Trojan Generic

View previous topic View next topic Go down

Trojan Generic

Post by yurik36 on Fri Nov 11, 2011 10:41 pm

Please help!!!

OTL logfile created on: 11/11/2011 4:57:54 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\YURIK\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 53.19% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 66.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.23 Gb Total Space | 61.87 Gb Free Space | 27.59% Space Free | Partition Type: NTFS

Computer Name: YURIK-PC | User Name: YURIK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2011/11/11 16:56:42 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Users\YURIK\Downloads\OTL.exe
PRC - [2011/11/02 19:23:46 | 003,403,576 | ---- | M] (Systweak Inc., ([You must be registered and logged in to see this link.] -- C:\Program Files\Advanced System Optimizer 3\ASO3.exe
PRC - [2011/11/02 19:23:28 | 000,239,928 | ---- | M] (Systweak Inc., ([You must be registered and logged in to see this link.] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe
PRC - [2011/09/29 03:31:34 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe
PRC - [2011/09/27 06:22:28 | 000,059,240 | ---- | M] (Apple Inc.) -- C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe
PRC - [2011/07/15 23:31:12 | 000,271,360 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\conhost.exe
PRC - [2011/06/24 16:01:12 | 000,151,552 | ---- | M] () -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe
PRC - [2011/06/08 09:45:44 | 000,822,456 | ---- | M] (The Weather Channel Interactive, Inc.) -- C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe
PRC - [2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2011/02/11 11:15:16 | 001,442,152 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Bitdefender\BitDefender 2011\bdagent.exe
PRC - [2011/02/11 11:14:48 | 002,050,864 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Bitdefender\BitDefender 2011\vsserv.exe
PRC - [2011/02/11 11:14:16 | 000,043,936 | ---- | M] (BitDefender S.R.L.) -- C:\Program Files\Bitdefender\BitDefender 2011\updatesrv.exe
PRC - [2010/12/13 13:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe
PRC - [2010/11/30 06:19:06 | 000,101,104 | ---- | M] (BitDefender) -- C:\Program Files\Bitdefender\BitDefender 2011\downloader.exe
PRC - [2010/06/12 19:51:43 | 000,186,760 | ---- | M] () -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe
PRC - [2009/08/10 08:14:26 | 000,027,184 | ---- | M] () -- C:\Windows\snuvcdsm.exe
PRC - [2009/07/13 20:14:42 | 000,049,152 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\taskhost.exe
PRC - [2009/07/13 20:14:12 | 000,100,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\System32\audiodg.exe
PRC - [2009/02/17 17:56:22 | 000,084,712 | ---- | M] (Systweak Inc) -- C:\Program Files\Advanced System Optimizer\aso.exe
PRC - [2008/07/03 07:58:22 | 000,094,208 | ---- | M] (sonix) -- C:\Windows\PLFSetL.exe
PRC - [2007/05/28 11:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe


========== Modules (No Company Name) ==========

MOD - [2011/11/07 22:02:56 | 000,420,920 | ---- | M] () -- C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\ppgooglenaclpluginchrome.dll
MOD - [2011/11/07 22:02:55 | 003,702,840 | ---- | M] () -- C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
MOD - [2011/11/07 22:01:20 | 000,122,952 | ---- | M] () -- C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\avutil-51.dll
MOD - [2011/11/07 22:01:19 | 000,222,280 | ---- | M] () -- C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\avformat-53.dll
MOD - [2011/11/07 22:01:17 | 001,746,504 | ---- | M] () -- C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\avcodec-53.dll
MOD - [2011/11/07 18:44:56 | 008,593,056 | ---- | M] () -- C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
MOD - [2011/11/02 19:23:02 | 000,324,920 | ---- | M] () -- C:\Program Files\Advanced System Optimizer 3\asohtm.dll
MOD - [2011/09/27 06:23:00 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2011/09/27 06:22:40 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/02/11 11:12:38 | 000,185,040 | ---- | M] () -- C:\Program Files\Bitdefender\BitDefender 2011\framework.dll
MOD - [2011/02/11 10:43:40 | 000,109,344 | ---- | M] () -- C:\Program Files\Bitdefender\BitDefender 2011\connector.dll
MOD - [2010/11/30 08:38:54 | 000,189,184 | ---- | M] () -- C:\Program Files\Bitdefender\BitDefender 2011\txmlutil.dll
MOD - [2009/12/12 15:12:03 | 000,141,824 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2009/08/10 08:14:26 | 000,027,184 | ---- | M] () -- C:\Windows\snuvcdsm.exe


========== Win32 Services (SafeList) ==========

SRV - [2011/11/02 19:23:28 | 000,239,928 | ---- | M] (Systweak Inc., ([You must be registered and logged in to see this link.] [Auto | Running] -- C:\Program Files\Advanced System Optimizer 3\ASO3DefragSrv.exe -- (ASO3DiskOptimizer)
SRV - [2011/09/06 18:07:34 | 001,343,400 | ---- | M] (Microsoft Corporation) [Unknown | Stopped] -- C:\Windows\System32\Wat\WatAdminSvc.exe -- (WatAdminSvc)
SRV - [2011/06/24 16:01:12 | 000,151,552 | ---- | M] () [Auto | Running] -- C:\Program Files\Verizon\IHA_MessageCenter\Bin\Verizon_IHAMessageCenter.exe -- (IHA_MessageCenter)
SRV - [2011/02/11 11:14:48 | 002,050,864 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\vsserv.exe -- (VSSERV)
SRV - [2011/02/11 11:14:16 | 000,043,936 | ---- | M] (BitDefender S.R.L.) [Auto | Running] -- C:\Program Files\BitDefender\BitDefender 2011\updatesrv.exe -- (UPDATESRV)
SRV - [2010/12/13 13:37:46 | 000,135,536 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Microsoft LifeCam\MSCamS32.exe -- (MSCamSvc)
SRV - [2010/11/30 06:19:06 | 000,307,544 | ---- | M] (BitDefender) [On_Demand | Stopped] -- C:\Program Files\Common Files\Bitdefender\BitDefender Arrakis Server\bin\arrakis3.exe -- (Update Server)
SRV - [2010/06/12 19:51:43 | 000,186,760 | ---- | M] () [Auto | Running] -- C:\Program Files\Photodex\ProShowGold\scsiaccess.exe -- (ScsiAccess)
SRV - [2010/02/19 12:37:14 | 000,517,096 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe -- (SwitchBoard)
SRV - [2009/07/13 20:16:13 | 000,025,088 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\sensrsvc.dll -- (SensrSvc)
SRV - [2009/07/13 20:16:12 | 001,004,544 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Windows\System32\PeerDistSvc.dll -- (PeerDistSvc)
SRV - [2009/07/13 20:15:41 | 000,680,960 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/28 11:57:54 | 000,275,968 | ---- | M] (Rocket Division Software) [Auto | Running] -- C:\Program Files\Alcohol Soft\Alcohol 120\StarWind\StarWindServiceAE.exe -- (StarWindServiceAE)


========== Driver Services (SafeList) ==========

DRV - [2011/11/10 23:15:35 | 000,122,552 | ---- | M] (BitDefender LLC) [Kernel | On_Demand | Running] -- C:\Program Files\Bitdefender\BitDefender 2011\bdselfpr.sys -- (bdselfpr)
DRV - [2011/01/12 17:23:24 | 000,308,152 | ---- | M] (BitDefender S.R.L.) [File_System | Auto | Running] -- C:\Windows\System32\drivers\Trufos.sys -- (Trufos)
DRV - [2010/12/13 13:37:46 | 000,030,576 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nx6000.sys -- (MSHUSBVideo)
DRV - [2010/11/29 13:12:20 | 001,066,232 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avckf.sys -- (avckf)
DRV - [2010/11/29 13:12:14 | 000,535,824 | ---- | M] (BitDefender) [File_System | On_Demand | Stopped] -- C:\Windows\System32\drivers\avc3.sys -- (avc3)
DRV - [2010/08/20 17:41:54 | 000,088,144 | ---- | M] (BitDefender) [Kernel | System | Running] -- C:\Program Files\Common Files\Bitdefender\BitDefender Firewall\bdfwfpf.sys -- (bdfwfpf)
DRV - [2010/07/09 17:37:00 | 011,008,040 | ---- | M] (NVIDIA Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\nvlddmkm.sys -- (nvlddmkm)
DRV - [2010/07/09 14:08:14 | 000,327,368 | ---- | M] (BitDefender) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfsfltr.sys -- (bdfsfltr)
DRV - [2010/05/13 15:52:04 | 000,152,528 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) [File_System | On_Demand | Running] -- C:\Windows\System32\drivers\bdfm.sys -- (BDFM)
DRV - [2009/12/28 16:37:46 | 000,691,696 | ---- | M] () [Kernel | Boot | Running] -- C:\Windows\System32\Drivers\sptd.sys -- (sptd)
DRV - [2009/11/19 00:03:18 | 000,803,328 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\rt2870.sys -- (rt2870)
DRV - [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motport.sys -- (motport)
DRV - [2009/10/27 11:02:14 | 000,023,936 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motmodem.sys -- (motmodem)
DRV - [2009/09/10 10:29:50 | 001,761,280 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\snp2uvc.sys -- (SNP2UVC) USB2.0 PC Camera (SNP2UVC)
DRV - [2009/07/13 20:19:10 | 000,175,824 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vmbus.sys -- (vmbus)
DRV - [2009/07/13 20:19:10 | 000,040,896 | ---- | M] (Microsoft Corporation) [Kernel | Boot | Running] -- C:\Windows\system32\DRIVERS\vmstorfl.sys -- (storflt)
DRV - [2009/07/13 20:19:10 | 000,028,224 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\storvsc.sys -- (storvsc)
DRV - [2009/07/13 19:18:07 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\WSDPrint.sys -- (WSDPrintDevice)
DRV - [2009/07/13 18:51:11 | 000,034,944 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUsb)
DRV - [2009/07/13 18:28:47 | 000,005,632 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\vms3cap.sys -- (s3cap)
DRV - [2009/07/13 18:28:45 | 000,017,920 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\system32\DRIVERS\VMBusHID.sys -- (VMBusHID)
DRV - [2009/07/13 17:13:47 | 000,266,752 | ---- | M] (Conexant Systems, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\VSTBS23.SYS -- (VSTHWBS2)
DRV - [2009/07/13 17:02:53 | 000,545,792 | ---- | M] (Ralink Technology, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\netr73.sys -- (netr73)
DRV - [2009/07/13 17:02:50 | 000,211,456 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\e1e6032.sys -- (e1express) Intel(R)
DRV - [2009/06/19 15:59:34 | 000,019,712 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgp.sys -- (motccgp)
DRV - [2009/01/29 16:18:00 | 000,008,320 | ---- | M] (Motorola) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\motccgpfl.sys -- (motccgpfl)
DRV - [2008/11/23 04:23:04 | 000,097,792 | ---- | M] (T0r0 2008) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\NSHE.SYS -- (NSHE)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========


IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = [You must be registered and logged in to see this link.]
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local

========== FireFox ==========

FF - prefs.js..browser.search.selectedEngine: "DAEMON Search"
FF - prefs.js..browser.startup.homepage: "mail.ru"
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:1.11
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:12.0.0.1865
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:11.3.1009
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.60
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: {2f17f610-5e97-4fed-828f-9940b7b577a4}:5.0.0
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.0.0
FF - prefs.js..extensions.enabledItems: {635abd67-4fe9-1b23-4f01-e679fa7484c1}:2.1.1.20091029021655
FF - prefs.js..extensions.enabledItems: [You must be registered and logged in to see this link.]:4.2.2


FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=: File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/MycameraPlugin: C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@google.com/npPicasa3,version=3.0.0: C:\Program Files\Google\Picasa3\npPicasa3.dll (Google, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=1.0.3.775: C:\Program Files\Real\RealPlayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=1.0.0.0: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.775: C:\Program Files\Real\RealPlayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=: File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\YURIK\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\YURIK\AppData\Local\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/13 14:30:11 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2010/07/20 21:47:40 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\FFToolbar@bitdefender.com: C:\Program Files\BitDefender\BitDefender 2011\bdaphffext\ [2011/11/10 23:15:48 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2010/12/18 12:09:38 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 3.5.10\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/11/10 17:25:29 | 000,000,000 | ---D | M]
FF - HKEY_CURRENT_USER\software\mozilla\Firefox\Extensions\\smartwebprinting@hp.com: C:\Program Files\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3 [2010/06/13 14:30:11 | 000,000,000 | ---D | M]

