: C:\Users\acer\AppData\Roaming\mozilla\firefox\profiles\id48uezy.default\minidumps [114 files]



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on 18.01.2013 at  2:51:10,79
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~


#6 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Study Hall Senior
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:01:16 AM

Posted 19 January 2013 - 12:06 AM

Hi,

Oh boy, that's quite an infected PC. :blink:

The publisher of AdwCleaner has made a new version. So, please open your current version, uninstall it, and run the new version. If it works, please post the deletion log. If it doesn't, please post the new search log so I can send it to the publisher. Thanks. :)

Gunto

renardsig1_zps37f3a38c.jpg

It's pronounced Goon-toe!
Member of the Bleeping Computer A.I.I. early response team!


#7 Olyabusha

Olyabusha
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 19 January 2013 - 05:15 AM

:mellow:

Unfortunately, the new version doesn't work either. However, I've noticed something strange. In this new log there is some adware found in Chrome (Claro search), but there wasn't any adware in Chrome in the previous scans, and the previous log. How could it end up there if I haven't downloaded anything? Or maybe it couldn't have been found earlier? :(

# AdwCleaner v2.106 - Logfile created 01/19/2013 at 12:09:22
# Updated 17/01/2013 by Xplode
# Operating system : Windows 7 Home Premium Service Pack 1 (64 bits)
# User : acer - AS7741G
# Boot Mode : Normal
# Running from : C:\Users\acer\Downloads\adwcleaner.exe
# Option [Search]


***** [Services] *****


***** [Files / Folders] *****

File Found : C:\Program Files (x86)\Mozilla Firefox\searchplugins\babylon.xml
Folder Found : C:\ProgramData\BrowserProtect
Folder Found : C:\Users\acer\AppData\Local\Temp\BabylonToolbar
Folder Found : C:\Windows\SysWOW64\BrowserProtect

***** [Registry] *****

Key Found : HKCU\Software\AppDataLow\Software\Vuze_Remote
Key Found : HKCU\Software\AppDataLow\SProtector
Key Found : HKCU\Software\AppDataLow\Toolbar
Key Found : HKCU\Software\DataMngr
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\bProtectSettings
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{2EECD738-5844-4A99-B4B6-146BF802613B}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{97F2FF5B-260C-4CCF-834A-2DDA4E29E39E}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{98889811-442D-49DD-99D7-DC866BE87DBC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{C2D64FF7-0AB8-4263-89C9-EA3B0F8F050C}
Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{BA14329E-9550-4989-B3F2-9732E92D17CC}
Key Found : HKCU\Software\a2dddfb238e449
Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Key Found : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
Key Found : HKLM\SOFTWARE\Classes\TypeLib\{E2343056-CC08-46AC-B898-BFC7ACF4E755}
Key Found : HKLM\Software\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKLM\SOFTWARE\MozillaPlugins\@funwebproducts.com/Plugin
Key Found : HKLM\Software\Vuze_Remote
Key Found : HKLM\SOFTWARE\Wow6432Node\a2dddfb238e449
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\{E30ED111-BD63-48C2-A6CB-AB3C9FFFB07C}
Key Found : HKLM\SOFTWARE\Wow6432Node\Classes\CLSID\10
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\dcillohgikpecbmgioknapdpcjofaafl
Key Found : HKLM\SOFTWARE\Wow6432Node\Google\Chrome\Extensions\pgafcinpmmpklohkojmllohdhomoefph
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{2B328637-A3D4-42F8-B981-451981DB906B}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{95A4EF23-BFFC-4E85-B1CC-B09D7C22F2C0}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\{069B290F-5398-4629-A009-85B4BCB4B1B9}
Key Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Uninstall\Vuze_Remote Toolbar
Key Found : HKLM\SOFTWARE\DataMngr
Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{9BB47C17-9C68-4BB3-B188-DD9AF0FD22}
Key Found : HKU\S-1-5-21-3902568943-794505653-1485652950-1000\Software\Microsoft\Internet Explorer\SearchScopes\{0ECDF796-C2DC-4D79-A620-CCE0C0A66CC9}
Value Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes [bProtectorDefaultScope]
Value Found : HKLM\SOFTWARE\Wow6432Node\Microsoft\Internet Explorer\Toolbar [10]
Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [10]

***** [Internet Browsers] *****

-\\ Internet Explorer v9.0.8112.16457

[OK] Registry is clean.