[2009/12/08 20:53:22 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Extensions
[2011/11/02 01:14:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions
[2011/09/06 19:45:18 | 000,000,000 | ---D | M] (TV-Fox) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions\{2f17f610-5e97-4fed-828f-9940b7b577a4}
[2010/03/21 17:59:42 | 000,000,000 | ---D | M] (Yahoo! Toolbar) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions\{635abd67-4fe9-1b23-4f01-e679fa7484c1}
[2010/08/03 19:49:16 | 000,000,000 | ---D | M] (United States English Dictionary) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions\en-US@dictionaries.addons.mozilla.org
[2010/07/20 21:22:19 | 000,000,000 | ---D | M] ("AutocompletePro - Your handy search suggestions tool") -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions\support@predictad.com
[2010/08/03 19:45:27 | 000,000,000 | ---D | M] (Яндекс.Бар) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions\yasearch@yandex.ru
[2010/08/03 19:45:25 | 000,000,000 | ---D | M] (No name found) -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\extensions\yasearch@yandex.ru\chrome\skin\extensions-hacks
[2009/12/28 16:38:38 | 000,002,055 | ---- | M] () -- C:\Users\YURIK\AppData\Roaming\Mozilla\Firefox\Profiles\t7hhd2v6.default\searchplugins\daemon-search.xml
[2011/11/07 23:43:42 | 000,000,000 | ---D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2011/11/07 23:43:42 | 000,000,000 | ---D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA}
[2011/11/10 22:06:29 | 000,000,000 | ---D | M] (No name found) -- C:\PROGRAM FILES\AVG\AVG2012\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\DIGITAL CONNECTIONS
[2010/06/13 14:30:11 | 000,000,000 | ---D | M] (HP Smart Web Printing) -- C:\PROGRAM FILES\HP\DIGITAL IMAGING\SMART WEB PRINTING\MOZILLAADDON3
[2010/07/20 21:47:40 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
[2009/11/06 10:37:19 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npCouponPrinter.dll
[2011/10/03 05:06:04 | 000,476,904 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2009/11/06 10:37:20 | 000,091,552 | ---- | M] (Coupons, Inc.) -- C:\Program Files\mozilla firefox\plugins\npMozCouponPrinter.dll
[2010/07/12 11:33:56 | 000,012,800 | ---- | M] (Nullsoft, Inc.) -- C:\Program Files\mozilla firefox\plugins\npwachk.dll

========== Chrome ==========

CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\gcswf32.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.6.9 (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npqtplugin7.dll
CHR - plugin: Java Deployment Toolkit 6.0.290.11 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U29 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Silverlight Plug-In (Enabled) = c:\Program Files\Microsoft Silverlight\4.0.60831.0\npctrl.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit) (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit) (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\np-mswmp.dll
CHR - plugin: 2007 Microsoft Office system (Enabled) = C:\Program Files\Mozilla Firefox\plugins\NPOFF12.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\YURIK\AppData\Local\Google\Chrome\Application\15.0.874.120\pdf.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\YURIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.1857_0\plugins/avgnpss.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npCouponPrinter.dll
CHR - plugin: Coupons Inc., Coupon Printer Manager (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npMozCouponPrinter.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprjplug.dll
CHR - plugin: Winamp Application Detector (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npwachk.dll
CHR - plugin: NPCIG.dll (Enabled) = C:\Program Files\Canon\MyCamera Download Plugin\NPCIG.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Picasa (Enabled) = C:\Program Files\Google\Picasa3\npPicasa3.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\YURIK\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.2_0\

O1 HOSTS File: ([2009/06/10 16:39:37 | 000,000,824 | ---- | M]) - C:\Windows\System32\drivers\etc\hosts
O2 - BHO: (no name) - {02478D38-C3F9-4efb-9B51-7695ECA05670} - No CLSID value found.
O2 - BHO: (AC-Pro) - {0FB6A909-6086-458F-BD92-1F8EE10042A0} - C:\Program Files\AutocompletePro\AutocompletePro.dll (SimplyGen)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O3 - HKLM\..\Toolbar: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O3 - HKLM\..\Toolbar: (BitDefender Toolbar) - {381FFDE8-2394-4F90-B10D-FC6124A40F8C} - C:\Program Files\Bitdefender\BitDefender 2011\ietoolbar.dll (BitDefender S.R.L.)
O3 - HKCU\..\Toolbar\WebBrowser: (DAEMON Tools Toolbar) - {32099AAC-C132-4136-9E9A-4E364A424E17} - C:\Program Files\DAEMON Tools Toolbar\DTToolbar.dll ()
O4 - HKLM..\Run: [BDAgent] C:\Program Files\BitDefender\BitDefender 2011\bdagent.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [BitDefender Antiphishing Helper] C:\Program Files\BitDefender\BitDefender 2011\ieshow.exe (BitDefender S.R.L.)
O4 - HKLM..\Run: [LifeCam] C:\Program Files\Microsoft LifeCam\LifeExp.exe (Microsoft Corporation)
O4 - HKLM..\Run: [PLFSetL] C:\Windows\PLFSetL.exe (sonix)
O4 - HKLM..\Run: [SNUVCDSM] C:\Windows\snuvcdsm.exe ()
O4 - HKLM..\Run: [SwitchBoard] C:\Program Files\Common Files\Adobe\SwitchBoard\SwitchBoard.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [VKSaverUpdater] C:\Program Files\VKSaver\VKSaverUpdater.exe (AudioVkontakte.Ru)
O4 - HKCU..\Run: [ApplePhotoStreams] C:\Program Files\Common Files\Apple\Internet Services\ApplePhotoStreams.exe (Apple Inc.)
O4 - HKCU..\Run: [cdloader] C:\Users\YURIK\AppData\Roaming\mjusbsp\cdloader2.exe (magicJack L.P.)
O4 - HKCU..\Run: [DW6] C:\Program Files\The Weather Channel FW\Desktop\DesktopWeather.exe (The Weather Channel Interactive, Inc.)
O4 - Startup: C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\Adobe Gamma.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe (Adobe Systems, Inc.)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Low Rights present
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Main present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: PromptOnSecureDesktop = 0
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 255
O8 - Extra context menu item: Add to Google Photos Screensa&ver - C:\Windows\System32\GPhotos.scr (Google Inc.)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000010 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O13 - gopher Prefix: missing
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-0016-0000-0029-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} [You must be registered and logged in to see this link.] (Java Plug-in 1.6.0_29)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{46428F13-5CD3-436A-9ED5-C64FB4D2462A}: DhcpNameServer = 192.168.1.1 71.252.0.12
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{9F690017-90CD-40DA-AA8A-B7E99B455B7D}: DhcpNameServer = 192.168.1.1 71.252.0.12
O20 - AppInit_DLLs: (C:\Windows\system32\vksaver.dll) -C:\Windows\System32\vksaver.dll (AudioVkontakte.Ru)
O20 - HKLM Winlogon: Shell - (explorer.exe) -C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) -C:\Windows\System32\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) -C:\Windows\System32\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKCU Winlogon: Shell - (C:\Users\YURIK\AppData\Local\8ef7123d\X) -C:\Users\YURIK\AppData\Local\8ef7123d\X ()
O21 - SSODL: WebCheck - {E6FB5E20-DE35-11CF-9C87-00AA005127ED} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2009/06/10 16:42:20 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O33 - MountPoints2\{863d5c6e-f3f9-11de-b07c-0018f388beb9}\Shell - "" = AutoRun
O33 - MountPoints2\{863d5c70-f3f9-11de-b07c-0018f388beb9}\Shell - "" = AutoRun
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (bddel.exe)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*

NetSvcs: FastUserSwitchingCompatibility - File not found
NetSvcs: Ias - C:\Windows\System32\ias.dll (Microsoft Corporation)
NetSvcs: Nla - File not found
NetSvcs: Ntmssvc - File not found
NetSvcs: NWCWorkstation - File not found
NetSvcs: Nwsapagent - File not found
NetSvcs: SRService - File not found
NetSvcs: WmdmPmSp - File not found
NetSvcs: LogonHours - File not found
NetSvcs: PCAudit - File not found
NetSvcs: helpsvc - File not found
NetSvcs: uploadmgr - File not found

MsConfig - StartUpFolder: C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk - C:\Program Files\Hp\Digital Imaging\bin\hpqtra08.exe - (Hewlett-Packard Co.)
MsConfig - StartUpReg: AdobeCS5.5ServiceManager - hkey= - key= - File not found
MsConfig - StartUpReg: APSDaemon - hkey= - key= - C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
MsConfig - StartUpReg: DAEMON Tools Lite - hkey= - key= - C:\Program Files\DAEMON Tools Lite\DTLite.exe (DT Soft Ltd)
MsConfig - StartUpReg: DivXUpdate - hkey= - key= - Reg Error: Value error. File not found
MsConfig - StartUpReg: Google Update - hkey= - key= - C:\Users\YURIK\AppData\Local\Google\Update\GoogleUpdate.exe (Google Inc.)
MsConfig - StartUpReg: TkBellExe - hkey= - key= - C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
MsConfig - State: "startup" - 2
MsConfig - State: "services" - 0

SafeBootMin: Base - Driver Group
SafeBootMin: Boot Bus Extender - Driver Group
SafeBootMin: Boot file system - Driver Group
SafeBootMin: File system - Driver Group
SafeBootMin: Filter - Driver Group
SafeBootMin: HelpSvc - Service
SafeBootMin: NTDS - File not found
SafeBootMin: PCI Configuration - Driver Group
SafeBootMin: PNP Filter - Driver Group
SafeBootMin: Primary disk - Driver Group
SafeBootMin: sacsvr - Service
SafeBootMin: SCSI Class - Driver Group
SafeBootMin: System Bus Extender - Driver Group
SafeBootMin: vmms - Service
SafeBootMin: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootMin: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootMin: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootMin: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootMin: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootMin: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootMin: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootMin: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootMin: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootMin: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootMin: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootMin: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootMin: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootMin: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootMin: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootMin: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootMin: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootMin: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

SafeBootNet: Base - Driver Group
SafeBootNet: Boot Bus Extender - Driver Group
SafeBootNet: Boot file system - Driver Group
SafeBootNet: File system - Driver Group
SafeBootNet: Filter - Driver Group
SafeBootNet: HelpSvc - Service
SafeBootNet: Messenger - Service
SafeBootNet: NDIS Wrapper - Driver Group
SafeBootNet: NetBIOSGroup - Driver Group
SafeBootNet: NetDDEGroup - Driver Group
SafeBootNet: Network - Driver Group
SafeBootNet: NetworkProvider - Driver Group
SafeBootNet: NTDS - File not found
SafeBootNet: PCI Configuration - Driver Group
SafeBootNet: PNP Filter - Driver Group
SafeBootNet: PNP_TDI - Driver Group
SafeBootNet: Primary disk - Driver Group
SafeBootNet: rdsessmgr - Service
SafeBootNet: sacsvr - Service
SafeBootNet: SCSI Class - Driver Group
SafeBootNet: Streams Drivers - Driver Group
SafeBootNet: System Bus Extender - Driver Group
SafeBootNet: TDI - Driver Group
SafeBootNet: vmms - Service
SafeBootNet: WinDefend - C:\Program Files\Windows Defender\MpSvc.dll (Microsoft Corporation)
SafeBootNet: WudfUsbccidDriver - Driver
SafeBootNet: {36FC9E60-C465-11CF-8056-444553540000} - Universal Serial Bus controllers
SafeBootNet: {4D36E965-E325-11CE-BFC1-08002BE10318} - CD-ROM Drive
SafeBootNet: {4D36E967-E325-11CE-BFC1-08002BE10318} - DiskDrive
SafeBootNet: {4D36E969-E325-11CE-BFC1-08002BE10318} - Standard floppy disk controller
SafeBootNet: {4D36E96A-E325-11CE-BFC1-08002BE10318} - Hdc
SafeBootNet: {4D36E96B-E325-11CE-BFC1-08002BE10318} - Keyboard
SafeBootNet: {4D36E96F-E325-11CE-BFC1-08002BE10318} - Mouse
SafeBootNet: {4D36E972-E325-11CE-BFC1-08002BE10318} - Net
SafeBootNet: {4D36E973-E325-11CE-BFC1-08002BE10318} - NetClient
SafeBootNet: {4D36E974-E325-11CE-BFC1-08002BE10318} - NetService
SafeBootNet: {4D36E975-E325-11CE-BFC1-08002BE10318} - NetTrans
SafeBootNet: {4D36E977-E325-11CE-BFC1-08002BE10318} - PCMCIA Adapters
SafeBootNet: {4D36E97B-E325-11CE-BFC1-08002BE10318} - SCSIAdapter
SafeBootNet: {4D36E97D-E325-11CE-BFC1-08002BE10318} - System
SafeBootNet: {4D36E980-E325-11CE-BFC1-08002BE10318} - Floppy disk drive
SafeBootNet: {50DD5230-BA8A-11D1-BF5D-0000F805F530} - Smart card readers
SafeBootNet: {533C5B84-EC70-11D2-9505-00C04F79DEAF} - Volume shadow copy
SafeBootNet: {6BDD1FC1-810F-11D0-BEC7-08002BE2092F} - IEEE 1394 Bus host controllers
SafeBootNet: {71A27CDD-812A-11D0-BEC7-08002BE2092F} - Volume
SafeBootNet: {745A17A0-74D3-11D0-B6FE-00A0C90F57DA} - Human Interface Devices
SafeBootNet: {D48179BE-EC20-11D1-B6B8-00C04FA372A7} - SBP2 IEEE 1394 Devices
SafeBootNet: {D94EE5D8-D189-4994-83D2-F68D7D41B0E6} - SecurityDevices

ActiveX: {08B0E5C0-4FCB-11CF-AAA5-00401C608500} - Java (Sun)
ActiveX: {22d6f312-b0f6-11d0-94ab-0080c74c7e95} - Microsoft Windows Media Player 12.0
ActiveX: {2C7339CF-2B09-4501-B3F3-F3508C9228ED} - %SystemRoot%\system32\regsvr32.exe /s /n /i:/UserInstall %SystemRoot%\system32\themeui.dll
ActiveX: {3af36230-a269-11d1-b5bf-0000f8051515} - Offline Browsing Pack
ActiveX: {3C3901C5-3455-3E0A-A214-0B093A5070A6} - .NET Framework
ActiveX: {44BBA840-CC51-11CF-AAFA-00AA00B6015C} - "%ProgramFiles%\Windows Mail\WinMail.exe" OCInstallUserConfigOE
ActiveX: {44BBA855-CC51-11CF-AAFA-00AA00B6015F} - DirectDrawEx
ActiveX: {45ea75a0-a269-11d1-b5bf-0000f8051515} - Internet Explorer Help
ActiveX: {47B3BDBB-F2AE-4B55-95C8-921C25DB3B76} - .NET Framework
ActiveX: {4f645220-306d-11d2-995d-00c04f98bbc9} - Microsoft Windows Script 5.6
ActiveX: {5fd399c0-a70a-11d1-9948-00c04f98bbc9} - Internet Explorer Setup Tools
ActiveX: {630b1da0-b465-11d1-9948-00c04f98bbc9} - Browsing Enhancements
ActiveX: {6BF52A52-394A-11d3-B153-00C04F79FAA6} - Microsoft Windows Media Player
ActiveX: {6fab99d0-bab8-11d1-994a-00c04f98bbc9} - MSN Site Access
ActiveX: {7790769C-0471-11d2-AF11-00C04FA35D02} - Address Book 7
ActiveX: {7C028AF8-F614-47B3-82DA-BA94E41B1089} - .NET Framework
ActiveX: {7D876F09-7167-F95B-32DE-D22C4917301B} - Themes Setup
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4340} - regsvr32.exe /s /n /i:U shell32.dll
ActiveX: {89820200-ECBD-11cf-8B85-00AA005B4383} - C:\Windows\System32\ie4uinit.exe -BaseSettings
ActiveX: {89B4C1CD-B018-4511-B0A1-5476DBF70820} - C:\Windows\system32\Rundll32.exe C:\Windows\system32\mscories.dll,Install
ActiveX: {9381D8F2-0288-11D0-9501-00AA00B911A5} - Dynamic HTML Data Binding
ActiveX: {C9E9A340-D1F1-11D0-821E-444553540600} - Internet Explorer Core Fonts
ActiveX: {CDD7975E-60F8-41d5-8149-19E51D6F71D0} - Windows Movie Maker 2.6
ActiveX: {D27CDB6E-AE6D-11CF-96B8-444553540000} - Adobe Flash Player
ActiveX: {de5aed00-a4bf-11d1-9948-00c04f98bbc9} - HTML Help
ActiveX: {E92B03AB-B707-11d2-9CBD-0000F87A369E} - Active Directory Service Interface
ActiveX: >{22d6f312-b0f6-11d0-94ab-0080c74c7e95} - %SystemRoot%\system32\unregmp2.exe /ShowWMP
ActiveX: >{26923b43-4d38-484f-9b9e-de460746276c} - C:\Windows\System32\ie4uinit.exe -UserIconConfig
ActiveX: >{60B49E34-C7CC-11D0-8953-00A0C90347FF} - "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\iedkcs32.dll",BrandIEActiveSetup SIGNUP

Drivers32: msacm.l3acm - C:\Windows\System32\l3codeca.acm (Fraunhofer Institut Integrierte Schaltungen IIS)
Drivers32: MSVideo8 - C:\Windows\System32\vfwwdm32.dll (Microsoft Corporation)
Drivers32: vidc.cvid - C:\Windows\System32\iccvid.dll (Radius Inc.)
Drivers32: vidc.ffds - C:\Program Files\Combined Community Codec Pack\Filters\FFDShow\ff_vfw.dll ()

CREATERESTOREPOINT
Restore point Set: OTL Restore Point

========== Files/Folders - Created Within 30 Days ==========

[2011/11/10 23:15:44 | 000,353,096 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys.upd
[2011/11/10 23:15:07 | 000,105,808 | ---- | C] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdhv.sys.upd
[2011/11/10 23:14:59 | 000,306,320 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys.upd
[2011/11/10 22:42:12 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BitDefender 2011
[2011/11/10 22:42:06 | 000,000,000 | ---D | C] -- C:\Users\YURIK\AppData\Roaming\BitDefender
[2011/11/10 22:29:08 | 000,000,000 | ---D | C] -- C:\Users\YURIK\AppData\Roaming\QuickScan
[2011/11/10 22:28:46 | 000,000,000 | ---D | C] -- C:\ProgramData\BitDefender
[2011/11/10 22:28:32 | 000,308,152 | ---- | C] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\Trufos.sys
[2011/11/10 22:28:30 | 000,327,368 | ---- | C] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys
[2011/11/10 22:14:44 | 000,000,000 | ---D | C] -- C:\Program Files\Bitdefender
[2011/11/10 22:09:24 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Bitdefender
[2011/11/10 19:31:43 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Advanced System Optimizer
[2011/11/10 19:31:40 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Optimizer
[2011/11/10 19:26:18 | 000,414,368 | ---- | C] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/10 19:25:56 | 000,000,000 | -HSD | C] -- C:\Users\YURIK\AppData\Local\8ef7123d
[2011/11/10 19:20:05 | 000,000,000 | ---D | C] -- C:\Users\YURIK\Desktop\SPC_Report
[2011/11/10 19:19:49 | 000,016,184 | ---- | C] (Systweak Inc., ([You must be registered and logged in to see this link.] -- C:\Windows\System32\roboot.exe
[2011/11/10 19:19:40 | 000,000,000 | ---D | C] -- C:\Program Files\Advanced System Optimizer 3
[2011/11/10 17:51:55 | 000,000,000 | ---D | C] -- C:\ProgramData\Systweak
[2011/11/10 17:45:17 | 000,000,000 | ---D | C] -- C:\Windows\Repair
[2011/11/10 17:45:13 | 000,000,000 | ---D | C] -- C:\Users\YURIK\AppData\Roaming\Systweak
[2011/11/09 12:43:42 | 002,339,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\win32k.sys
[2011/11/07 23:44:37 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2011/11/07 23:43:39 | 000,472,808 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\deployJava1.dll
[2011/11/07 23:43:39 | 000,157,472 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaws.exe
[2011/11/07 23:43:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\javaw.exe
[2011/11/07 23:43:39 | 000,145,184 | ---- | C] (Sun Microsystems, Inc.) -- C:\Windows\System32\java.exe
[2011/11/07 16:36:06 | 000,000,000 | R--D | C] -- C:\Users\YURIK\Contacts
[2011/11/07 16:05:27 | 000,000,000 | ---D | C] -- C:\Windows\System32\EventProviders
[2011/11/07 16:05:17 | 000,000,000 | ---D | C] -- C:\df07016fbee6afc5f108f36a35587391
[2011/11/07 16:04:16 | 001,074,176 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\DWrite.dll
[2011/11/07 16:04:16 | 000,739,840 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\d2d1.dll
[2011/10/30 00:31:36 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\iTunes
[2011/10/30 00:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\iTunes
[2011/10/30 00:30:39 | 000,000,000 | ---D | C] -- C:\Program Files\iPod
[2011/10/30 00:27:07 | 000,000,000 | ---D | C] -- C:\Program Files\Bonjour
[2011/10/30 00:23:28 | 000,000,000 | ---D | C] -- C:\Program Files\Apple Software Update
[2011/10/29 18:14:24 | 000,000,000 | ---D | C] -- C:\Users\YURIK\AppData\Roaming\Opanda
[2011/10/25 18:26:57 | 000,000,000 | ---D | C] -- C:\Users\YURIK\Desktop\Slide show
[2011/10/24 17:55:54 | 000,000,000 | ---D | C] -- C:\Users\YURIK\Desktop\Kreiman
[2011/10/15 23:48:52 | 000,000,000 | ---D | C] -- C:\ProgramData\MiMedia
[2011/10/15 23:48:51 | 000,000,000 | ---D | C] -- C:\Program Files\MiMedia LLC
[2011/10/14 21:33:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Portrait Professional Max 6
[2011/10/14 21:33:32 | 000,000,000 | ---D | C] -- C:\Users\YURIK\AppData\Roaming\Anthropics
[2011/10/14 21:33:29 | 000,000,000 | ---D | C] -- C:\Program Files\Portrait Professional Max 6
[2011/10/13 02:10:20 | 000,000,000 | ---D | C] -- C:\3ACC71CC39F581269899D4
[2011/10/13 00:28:39 | 000,465,408 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisdecd.dll
[2011/10/13 00:28:39 | 000,204,288 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSNP.ax
[2011/10/13 00:28:39 | 000,075,776 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\psisrndr.ax
[2011/10/13 00:28:39 | 000,072,704 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\Mpeg2Data.ax
[2011/10/13 00:28:39 | 000,059,904 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\MSDvbNP.ax
[2011/10/13 00:28:29 | 000,606,208 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mstime.dll
[2011/10/13 00:28:29 | 000,599,552 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeeds.dll
[2011/10/13 00:28:29 | 000,381,440 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iedkcs32.dll
[2011/10/13 00:28:29 | 000,185,856 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\iepeers.dll
[2011/10/13 00:28:29 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\ieui.dll
[2011/10/13 00:28:29 | 000,064,512 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedsbs.dll
[2011/10/13 00:28:28 | 001,638,912 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\mshtml.tlb
[2011/10/13 00:28:28 | 000,386,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\html.iec
[2011/10/13 00:28:28 | 000,132,096 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\url.dll
[2011/10/13 00:28:28 | 000,048,128 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\jsproxy.dll
[2011/10/13 00:28:28 | 000,044,544 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\licmgr10.dll
[2011/10/13 00:28:28 | 000,012,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\System32\msfeedssync.exe
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files - Modified Within 30 Days ==========