-\\ Mozilla Firefox v18.0 (ru)

File : C:\Users\acer\AppData\Roaming\Mozilla\Firefox\Profiles\id48uezy.default\prefs.js

Found : user_pref("mail.ru.toolbar.url-rank.xml", "<brick id=\"url-rank\" status=\"\" newtab=\"1\" href=\"ht[...]

-\\ Google Chrome v24.0.1312.52

File : C:\Users\acer\AppData\Local\Google\Chrome\User Data\Default\Preferences

Found [l.13] : homepage = "hxxp://www.claro-search.com/?affID=117452&tt=231112_9103_5212_4&babsrc=HP_ss&mntrId=a43664880000000000002a7c8f3d609e",
Found [l.2022] : homepage = "hxxp://www.claro-search.com/?affID=117452&tt=231112_9103_5212_4&babsrc=HP_ss&mntrId=a43664880000000000002a7c8f3d609e",

*************************

AdwCleaner[R1].txt - [4356 octets] - [19/01/2013 12:09:22]

########## EOF - C:\AdwCleaner[R1].txt - [4416 octets] ##########


#8 Olyabusha

Olyabusha
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 19 January 2013 - 04:55 PM

I think I may have another problem... As I told you, I had run SUPERAntiSpyware and deleted all threats. At least I thought they were deleted - the scan ended properly, I checked all the threats, then clicked Remove. It took several minutes to remove everything, I rebooted immediately. However, if I do another scan in SUPERAntiSpyware, those threats are detected again - and I have know idea why! It's the same amount of threats, I removed them again, then did the scan again. They showed up on the scan anyway... Does this mean they can't be removed by SUPERAntiSpyware? But I get the pop-up message that all the threats were removed and I just have to reboot to get rid of them for sure.

#9 Gunto

Gunto

    Bleepin' Reject Phoenix


  • Malware Study Hall Senior
  • 1,022 posts
  • OFFLINE
  •  
  • Gender:Female
  • Location:North Las Vegas, Nevada, USA
  • Local time:01:16 AM

Posted 20 January 2013 - 12:38 AM

Hi,

AdwCleaner has its database for finding adware updated constantly, but it's possibly that other infections on your PC downloaded new malware by itself.

As far as SAS goes, I don't think it's so much it isn't removing them as it is they're being recreated. Since you seem very infected, do the following for me.

Please follow the instructions in ==>This Guide<== starting at Step 6. If you cannot complete a step, skip it and continue.

Once the proper logs are created, then make a NEW TOPIC and post it ==>HERE<== Please include a description of your computer issues, what you have done to resolve them, and a link to this topic.

If you can produce at least some of the logs, then please create the new topic and explain what happens when you try to create the log(s) that you couldn't get. If you cannot produce any of the logs, then still post the topic and explain that you followed the Prep. Guide, were unable to create the logs, and describe what happens when you try to create the logs.

It would be helpful if you post a note here once you have completed the steps in the guide and have started your topic in malware removal. Good luck and be patient.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.

Gunto

renardsig1_zps37f3a38c.jpg

It's pronounced Goon-toe!
Member of the Bleeping Computer A.I.I. early response team!


#10 Olyabusha

Olyabusha
  • Topic Starter

  • Members
  • 27 posts
  • OFFLINE
  •  
  • Local time:03:16 AM

Posted 22 January 2013 - 07:40 PM

Hi,

Again, thank you for trying to help me. I really appreciate it! I started a new topic here http://www.bleepingcomputer.com/forums/topic482687.html
Unfortunately, DDS didn't run properly and no logs were created, but I still hope someone will help me, and I am waiting for a reply.

I didn't understand this part, though.

If HelpBot replies to your topic, PLEASE follow Step One so it will report your topic to the team members.






0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users