[2011/11/11 16:57:15 | 000,023,040 | ---- | M] () -- C:\Windows\System32\bddel.exe
[2011/11/11 16:57:09 | 000,002,022 | ---- | M] () -- C:\Windows\System32\bddel.dat
[2011/11/11 16:54:59 | 000,013,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2011/11/11 16:54:58 | 000,013,632 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/10 23:15:44 | 000,353,096 | ---- | M] (BitDefender) -- C:\Windows\System32\drivers\bdfsfltr.sys.upd
[2011/11/10 23:15:07 | 000,105,808 | ---- | M] (BitDefender S.R.L. Bucharest, ROMANIA) -- C:\Windows\System32\drivers\bdhv.sys.upd
[2011/11/10 23:14:59 | 000,306,320 | ---- | M] (BitDefender S.R.L.) -- C:\Windows\System32\drivers\trufos.sys.upd
[2011/11/10 22:45:36 | 000,521,370 | ---- | M] () -- C:\ProgramData\bdinstall.bin
[2011/11/10 22:43:44 | 000,000,415 | ---- | M] () -- C:\Windows\System32\user_gensett.xml
[2011/11/10 22:42:12 | 000,002,102 | ---- | M] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/11/10 22:35:06 | 000,000,908 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2402463147-2887384551-833788903-1001UA.job
[2011/11/10 22:33:56 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/10 22:33:31 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2011/11/10 22:33:18 | 2414,702,592 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/10 22:28:18 | 000,000,884 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/10 22:14:44 | 000,090,470 | ---- | M] () -- C:\ProgramData\1320981260.bdinstall.bin
[2011/11/10 22:11:30 | 000,015,525 | ---- | M] () -- C:\ProgramData\1320981085.bdinstall.bin
[2011/11/10 22:09:55 | 000,091,160 | ---- | M] () -- C:\ProgramData\1320980967.bdinstall.bin
[2011/11/10 21:52:14 | 000,304,417 | ---- | M] () -- C:\Users\YURIK\AppData\Local\census.cache
[2011/11/10 21:51:50 | 000,187,090 | ---- | M] () -- C:\Users\YURIK\AppData\Local\ars.cache
[2011/11/10 21:43:15 | 000,000,036 | ---- | M] () -- C:\Users\YURIK\AppData\Local\housecall.guid.cache
[2011/11/10 21:39:06 | 000,000,434 | ---- | M] () -- C:\Windows\tasks\ASOService.job
[2011/11/10 21:25:22 | 000,000,436 | ---- | M] () -- C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job
[2011/11/10 21:25:22 | 000,000,406 | ---- | M] () -- C:\Windows\tasks\ASO-OneClickCare.job
[2011/11/10 19:56:38 | 000,000,607 | ---- | M] () -- C:\Windows\Uninstall Manager.INI
[2011/11/10 19:31:43 | 000,000,967 | ---- | M] () -- C:\Users\YURIK\Desktop\Advanced System Optimizer.lnk
[2011/11/10 19:26:46 | 000,414,368 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\System32\FlashPlayerCPLApp.cpl
[2011/11/10 19:19:47 | 000,002,218 | ---- | M] () -- C:\Users\YURIK\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Optimizer.lnk
[2011/11/10 19:19:47 | 000,002,200 | ---- | M] () -- C:\Users\Public\Desktop\Smart PC Care.lnk
[2011/11/10 19:06:01 | 000,001,656 | ---- | M] () -- C:\Windows\System32\ASOROSet.bin
[2011/11/10 18:00:00 | 000,000,442 | ---- | M] () -- C:\Windows\tasks\ParetoLogic Registration.job
[2011/11/10 17:25:29 | 000,001,984 | ---- | M] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/11/10 17:16:42 | 003,763,952 | ---- | M] () -- C:\Windows\System32\FNTCACHE.DAT
[2011/11/10 16:58:44 | 000,002,397 | ---- | M] () -- C:\Users\YURIK\Desktop\Google Chrome.lnk
[2011/11/10 12:05:49 | 000,000,856 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-2402463147-2887384551-833788903-1001Core.job
[2011/11/08 21:01:21 | 001,367,541 | ---- | M] () -- C:\Users\YURIK\Desktop\IMG_0796.JPG
[2011/11/08 17:56:34 | 005,329,380 | ---- | M] () -- C:\Users\YURIK\Desktop\IMG_0795.JPG
[2011/11/08 17:55:56 | 005,677,842 | ---- | M] () -- C:\Users\YURIK\Desktop\IMG_0794.JPG
[2011/11/07 23:41:22 | 000,683,890 | ---- | M] () -- C:\Windows\System32\perfh019.dat
[2011/11/07 23:41:22 | 000,623,940 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2011/11/07 23:41:22 | 000,132,444 | ---- | M] () -- C:\Windows\System32\perfc019.dat
[2011/11/07 23:41:22 | 000,106,316 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2011/11/04 13:04:01 | 000,050,353 | ---- | M] () -- C:\Users\YURIK\Desktop\ggggggggggggg.jpg
[2011/11/02 19:24:32 | 000,016,184 | ---- | M] (Systweak Inc., ([You must be registered and logged in to see this link.] -- C:\Windows\System32\roboot.exe
[2011/11/01 15:51:10 | 007,496,808 | ---- | M] () -- C:\Users\YURIK\Desktop\_MG_0200.JPG
[2011/10/30 00:31:36 | 000,001,753 | ---- | M] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/10/29 20:25:53 | 048,282,998 | ---- | M] () -- C:\Users\YURIK\Desktop\Untitled ProShow 1.pxc
[2011/10/28 22:57:40 | 000,250,732 | ---- | M] () -- C:\Users\YURIK\Desktop\Untitled ProShow 1.psh
[2011/10/21 13:11:52 | 005,265,477 | ---- | M] () -- C:\Users\YURIK\Desktop\_MG_0036.JPG
[2011/10/21 13:09:50 | 005,852,658 | ---- | M] () -- C:\Users\YURIK\Desktop\_MG_0035.JPG
[2011/10/16 14:22:14 | 000,003,042 | ---- | M] () -- C:\Users\YURIK\123.wmi
[2011/10/14 21:33:32 | 000,001,108 | ---- | M] () -- C:\Users\YURIK\Desktop\Portrait Professional Max.lnk
[5 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
[2 C:\Windows\System32\drivers\*.tmp files -> C:\Windows\System32\drivers\*.tmp -> ]
[1 C:\Windows\*.tmp files -> C:\Windows\*.tmp -> ]

========== Files Created - No Company Name ==========

[2011/11/10 22:52:22 | 000,023,040 | ---- | C] () -- C:\Windows\System32\bddel.exe
[2011/11/10 22:52:22 | 000,002,022 | ---- | C] () -- C:\Windows\System32\bddel.dat
[2011/11/10 22:43:44 | 000,000,415 | ---- | C] () -- C:\Windows\System32\user_gensett.xml
[2011/11/10 22:42:12 | 000,002,102 | ---- | C] () -- C:\Users\Public\Desktop\BitDefender Antivirus Pro 2011.lnk
[2011/11/10 22:28:29 | 000,521,370 | ---- | C] () -- C:\ProgramData\bdinstall.bin
[2011/11/10 22:14:44 | 000,090,470 | ---- | C] () -- C:\ProgramData\1320981260.bdinstall.bin
[2011/11/10 22:11:30 | 000,015,525 | ---- | C] () -- C:\ProgramData\1320981085.bdinstall.bin
[2011/11/10 22:09:55 | 000,091,160 | ---- | C] () -- C:\ProgramData\1320980967.bdinstall.bin
[2011/11/10 21:52:14 | 000,304,417 | ---- | C] () -- C:\Users\YURIK\AppData\Local\census.cache
[2011/11/10 21:51:50 | 000,187,090 | ---- | C] () -- C:\Users\YURIK\AppData\Local\ars.cache
[2011/11/10 21:43:15 | 000,000,036 | ---- | C] () -- C:\Users\YURIK\AppData\Local\housecall.guid.cache
[2011/11/10 19:56:38 | 000,000,607 | ---- | C] () -- C:\Windows\Uninstall Manager.INI
[2011/11/10 19:31:43 | 000,000,967 | ---- | C] () -- C:\Users\YURIK\Desktop\Advanced System Optimizer.lnk
[2011/11/10 19:20:09 | 000,000,406 | ---- | C] () -- C:\Windows\tasks\ASO-OneClickCare.job
[2011/11/10 19:20:08 | 000,000,436 | ---- | C] () -- C:\Windows\tasks\ASO-AutoCheckUpdate7Days.job
[2011/11/10 19:20:05 | 000,000,434 | ---- | C] () -- C:\Windows\tasks\ASOService.job
[2011/11/10 19:19:49 | 000,017,136 | ---- | C] () -- C:\Windows\System32\sasnative32.exe
[2011/11/10 19:19:47 | 000,002,218 | ---- | C] () -- C:\Users\YURIK\Application Data\Microsoft\Internet Explorer\Quick Launch\Advanced System Optimizer.lnk
[2011/11/10 19:19:47 | 000,002,200 | ---- | C] () -- C:\Users\Public\Desktop\Smart PC Care.lnk
[2011/11/10 19:01:54 | 000,001,656 | ---- | C] () -- C:\Windows\System32\ASOROSet.bin
[2011/11/10 17:24:47 | 000,002,441 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader 9.lnk
[2011/11/10 17:24:47 | 000,001,984 | ---- | C] () -- C:\Users\Public\Desktop\Adobe Reader 9.lnk
[2011/11/09 13:09:58 | 007,496,808 | ---- | C] () -- C:\Users\YURIK\Desktop\_MG_0200.JPG
[2011/11/08 21:00:38 | 005,677,842 | ---- | C] () -- C:\Users\YURIK\Desktop\IMG_0794.JPG
[2011/11/08 21:00:38 | 001,367,541 | ---- | C] () -- C:\Users\YURIK\Desktop\IMG_0796.JPG
[2011/11/08 21:00:37 | 005,329,380 | ---- | C] () -- C:\Users\YURIK\Desktop\IMG_0795.JPG
[2011/11/07 17:47:39 | 000,001,339 | ---- | C] () -- C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\StartUp\Adobe Gamma.lnk
[2011/11/04 13:04:37 | 000,050,353 | ---- | C] () -- C:\Users\YURIK\Desktop\ggggggggggggg.jpg
[2011/11/01 19:10:51 | 005,852,658 | ---- | C] () -- C:\Users\YURIK\Desktop\_MG_0035.JPG
[2011/11/01 19:10:51 | 005,265,477 | ---- | C] () -- C:\Users\YURIK\Desktop\_MG_0036.JPG
[2011/10/30 00:31:36 | 000,001,753 | ---- | C] () -- C:\Users\Public\Desktop\iTunes.lnk
[2011/10/28 20:56:27 | 048,282,998 | ---- | C] () -- C:\Users\YURIK\Desktop\Untitled ProShow 1.pxc
[2011/10/26 21:12:59 | 000,250,732 | ---- | C] () -- C:\Users\YURIK\Desktop\Untitled ProShow 1.psh
[2011/10/14 21:33:32 | 000,001,108 | ---- | C] () -- C:\Users\YURIK\Desktop\Portrait Professional Max.lnk
[2011/09/13 15:11:05 | 000,594,018 | ---- | C] () -- C:\Windows\ETKEU.EXE
[2011/09/13 15:09:18 | 000,000,107 | ---- | C] () -- C:\Windows\ETKVE.INI
[2011/09/10 18:45:50 | 000,213,187 | ---- | C] () -- C:\Users\YURIK\AppData\Roaming\MMUpgrade.jpg
[2011/07/12 18:26:48 | 000,000,170 | ---- | C] () -- C:\ProgramData\nvUnsupRes.dat
[2011/07/03 19:23:34 | 000,000,106 | ---- | C] () -- C:\Windows\VaultMediaClient.INI
[2011/04/25 18:12:40 | 000,175,616 | ---- | C] () -- C:\Windows\System32\unrar.dll
[2011/04/09 17:55:28 | 000,179,261 | ---- | C] () -- C:\Windows\System32\xlive.dll.cat
[2011/04/06 22:01:39 | 000,028,672 | ---- | C] () -- C:\Windows\System32\hlduinst.exe
[2011/04/06 22:01:38 | 000,153,088 | ---- | C] () -- C:\Windows\System32\UNWISE.EXE
[2010/07/20 21:21:19 | 000,000,990 | ---- | C] () -- C:\Windows\System32\dcimam45.sys
[2010/07/18 01:52:15 | 000,013,312 | ---- | C] () -- C:\Users\YURIK\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2010/07/13 20:46:43 | 000,205,864 | ---- | C] () -- C:\Windows\hpoins46.dat
[2010/07/08 09:37:14 | 000,101,544 | ---- | C] () -- C:\Program Files\Common Files\LinkInstaller.exe
[2010/06/18 20:00:27 | 000,022,568 | ---- | C] () -- C:\Windows\hpqins19.dat
[2010/06/13 14:24:47 | 000,170,124 | ---- | C] () -- C:\Windows\hpoins44.dat
[2010/05/29 01:56:48 | 000,000,343 | ---- | C] () -- C:\Windows\SStylerProDemo.INI
[2010/04/13 20:04:54 | 000,007,597 | ---- | C] () -- C:\Users\YURIK\AppData\Local\Resmon.ResmonCfg
[2010/01/29 16:12:12 | 000,000,512 | ---- | C] () -- C:\Windows\hpomdl44.dat
[2009/12/08 21:12:25 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2009/12/01 02:03:55 | 000,000,601 | ---- | C] () -- C:\Windows\hpomdl46.dat
[2009/11/19 00:02:00 | 000,013,931 | ---- | C] () -- C:\Windows\System32\RaCoInst.dat
[2009/09/11 15:58:52 | 002,050,952 | ---- | C] () -- C:\Windows\System32\igkrng400.bin
[2009/09/10 10:29:50 | 001,761,280 | ---- | C] () -- C:\Windows\System32\drivers\snp2uvc.sys
[2009/08/10 08:14:26 | 000,027,184 | ---- | C] () -- C:\Windows\snuvcdsm.exe
[2009/08/03 11:28:06 | 000,683,890 | ---- | C] () -- C:\Windows\System32\perfh019.dat
[2009/08/03 11:28:06 | 000,336,704 | ---- | C] () -- C:\Windows\System32\perfi019.dat
[2009/08/03 11:28:06 | 000,132,444 | ---- | C] () -- C:\Windows\System32\perfc019.dat
[2009/08/03 11:28:06 | 000,039,446 | ---- | C] () -- C:\Windows\System32\perfd019.dat
[2009/07/13 23:57:37 | 000,067,584 | --S- | C] () -- C:\Windows\bootstat.dat
[2009/07/13 23:33:53 | 003,763,952 | ---- | C] () -- C:\Windows\System32\FNTCACHE.DAT
[2009/07/13 21:05:48 | 000,623,940 | ---- | C] () -- C:\Windows\System32\perfh009.dat
[2009/07/13 21:05:48 | 000,291,294 | ---- | C] () -- C:\Windows\System32\perfi009.dat
[2009/07/13 21:05:48 | 000,106,316 | ---- | C] () -- C:\Windows\System32\perfc009.dat
[2009/07/13 21:05:48 | 000,031,548 | ---- | C] () -- C:\Windows\System32\perfd009.dat
[2009/07/13 21:05:05 | 000,000,741 | ---- | C] () -- C:\Windows\System32\NOISE.DAT
[2009/07/13 21:04:11 | 000,215,943 | ---- | C] () -- C:\Windows\System32\dssec.dat
[2009/07/13 19:19:49 | 000,066,048 | ---- | C] () -- C:\Windows\System32\PrintBrmUi.exe
[2009/07/13 18:55:01 | 000,043,131 | ---- | C] () -- C:\Windows\mib.bin
[2009/07/13 18:51:43 | 000,073,728 | ---- | C] () -- C:\Windows\System32\BthpanContextHandler.dll
[2009/07/13 18:42:10 | 000,064,000 | ---- | C] () -- C:\Windows\System32\BWContextHandler.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelTraditionalChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSwedish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSpanish.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelSimplifiedChinese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelPortugese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelKorean.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelJapanese.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelGerman.dll
[2009/06/19 20:06:22 | 000,058,648 | ---- | C] () -- C:\Windows\System32\AgCPanelFrench.dll
[2009/06/10 16:26:10 | 000,673,088 | ---- | C] () -- C:\Windows\System32\mlang.dat
[2009/05/11 09:39:16 | 000,000,323 | ---- | C] () -- C:\Windows\PidList.ini
[2008/12/29 09:13:30 | 000,028,544 | ---- | C] () -- C:\Windows\System32\drivers\sncduvc.sys
[2007/01/31 13:50:32 | 000,913,408 | ---- | C] () -- C:\Windows\System32\xreglib.dll

========== Custom Scans ==========


< %APPDATA%\Microsoft\*.* >

< %systemroot%\system32\config\systemprofile\*.dat /x >

< %USERPROFILE%\Desktop\*.exe >
[2011/01/24 13:42:22 | 014,622,720 | ---- | M] () -- C:\Users\YURIK\Desktop\Giza-Beta-SetUp-sirGH.exe
[2011/06/09 12:15:51 | 000,323,376 | ---- | M] (BitTorrent, Inc.) -- C:\Users\YURIK\Desktop\utorrent.exe

< %PROGRAMFILES%\Common Files\*.* >
[2010/07/08 09:37:14 | 000,101,544 | ---- | M] () -- C:\Program Files\Common Files\LinkInstaller.exe

< %systemroot%\winn32\*.* >

< %USERPROFILE%\My Documents\*.exe >

< %USERPROFILE%\*.exe >

< %PROGRAMFILES%\Mozilla Firefox\*.exe >
[2010/06/24 19:10:04 | 000,120,280 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\crashreporter.exe
[2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation) -- C:\Program Files\Mozilla Firefox\firefox.exe
[2010/06/24 19:10:05 | 000,245,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\Mozilla Firefox\updater.exe

< %ProgramFiles%\TinyProxy. >

< %systemroot%\system32\*.* /lockedfiles >
[2011/11/11 16:54:58 | 000,013,632 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2011/11/11 16:54:59 | 000,013,632 | -H-- | M] () Unable to obtain MD5 -- C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[5 C:\Windows\system32\*.tmp files -> C:\Windows\system32\*.tmp -> ]

yurik36
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-11-11
OS OS : 7
Points Points : 18568
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan Generic

Post by yurik36 on Fri Nov 11, 2011 10:43 pm

< %PROGRAMFILES%\*. >
[2011/11/10 17:24:43 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe
[2011/09/11 00:34:02 | 000,000,000 | ---D | M] -- C:\Program Files\Adobe Support Advisor
[2011/11/10 19:31:43 | 000,000,000 | ---D | M] -- C:\Program Files\Advanced System Optimizer
[2011/11/10 21:25:01 | 000,000,000 | ---D | M] -- C:\Program Files\Advanced System Optimizer 3
[2011/09/14 18:09:29 | 000,000,000 | ---D | M] -- C:\Program Files\AGEIA Technologies
[2010/02/21 18:58:21 | 000,000,000 | ---D | M] -- C:\Program Files\Alcohol Soft
[2011/05/15 17:46:12 | 000,000,000 | ---D | M] -- C:\Program Files\Alwil Software
[2011/11/07 17:24:53 | 000,000,000 | ---D | M] -- C:\Program Files\Apple Software Update
[2011/08/02 20:01:07 | 000,000,000 | ---D | M] -- C:\Program Files\astrojargon.net
[2010/07/20 21:22:18 | 000,000,000 | ---D | M] -- C:\Program Files\AutocompletePro
[2011/09/23 21:04:50 | 000,000,000 | ---D | M] -- C:\Program Files\AVG
[2010/07/13 12:58:15 | 000,000,000 | ---D | M] -- C:\Program Files\AVS4YOU
[2010/03/27 23:05:46 | 000,000,000 | ---D | M] -- C:\Program Files\Bingo's Soft
[2011/11/10 22:41:32 | 000,000,000 | ---D | M] -- C:\Program Files\Bitdefender
[2011/11/07 17:30:37 | 000,000,000 | ---D | M] -- C:\Program Files\Bonjour
[2010/10/30 18:21:38 | 000,000,000 | ---D | M] -- C:\Program Files\BRS
[2011/08/02 09:26:39 | 000,000,000 | ---D | M] -- C:\Program Files\Canon
[2010/10/21 22:03:17 | 000,000,000 | ---D | M] -- C:\Program Files\ChrisTV Online
[2010/10/12 21:56:20 | 000,000,000 | ---D | M] -- C:\Program Files\Codemasters
[2010/05/11 23:18:57 | 000,000,000 | ---D | M] -- C:\Program Files\Combined Community Codec Pack
[2011/11/10 22:42:08 | 000,000,000 | ---D | M] -- C:\Program Files\Common Files
[2010/06/13 14:30:25 | 000,000,000 | ---D | M] -- C:\Program Files\Coupons
[2011/09/23 22:32:19 | 000,000,000 | ---D | M] -- C:\Program Files\Crime Catcher
[2010/10/12 20:47:11 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Lite
[2010/10/12 20:47:12 | 000,000,000 | ---D | M] -- C:\Program Files\DAEMON Tools Toolbar
[2010/02/09 20:36:07 | 000,000,000 | ---D | M] -- C:\Program Files\DFX
[2011/06/12 18:38:45 | 000,000,000 | ---D | M] -- C:\Program Files\Digi-Watcher.com
[2010/07/13 00:14:07 | 000,000,000 | ---D | M] -- C:\Program Files\DivX
[2010/08/07 11:18:56 | 000,000,000 | ---D | M] -- C:\Program Files\Dream Aquarium
[2011/08/07 20:26:28 | 000,000,000 | ---D | M] -- C:\Program Files\DrWeb
[2011/11/07 17:31:15 | 000,000,000 | ---D | M] -- C:\Program Files\DVD Maker
[2011/10/29 22:22:56 | 000,000,000 | ---D | M] -- C:\Program Files\Electronic Arts
[2011/02/03 11:50:00 | 000,000,000 | ---D | M] -- C:\Program Files\Giza
[2011/05/26 23:32:28 | 000,000,000 | ---D | M] -- C:\Program Files\Google
[2011/05/12 20:57:58 | 000,000,000 | ---D | M] -- C:\Program Files\Hawkes Learning Systems
[2010/06/18 20:01:01 | 000,000,000 | ---D | M] -- C:\Program Files\Hp
[2010/06/13 14:30:21 | 000,000,000 | ---D | M] -- C:\Program Files\HP Photo Creations
[2010/03/07 15:31:28 | 000,000,000 | -H-D | M] -- C:\Program Files\InstallShield Installation Information
[2011/11/07 17:33:11 | 000,000,000 | ---D | M] -- C:\Program Files\Internet Explorer
[2011/11/07 17:25:03 | 000,000,000 | ---D | M] -- C:\Program Files\iPod
[2010/05/12 18:05:50 | 000,000,000 | ---D | M] -- C:\Program Files\iSkysoft
[2011/11/07 17:30:38 | 000,000,000 | ---D | M] -- C:\Program Files\iTunes
[2011/11/07 23:43:26 | 000,000,000 | ---D | M] -- C:\Program Files\Java
[2011/04/25 18:13:01 | 000,000,000 | ---D | M] -- C:\Program Files\K-Lite Codec Pack
[2010/06/18 20:10:54 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft
[2009/07/14 02:50:24 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games
[2011/09/26 02:10:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Games for Windows - LIVE
[2011/04/15 13:05:55 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft LifeCam
[2009/12/12 21:14:01 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Office
[2011/11/07 17:25:04 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Silverlight
[2010/06/18 20:09:36 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft SQL Server Compact Edition
[2009/12/12 21:13:56 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio
[2009/12/12 21:12:21 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Visual Studio 8
[2011/09/26 02:05:41 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft Works
[2010/06/26 02:01:47 | 000,000,000 | ---D | M] -- C:\Program Files\Microsoft.NET
[2011/10/15 23:48:51 | 000,000,000 | ---D | M] -- C:\Program Files\MiMedia LLC
[2010/07/19 02:00:47 | 000,000,000 | ---D | M] -- C:\Program Files\Movie Maker 2.6
[2010/06/24 19:10:07 | 000,000,000 | ---D | M] -- C:\Program Files\Mozilla Firefox
[2009/12/12 21:14:06 | 000,000,000 | ---D | M] -- C:\Program Files\MSBuild
[2011/07/05 02:01:29 | 000,000,000 | ---D | M] -- C:\Program Files\MSXML 4.0
[2011/09/14 18:09:29 | 000,000,000 | ---D | M] -- C:\Program Files\NVIDIA Corporation
[2010/10/12 21:39:43 | 000,000,000 | ---D | M] -- C:\Program Files\OpenAL
[2011/06/11 13:33:10 | 000,000,000 | ---D | M] -- C:\Program Files\Opera
[2010/06/12 19:51:39 | 000,000,000 | ---D | M] -- C:\Program Files\Photodex
[2010/11/29 22:03:15 | 000,000,000 | ---D | M] -- C:\Program Files\PhotomatixPro4
[2011/11/07 17:25:04 | 000,000,000 | ---D | M] -- C:\Program Files\Portrait Professional Max 6
[2010/07/12 17:13:22 | 000,000,000 | ---D | M] -- C:\Program Files\PowerDataRecovery
[2010/12/18 12:09:36 | 000,000,000 | ---D | M] -- C:\Program Files\QuickTime
[2010/07/20 21:47:30 | 000,000,000 | ---D | M] -- C:\Program Files\Real
[2009/12/13 17:03:22 | 000,000,000 | ---D | M] -- C:\Program Files\Realtek
[2009/07/13 23:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Reference Assemblies
[2010/05/29 02:09:20 | 000,000,000 | ---D | M] -- C:\Program Files\Salon Styler Pro demo
[2010/02/22 00:53:13 | 000,000,000 | ---D | M] -- C:\Program Files\Samsung
[2010/04/05 21:02:51 | 000,000,000 | ---D | M] -- C:\Program Files\Shape Collage
[2010/12/22 22:08:20 | 000,000,000 | R--D | M] -- C:\Program Files\Skype
[2011/09/06 19:46:05 | 000,000,000 | ---D | M] -- C:\Program Files\SystemRequirementsLab
[2011/02/28 22:51:11 | 000,000,000 | ---D | M] -- C:\Program Files\The Weather Channel FW
[2010/10/17 20:37:44 | 000,000,000 | ---D | M] -- C:\Program Files\Topaz Labs
[2011/08/20 23:10:59 | 000,000,000 | ---D | M] -- C:\Program Files\TSR Soft
[2009/07/13 23:53:23 | 000,000,000 | -H-D | M] -- C:\Program Files\Uninstall Information
[2011/06/09 12:16:42 | 000,000,000 | ---D | M] -- C:\Program Files\uTorrent
[2011/07/03 19:15:45 | 000,000,000 | ---D | M] -- C:\Program Files\Verizon
[2010/05/09 18:32:52 | 000,000,000 | ---D | M] -- C:\Program Files\VKSaver
[2010/07/11 16:09:34 | 000,000,000 | ---D | M] -- C:\Program Files\VoipCheapCom.com
[2010/07/26 19:10:27 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp
[2010/07/26 19:10:18 | 000,000,000 | ---D | M] -- C:\Program Files\Winamp Detect
[2011/11/07 17:31:15 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Defender
[2011/11/07 17:31:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Journal
[2010/07/13 00:11:04 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Live
[2011/11/07 17:31:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Mail
[2011/11/07 17:33:11 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Media Player
[2009/07/13 23:52:30 | 000,000,000 | ---D | M] -- C:\Program Files\Windows NT
[2011/11/07 17:31:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Photo Viewer
[2011/11/07 17:30:29 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Portable Devices
[2011/11/07 17:31:07 | 000,000,000 | ---D | M] -- C:\Program Files\Windows Sidebar
[2009/12/23 22:44:43 | 000,000,000 | ---D | M] -- C:\Program Files\WinRAR
[2011/11/10 17:06:46 | 000,000,000 | ---D | M] -- C:\Program Files\Yahoo!
[2011/09/06 17:29:11 | 000,000,000 | ---D | M] -- C:\Program Files\ Photoshop CS5


< MD5 for: AGP440.SYS >
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\drivers\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\System32\DriverStore\FileRepository\machine.inf_x86_neutral_65848c2d7375a720\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7600.16385_none_b9e9435f20046eeb\AGP440.sys
[2009/07/13 20:26:15 | 000,053,312 | ---- | M] (Microsoft Corporation) MD5=507812C3054C21CEF746B6EE3D04DD6E -- C:\Windows\winsxs\x86_machine.inf_31bf3856ad364e35_6.1.7601.17514_none_bc1a57271cf2f285\AGP440.sys

< MD5 for: ATAPI.SYS >
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\drivers\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\System32\DriverStore\FileRepository\mshdc.inf_x86_neutral_f64b9c35a3a5be81\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7600.16385_none_dd0e7e3d82dd640d\atapi.sys
[2009/07/13 20:26:15 | 000,021,584 | ---- | M] (Microsoft Corporation) MD5=338C86357871C167A96AB976519BF59E -- C:\Windows\winsxs\x86_mshdc.inf_31bf3856ad364e35_6.1.7601.17514_none_df3f92057fcbe7a7\atapi.sys

< MD5 for: DISK.SYS >
[2009/07/13 20:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\drivers\disk.sys
[2009/07/13 20:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\System32\DriverStore\FileRepository\disk.inf_x86_neutral_b431b61a11f8df6c\disk.sys
[2009/07/13 20:20:27 | 000,057,424 | ---- | M] (Microsoft Corporation) MD5=565003F326F99802E68CA78F2A68E9FF -- C:\Windows\winsxs\x86_disk.inf_31bf3856ad364e35_6.1.7600.16385_none_f99cd807d58018cb\disk.sys

< MD5 for: EXPLORER.EXE >
[2011/02/26 00:19:21 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=0FB9C74046656D1579A64660AD67B746 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.21669_none_54149f9ef14031fc\explorer.exe
[2009/07/13 20:14:20 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=15BC38A7492BEFE831966ADB477CF76F -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16385_none_518afd35db100430\explorer.exe
[2011/02/26 00:51:13 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=255CF508D7CFB10E0794D6AC93280BD8 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20910_none_525b5180f3f95373\explorer.exe
[2009/10/31 00:45:39 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=2626FC9755BE22F805D3CFA0CE3EE727 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16450_none_51a66d6ddafc2ed1\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\explorer.exe
[2011/02/26 00:33:07 | 002,614,784 | ---- | M] (Microsoft Corporation) MD5=2AF58D15EDC06EC6FDACCE1F19482BBF -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16768_none_51a3a583dafd0cef\explorer.exe
[2010/11/20 07:17:09 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=40D777B7A95E00593EB1568C68514493 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17514_none_53bc10fdd7fe87ca\explorer.exe
[2011/02/25 00:30:54 | 002,616,320 | ---- | M] (Microsoft Corporation) MD5=8B88EBBB05A0E56B7DCC708498C02B3E -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7601.17567_none_5389023fd8245f84\explorer.exe
[2009/08/03 00:49:47 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=9FF6C4C91A3711C0A3B18F87B08B518D -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20500_none_526619d4f3f142e6\explorer.exe
[2009/08/03 00:35:50 | 002,613,248 | ---- | M] (Microsoft Corporation) MD5=B95EEB0F4E5EFBF1038A35B3351CF047 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.16404_none_51e07e31dad00878\explorer.exe
[2009/10/31 01:00:51 | 002,614,272 | ---- | M] (Microsoft Corporation) MD5=C76153C7ECA00FA852BB0C193378F917 -- C:\Windows\winsxs\x86_microsoft-windows-explorer_31bf3856ad364e35_6.1.7600.20563_none_52283b2af41f3691\explorer.exe

< MD5 for: NETLOGON.DLL >
[2010/11/20 07:20:28 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=C1809B9907ADEDAF16F50C894100883B -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7601.17514_none_ffbf212e963c0162\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\System32\netlogon.dll
[2009/07/13 20:16:02 | 000,563,712 | ---- | M] (Microsoft Corporation) MD5=EAA75D9000B71F10EEC04D2AE6C60E81 -- C:\Windows\winsxs\x86_microsoft-windows-security-netlogon_31bf3856ad364e35_6.1.7600.16385_none_fd8e0d66994d7dc8\netlogon.dll

< MD5 for: NVSTOR.SYS >
[2011/03/11 00:39:00 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4380E59A170D88C4F1022EFF6719A8A4 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17577_none_3ba44e691d6eb11d\nvstor.sys
[2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\drivers\nvstor.sys
[2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_38e464dbe521cc7f\nvstor.sys
[2011/03/11 00:44:01 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=4520B63899E867F354EE012D34E11536 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16778_none_39bef1ad20475e88\nvstor.sys
[2011/03/11 00:28:10 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=66D468654A58594F5F3BA63D5AD5B1AF -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.21680_none_3c1c1942369abb77\nvstor.sys
[2011/03/11 00:52:25 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=8A7583A3B58D3EEB28BB26626526BC91 -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.20921_none_3a779df43942be63\nvstor.sys
[2010/11/20 07:30:06 | 000,143,744 | ---- | M] (NVIDIA Corporation) MD5=9283C58EBAA2618F93482EB5DABCEC82 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_nvraid.inf_31bf3856ad364e35_6.1.7601.17514_none_3be22d131d40bd72\nvstor.sys
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\System32\DriverStore\FileRepository\nvraid.inf_x86_neutral_5bde3fe2945bce9e\nvstor.sys
[2009/07/13 20:20:44 | 000,142,416 | ---- | M] (NVIDIA Corporation) MD5=C99F251A5DE63C6F129CF71933ACED0F -- C:\Windows\winsxs\x86_nvraid.inf_31bf3856ad364e35_6.1.7600.16385_none_39b1194b205239d8\nvstor.sys

< MD5 for: USERINIT.EXE >
[2010/11/20 07:17:48 | 000,026,624 | ---- | M] (Microsoft Corporation) MD5=61AC3EFDFACFDD3F0F11DD4FD4044223 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7601.17514_none_de3024012ff21116\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\System32\userinit.exe
[2009/07/13 20:14:43 | 000,026,112 | ---- | M] (Microsoft Corporation) MD5=6DE80F60D7DE9CE6B8C2DDFDF79EF175 -- C:\Windows\winsxs\x86_microsoft-windows-userinit_31bf3856ad364e35_6.1.7600.16385_none_dbff103933038d7c\userinit.exe

< MD5 for: WINLOGON.EXE >
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\System32\winlogon.exe
[2009/10/28 01:17:59 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=37CDB7E72EB66BA85A87CBE37E7F03FD -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16447_none_6fc699643622d177\winlogon.exe
[2009/10/28 00:52:08 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=3BABE6767C78FBF5FB8435FEED187F30 -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.20560_none_703394514f56f7c2\winlogon.exe
[2010/11/20 07:17:54 | 000,286,720 | ---- | M] (Microsoft Corporation) MD5=6D13E1406F50C66E2A95D97F22C47560 -- C:\Windows\SoftwareDistribution\Download\18e2c83e42cc8f0cc17b5dbfaf982690\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7601.17514_none_71ca6b0233339500\winlogon.exe
[2009/07/13 20:14:45 | 000,285,696 | ---- | M] (Microsoft Corporation) MD5=8EC6A4AB12B8F3759E21F8E3A388F2CF -- C:\Windows\winsxs\x86_microsoft-windows-winlogon_31bf3856ad364e35_6.1.7600.16385_none_6f99573a36451166\winlogon.exe

< HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install|LastSuccessTime /rs >
HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\WindowsUpdate\Auto Update\Results\Install\\LastSuccessTime: 2011-11-11 21:37:44

< hklm\software\clients\startmenuinternet|command /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/06/24 19:10:05 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/06/24 19:10:05 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/06/24 19:10:05 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/08/19 23:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/08/19 23:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)

< hklm\software\clients\startmenuinternet|command /64 /rs >
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\HideIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /HideShortcuts [2010/06/24 19:10:05 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ShowIconsCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /ShowShortcuts [2010/06/24 19:10:05 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\InstallInfo\\ReinstallCommand: "C:\Program Files\Mozilla Firefox\uninstall\helper.exe" /SetAsDefaultAppGlobal [2010/06/24 19:10:05 | 000,552,184 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\open\command\\: C:\Program Files\Mozilla Firefox\firefox.exe [2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\properties\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -preferences [2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\FIREFOX.EXE\shell\safemode\command\\: "C:\Program Files\Mozilla Firefox\firefox.exe" -safe-mode [2010/06/24 19:10:04 | 000,908,248 | ---- | M] (Mozilla Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ShowIconsCommand: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" --show-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\HideIconsCommand: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" --hide-icons [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\InstallInfo\\ReinstallCommand: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" --make-default-browser [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Google Chrome\shell\open\command\\: "C:\Users\YURIK\AppData\Local\Google\Chrome\Application\chrome.exe" [2011/11/07 22:02:58 | 001,036,344 | ---- | M] (Google Inc.)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ShowIconsCommand: "C:\Windows\System32\ie4uinit.exe" -show [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\ReinstallCommand: "C:\Windows\System32\ie4uinit.exe" -reinstall [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\InstallInfo\\HideIconsCommand: "C:\Windows\System32\ie4uinit.exe" -hide [2009/07/13 20:14:21 | 000,176,128 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\naom\command\\: "C:\Program Files\Internet Explorer\iexplore.exe" -extoff [2011/08/19 23:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\IEXPLORE.EXE\shell\open\command\\: C:\Program Files\Internet Explorer\iexplore.exe [2011/08/19 23:35:15 | 000,673,024 | ---- | M] (Microsoft Corporation)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ShowIconsCommand: "C:\Program Files\Opera\Opera.exe" /ShowIconsCommand [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\HideIconsCommand: "C:\Program Files\Opera\Opera.exe" /HideIconsCommand [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\InstallInfo\\ReinstallCommand: "C:\Program Files\Opera\Opera.exe" /ReInstallBrowser [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)
HKEY_LOCAL_MACHINE\software\clients\startmenuinternet\Opera.exe\shell\open\command\\: "C:\Program Files\Opera\Opera.exe" [2011/06/11 13:33:06 | 000,941,936 | ---- | M] (Opera Software)

========== Files - Unicode (All) ==========
[2011/07/04 22:52:24 | 000,000,000 | ---D | M](C:\Users\YURIK\Desktop\?????? ??????) -- C:\Users\YURIK\Desktop\Лерына музыка
[2011/07/04 22:48:55 | 000,000,000 | ---D | C](C:\Users\YURIK\Desktop\?????? ??????) -- C:\Users\YURIK\Desktop\Лерына музыка
(C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\??????) -- C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Яндекс

========== Alternate Data Streams ==========

@Alternate Data Stream - 167 bytes -> C:\ProgramData\TEMP:0B4227B4

< End of report >
OTL Extras logfile created on: 11/11/2011 4:57:54 PM - Run 1
OTL by OldTimer - Version 3.2.31.0 Folder = C:\Users\YURIK\Downloads
Ultimate Edition (Version = 6.1.7600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.7600.16385)
Locale: 00000409 | Country: United States | Language: ENU | Date Format: M/d/yyyy

3.00 Gb Total Physical Memory | 1.60 Gb Available Physical Memory | 53.19% Memory free
6.00 Gb Paging File | 4.00 Gb Available in Paging File | 66.79% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 224.23 Gb Total Space | 61.87 Gb Free Space | 27.59% Space Free | Partition Type: NTFS

Computer Name: YURIK-PC | User Name: YURIK | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: Current user
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\]
.cpl [@ = cplfile] -- C:\Windows\System32\control.exe (Microsoft Corporation)
.hlp [@ = hlpfile] -- C:\Windows\winhlp32.exe (Microsoft Corporation)

========== Shell Spawning ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
hlpfile [open] -- %SystemRoot%\winhlp32.exe %1 (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\InfDefaultInstall.exe "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [Bridge] -- C:\Program Files\Adobe\Adobe Bridge CS5.1\Bridge.exe "%L" (Adobe Systems, Inc.)
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [Digital Photo Professional] -- C:\Program Files\Canon\Digital Photo Professional\DPPViewer.exe /path "%1" (CANON INC.)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Key error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = Reg Error: Unknown registry data type -- File not found
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

========== Firewall Settings ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0
"DisableUnicastResponsesToMulticastBroadcast" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========


========== HKEY_LOCAL_MACHINE Uninstall List ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{033E378E-6AD3-4AD5-BDEB-CBD69B31046C}" = Microsoft_VC90_ATL_x86
"{06A1D88C-E102-4527-AF70-29FFD7AF215A}" = Scan
"{07FB17D8-7DB6-4F06-80C4-8BE1719CB6A1}" = hpWLPGInstaller
"{0840B4D6-7DD1-4187-8523-E6FC0007EFB7}" = Windows Live ID Sign-in Assistant
"{08D2E121-7F6A-43EB-97FD-629B44903403}" = Microsoft_VC90_CRT_x86
"{0E5FDD1D-DCE8-4F9D-9BFD-4E4CF89811E2}" = iCloud
"{0F052922-4BCE-4763-A540-00857554336D}" = Redist
"{0F3647F8-E51D-4FCC-8862-9A8D0C5ACF25}" = Microsoft_VC80_ATL_x86
"{1458BB78-1DC5-4BC0-B9A3-2B644F5A8105}" = DeviceDiscovery
"{14BC6853-A74E-4874-B50D-679889D1544D}" = HP Photosmart D110 All-In-One Driver Software 14.0 Rel. 7
"{150B6201-E9E6-4DFB-960E-CCBD53FBDDED}" = HPProductAssistant
"{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"{26A24AE4-039D-4CA4-87B4-2F83216019FF}" = Java(TM) 6 Update 29
"{292F0F52-B62D-4E71-921B-89A682402201}" = Toolbox
"{29ED20C9-5E15-4969-9279-25BF3727A3DA}" = iTunes
"{2FB9EA69-51D4-4913-9AD5-762C034DE811}" = Status
"{3175E049-F9A9-4A3D-8F19-AC9FB04514D1}" = Windows Live Communications Platform
"{3C3901C5-3455-3E0A-A214-0B093A5070A6}" = Microsoft .NET Framework 4 Client Profile
"{42BBA4CC-EFB6-4653-A2CC-F305D4B399C3}" = PS_AIO_07_D110_SW_Min
"{474F25F5-BDC9-40E5-B1B6-F6BF23FC106F}" = Windows Live Essentials
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{4CB0307C-565E-4441-86BE-0DF2E4FB828C}" = Microsoft Games for Windows Marketplace
"{50316C0A-CC2A-460A-9EA5-F486E54AC17D}_is1" = AVG PC Tuneup 2011
"{5546F4E9-B0F4-4F54-B949-2AB006C9284F}" = DJ_AIO_06_F2400_SW_Min
"{55C4B9E9-39C8-4BD6-9BCF-41BE40393A5F}" = D110
"{565E7B0E-B76B-4EAD-9753-F1E72A5CF12E}" = HPAppStudio
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57752979-A1C9-4C02-856B-FBB27AC4E02C}" = QuickTime
"{634F6989-4BB5-4EF2-AF6F-C15700F81494}}_is1" = Advanced System Optimizer
"{635FED5B-2C6D-49BE-87E6-7A6FCD22BC5A}" = Microsoft_VC90_MFC_x86
"{69FDFBB6-351D-4B8C-89D8-867DC9D0A2A4}" = Windows Media Player Firefox Plugin
"{6C1C9355-BD75-474D-A8D5-B2330AA463A3}" = IHA_MessageCenter
"{6DBB66CD-38C7-472C-BBB9-06BFDA182A29}" = F2400
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{71B6C9B6-CDF1-516E-EDBD-F3F8EBF7A0C7}" = Adobe Support Advisor
"{73FAD870-C7A8-4344-BA8F-DF8675276E91}" = BitDefender Antivirus Pro 2011
"{786C5747-1033-0000-B58E-000000000001}" = Adobe Stock Photos 1.0
"{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}" = Apple Software Update
"{79155F2B-9895-49D7-8612-D92580E0DE5B}" = Bonjour
"{818ABC3C-635C-4651-8183-D0E9640B7DD1}" = HP Update
"{819CA3BC-2FF8-4811-B42F-421F7BFD3559}" = HP Deskjet F2400 All-in-One Driver Software 14.0 Rel. 6
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8A809006-C25A-4A3A-9DAB-94659BCDB107}" = NVIDIA PhysX
"{8E4B1BE8-DCF3-4B90-A726-B28107442623}" = SolutionCenter
"{8EDBA74D-0686-4C99-BFDD-F894678E5B39}" = Adobe Common File Installer
"{8EE94FD8-5F52-4463-A340-185D16328158}" = WebReg
"{8FF6F5CA-4E30-4E3B-B951-204CAAA2716A}" = SmartWebPrinting
"{90120000-0015-0409-0000-0000000FF1CE}" = Microsoft Office Access MUI (English) 2007
"{90120000-0015-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0016-0409-0000-0000000FF1CE}" = Microsoft Office Excel MUI (English) 2007
"{90120000-0016-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0018-0409-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (English) 2007
"{90120000-0018-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0019-0409-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (English) 2007
"{90120000-0019-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001A-0409-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (English) 2007
"{90120000-001A-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001B-0409-0000-0000000FF1CE}" = Microsoft Office Word MUI (English) 2007
"{90120000-001B-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_ENTERPRISE_{ABDDE972-355B-4AF1-89A8-DA50B7B5C045}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-040C-0000-0000000FF1CE}" = Microsoft Office Proof (French) 2007
"{90120000-001F-040C-0000-0000000FF1CE}_ENTERPRISE_{F580DDD5-8D37-4998-968E-EBB76BB86787}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-001F-0C0A-0000-0000000FF1CE}" = Microsoft Office Proof (Spanish) 2007
"{90120000-001F-0C0A-0000-0000000FF1CE}_ENTERPRISE_{187308AB-5FA7-4F14-9AB9-D290383A10D9}" = Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
"{90120000-002C-0409-0000-0000000FF1CE}" = Microsoft Office Proofing (English) 2007
"{90120000-0030-0000-0000-0000000FF1CE}" = Microsoft Office Enterprise 2007
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{0B36C6D6-F5D8-4EAF-BF94-4376A230AD5B}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0030-0000-0000-0000000FF1CE}_ENTERPRISE_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0044-0409-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (English) 2007
"{90120000-0044-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-006E-0409-0000-0000000FF1CE}" = Microsoft Office Shared MUI (English) 2007
"{90120000-006E-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00A1-0409-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (English) 2007
"{90120000-00A1-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-00BA-0409-0000-0000000FF1CE}" = Microsoft Office Groove MUI (English) 2007
"{90120000-00BA-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0114-0409-0000-0000000FF1CE}" = Microsoft Office Groove Setup Metadata MUI (English) 2007
"{90120000-0114-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0115-0409-0000-0000000FF1CE}" = Microsoft Office Shared Setup Metadata MUI (English) 2007
"{90120000-0115-0409-0000-0000000FF1CE}_ENTERPRISE_{DE5A002D-8122-4278-A7EE-3121E7EA254E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{90120000-0117-0409-0000-0000000FF1CE}" = Microsoft Office Access Setup Metadata MUI (English) 2007
"{90120000-0117-0409-0000-0000000FF1CE}_ENTERPRISE_{2FC4457D-409E-466F-861F-FB0CB796B53E}" = Microsoft Office 2007 Service Pack 2 (SP2)
"{92D58719-BBC1-4CC3-A08B-56C9E884CC2C}" = Microsoft_VC80_CRT_x86
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE466FF-70B7-4DA8-807C-DB4C3610FDAA}" = Copy
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9E82D1DB-3AFB-4D18-A221-081F1B4B4789}" = Topaz DeNoise 5
"{A00B9A50-3090-4CFF-9CDA-82DA0BEDAA21}" = Apple Mobile Device Support
"{A1E21995-127E-4B7F-8C4D-CB04AA8A58EF}_is1" = Advanced System Optimizer
"{A78FE97A-C0C8-49CE-89D0-EDD524A17392}" = PDF Settings CS5
"{A80FA752-C491-4ED9-ABF0-4278563160B2}" = 32 Bit HP CIO Components Installer
"{A83279FD-CA4B-4206-9535-90974DE76654}" = Apple Application Support
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{A9F6CFB0-806D-11E0-8EA1-B8AC6F97B88E}" = Google Earth Plug-in
"{AC35A885-0F8F-4857-B7DA-6E8DFB43E6B3}" = HPSSupply
"{AC76BA86-7AD7-1033-7B44-A94000000001}" = Adobe Reader 9.4.6
"{B3BC9DB1-0B0A-48B0-B86B-EA77CAA7F800}" = Microsoft Corporation
"{B3DAF54F-DB25-4586-9EF1-96D24BB14088}" = Windows Movie Maker 2.6
"{B6D38690-755E-4F40-A35A-23F8BC2B86AC}" = Microsoft_VC90_MFCLOC_x86
"{B74D4E10-1033-0000-0000-000000000001}" = Adobe Bridge 1.0
"{BB3447F6-9553-4AA9-960E-0DB5310C5779}" = GPBaseService2
"{BD71B413-9FEE-49BB-A6D1-2C0BFB99BDFE}" = Microsoft LifeCam
"{BD7204BA-DD64-499E-9B55-6A282CDF4FA4}" = Destinations
"{C75CDBA2-3C86-481e-BD10-BDDA758F9DFF}" = hpPrintProjects
"{CAE4213F-F797-439D-BD9E-79B71D115BE3}" = HPPhotoGadget
"{CC23FF9A-989C-4DEB-8970-50E6E4862315}" = EOSInfo
"{CD31E63D-47FD-491C-8117-CF201D0AFAB5}" = TrayApp
"{D1A19B02-817E-4296-A45B-07853FD74D57}" = Microsoft_VC80_MFC_x86
"{D2FCA41E-AC01-4DCD-B3A7-DC9E32363065}}_is1" = Rapture3D 2.4.4 Game
"{D360FA88-17C8-4F14-B67F-13AAF9607B12}" = MarketResearch
"{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"{D92BBB52-82FF-42ED-8A3C-4E062F944AB7}" = Microsoft_VC80_MFCLOC_x86
"{E517094C-06B6-419F-8FFD-EF4F57972130}" = QuickTransfer
"{E633D396-5188-4E9D-8F6B-BFB8BF3467E8}" = Skype 5.0
"{E9787678-1033-0000-8E67-000000000001}" = Adobe Help Center 1.0
"{EDD235BB-9FB4-4604-85ED-1B14A256F4E0}" = Adobe Photoshop Lightroom 3.2
"{EE39FFBD-544E-49E4-A999-6819828EAE91}" = Windows Live Photo Gallery
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F2508213-9989-4E85-A078-72BE483917EF}" = Microsoft Games for Windows - LIVE Redistributable
"{F4F4F84E-804F-4E9A-84D7-C34283F0088F}" = RealUpgrade 1.0
"{F80BD4BC-06B8-488E-A62E-C4755013DD71}" = Network
"{FA0FF682-CC70-4C57-93CD-E276F3E7537E}" = BufferChm
"{FDB3B167-F4FA-461D-976F-286304A57B2A}" = Adobe AIR
"Adobe AIR" = Adobe AIR
"Adobe Flash Player ActiveX" = Adobe Flash Player 11 ActiveX
"Adobe Photoshop CS2 - {236BB7C4-4419-42FD-0409-1E257A25E34D}" = Adobe Photoshop CS2
"AdobeSupportAdvisor.E7BED6E5DDA59983786DD72EBFA46B1598278E07.1" = Adobe Support Advisor
"AutocompletePro3_is1" = AutocompletePro
"BitDefender" = BitDefender Antivirus Pro 2011
"CameraWindowDVC6" = Canon Utilities CameraWindow DC_DV 6 for ZoomBrowser EX
"CameraWindowLauncher" = Canon Utilities CameraWindow
"CANON iMAGE GATEWAY Task" = CANON iMAGE GATEWAY Task for ZoomBrowser EX
"Canon Internet Library for ZoomBrowser EX" = Canon Internet Library for ZoomBrowser EX
"Canon MOV Decoder" = Canon MOV Decoder
"Canon MOV Encoder" = Canon MOV Encoder
"Combined Community Codec Pack_is1" = Combined Community Codec Pack 2009-09-09
"Coupon Printer for Windows5.0.0.0" = Coupon Printer for Windows
"DAEMON Tools Toolbar" = DAEMON Tools Toolbar
"DFX for Windows Media Player" = DFX for Windows Media Player
"DPP" = Canon Utilities Digital Photo Professional 3.9
"Dream Aquarium" = Dream Aquarium 1.234
"ENTERPRISE" = Microsoft Office Enterprise 2007
"EOS USB WIA Driver" = EOS USB WIA Driver
"EOS Utility" = Canon Utilities EOS Utility
"Giza1.0.2.18 (Beta version)" = Giza
"Hardlock Device Drivers" = Hardlock Device Drivers
"HDMI" = Intel(R) Graphics Media Accelerator Driver
"HP Imaging Device Functions" = HP Imaging Device Functions 14.0
"HP Photo Creations" = HP Photo Creations
"HP Print Projects" = HP Print Projects 1.0
"HP Smart Web Printing" = HP Smart Web Printing 4.60
"HP Solution Center & Imaging Support Tools" = HP Solution Center 14.0
"HPExtendedCapabilities" = HP Customer Participation Program 14.0
"InstallShield_{D4A2EF65-9888-4EFF-8EA0-A2D2C3152A29}" = Samsung USB Driver (MCCI 4.34) WHQL v3.4
"KLiteCodecPack_is1" = K-Lite Codec Pack 7.1.0 (Standard)
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"MovieEditTask" = Canon MovieEdit Task for ZoomBrowser EX
"Mozilla Firefox (3.5.10)" = Mozilla Firefox (3.5.10)
"MyCamera" = Canon Utilities MyCamera
"MyCamera Download Plugin" = CANON iMAGE GATEWAY MyCamera Download Plugin
"NVIDIA Display Control Panel" = NVIDIA Display Control Panel
"NVIDIA Drivers" = NVIDIA Drivers
"OpenAL" = OpenAL
"Opera 11.11.2109" = Opera 11.11
"Original Data Security Tools" = Canon Utilities Original Data Security Tools
"PhotomatixPro4.0x32_is1" = Photomatix Pro version 4.0.2
"PhotoStitch" = Canon Utilities PhotoStitch
"Picasa 3" = Picasa 3
"Picture Style Editor" = Canon Utilities Picture Style Editor
"Portrait Professional Max 6_is1" = Portrait Professional Max 6.3
"Power Data Recovery_is1" = Power Data Recovery 4.1.1
"ProShow Gold" = ProShow Gold
"RAW Image Task" = Canon RAW Image Task for ZoomBrowser EX
"RealPlayer 12.0" = RealPlayer
"RemoteCaptureTask" = Canon Utilities RemoteCapture Task for ZoomBrowser EX
"ShapeCollage" = Shape Collage
"Shop for HP Supplies" = Shop for HP Supplies
"SystemRequirementsLab" = System Requirements Lab
"The Weather Channel Desktop 6" = The Weather Channel Desktop 6
"uTorrent" = Torrent
"Verizon Media Manager" = Verizon Media Manager
"VKSaver" = VKSaver
"VoipCheapCom_is1" = VoipCheapCom
"Watermark Image_is1" = Watermark Image software version 1.9.9.7
"WFTK" = Canon Utilities WFT Utility
"Winamp" = Winamp
"WinLiveSuite_Wave3" = Windows Live Essentials
"WinRAR archiver" = WinRAR archiver
"ZoomBrowser EX" = Canon Utilities ZoomBrowser EX
"ZoomBrowser EX Memory Card Utility" = Canon ZoomBrowser EX Memory Card Utility

========== HKEY_CURRENT_USER Uninstall List ==========

[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome
"magicJack" = magicJack
"Winamp Detect" = Winamp Detector Plug-in

========== Last 10 Event Log Errors ==========

[ Application Events ]
Error - 11/10/2011 11:41:51 PM | Computer Name = YURIK-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_gcswf32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: gcswf32.dll, version: 11.1.102.55,
time stamp: 0x4eaf862f Exception code: 0xc0000005 Fault offset: 0x001cb58b Faulting
process id: 0x16f0 Faulting application start time: 0x01cca023d8d1dc8e Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Users\YURIK\AppData\Local\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll
Report
Id: 16a96f2d-0c17-11e1-92dd-0018f388beb9

Error - 11/10/2011 11:49:39 PM | Computer Name = YURIK-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_gcswf32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: gcswf32.dll, version: 11.1.102.55,
time stamp: 0x4eaf862f Exception code: 0xc0000005 Fault offset: 0x001cb58b Faulting
process id: 0x1638 Faulting application start time: 0x01cca024ed4e2ba9 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Users\YURIK\AppData\Local\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll
Report
Id: 2ddf89e8-0c18-11e1-92dd-0018f388beb9

Error - 11/11/2011 12:15:19 AM | Computer Name = YURIK-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_gcswf32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: gcswf32.dll, version: 11.1.102.55,
time stamp: 0x4eaf862f Exception code: 0xc0000005 Fault offset: 0x001cb58b Faulting
process id: 0x57c Faulting application start time: 0x01cca02883d7a376 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Users\YURIK\AppData\Local\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll
Report
Id: c3845329-0c1b-11e1-92dd-0018f388beb9

Error - 11/11/2011 12:31:11 AM | Computer Name = YURIK-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 11/11/2011 1:31:11 AM | Computer Name = YURIK-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 11/11/2011 2:31:11 AM | Computer Name = YURIK-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 11/11/2011 2:36:33 AM | Computer Name = YURIK-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_gcswf32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: gcswf32.dll, version: 11.1.102.55,
time stamp: 0x4eaf862f Exception code: 0xc0000005 Fault offset: 0x001cb58b Faulting
process id: 0xe90 Faulting application start time: 0x01cca03c405bebb2 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Users\YURIK\AppData\Local\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll
Report
Id: 7e95ad1c-0c2f-11e1-92dd-0018f388beb9

Error - 11/11/2011 5:39:33 PM | Computer Name = YURIK-PC | Source = Application Error | ID = 1000
Description = Faulting application name: rundll32.exe_gcswf32.dll, version: 6.1.7600.16385,
time stamp: 0x4a5bc637 Faulting module name: gcswf32.dll, version: 11.1.102.55,
time stamp: 0x4eaf862f Exception code: 0xc0000005 Fault offset: 0x001cb58b Faulting
process id: 0x894 Faulting application start time: 0x01cca0ba669cc040 Faulting application
path: C:\Windows\system32\rundll32.exe Faulting module path: C:\Users\YURIK\AppData\Local\Google\Chrome\APPLIC~1\150874~1.120\gcswf32.dll
Report
Id: a4ae3893-0cad-11e1-92dd-0018f388beb9

Error - 11/11/2011 6:10:03 PM | Computer Name = YURIK-PC | Source = Software Protection Platform Service | ID = 8193
Description = License Activation Scheduler (sppuinotify.dll) failed with the following
error code: 0x80070005

Error - 11/11/2011 6:25:11 PM | Computer Name = YURIK-PC | Source = Application Error | ID = 1000
Description = Faulting application name: wmplayer.exe, version: 12.0.7600.16667,
time stamp: 0x4c7dc5a1 Faulting module name: dfxForWMPUI.dll_unloaded, version:
0.0.0.0, time stamp: 0x4ac4fa63 Exception code: 0xc0000005 Fault offset: 0x0ada151d
Faulting
process id: 0xabc Faulting application start time: 0x01cca0c09abf4eb1 Faulting application
path: C:\Program Files\Windows Media Player\wmplayer.exe Faulting module path: dfxForWMPUI.dll
Report
Id: 042bce47-0cb4-11e1-92dd-0018f388beb9

[ Media Center Events ]
Error - 7/9/2010 12:44:10 PM | Computer Name = YURIK-PC | Source = MCUpdate | ID = 0
Description = 12:44:10 PM - Error connecting to the internet. 12:44:10 PM - Unable
to contact server..

Error - 7/9/2010 1:48:25 PM | Computer Name = YURIK-PC | Source = MCUpdate | ID = 0
Description = 1:48:25 PM - Error connecting to the internet. 1:48:25 PM - Unable
to contact server..

Error - 7/9/2010 2:49:04 PM | Computer Name = YURIK-PC | Source = MCUpdate | ID = 0
Description = 2:49:03 PM - Error connecting to the internet. 2:49:03 PM - Unable
to contact server..

Error - 7/9/2010 3:49:54 PM | Computer Name = YURIK-PC | Source = MCUpdate | ID = 0
Description = 3:49:54 PM - Error connecting to the internet. 3:49:54 PM - Unable
to contact server..

[ System Events ]
Error - 11/10/2011 11:14:07 PM | Computer Name = YURIK-PC | Source = DCOM | ID = 10005
Description =

Error - 11/10/2011 11:14:06 PM | Computer Name = YURIK-PC | Source = Service Control Manager | ID = 7001
Description = The Network List Service service depends on the Network Location Awareness
service which failed to start because of the following error: %%1068

Error - 11/10/2011 11:15:33 PM | Computer Name = YURIK-PC | Source = Service Control Manager | ID = 7001
Description = The PnP-X IP Bus Enumerator service depends on the Function Discovery
Provider Host service which failed to start because of the following error: %%1068

Error - 11/10/2011 11:17:16 PM | Computer Name = YURIK-PC | Source = Service Control Manager | ID = 7003
Description = The Guardant Emulator Driver service depends the following service:
HARDLOCK. This service might not be installed.

Error - 11/10/2011 11:18:22 PM | Computer Name = YURIK-PC | Source = DCOM | ID = 10016
Description =

Error - 11/10/2011 11:34:11 PM | Computer Name = YURIK-PC | Source = Service Control Manager | ID = 7003
Description = The Guardant Emulator Driver service depends the following service:
HARDLOCK. This service might not be installed.

Error - 11/10/2011 11:34:50 PM | Computer Name = YURIK-PC | Source = DCOM | ID = 10016
Description =

Error - 11/10/2011 11:45:44 PM | Computer Name = YURIK-PC | Source = DCOM | ID = 10001
Description =

Error - 11/11/2011 12:31:11 AM | Computer Name = YURIK-PC | Source = DCOM | ID = 10001
Description =

Error - 11/11/2011 2:56:44 AM | Computer Name = YURIK-PC | Source = Microsoft-Windows-HAL | ID = 12
Description = The platform firmware has corrupted memory across the previous system
power transition. Please check for updated firmware for your system.


< End of report >
aswMBR version 0.9.8.986 Copyright(c) 2011 AVAST Software
Run date: 2011-11-11 17:04:57
-----------------------------
17:04:57.276 OS Version: Windows 6.1.7600
17:04:57.276 Number of processors: 2 586 0xF06
17:04:57.276 ComputerName: YURIK-PC UserName: YURIK
17:05:03.123 Initialize success
17:05:36.481 Disk 0 (boot) \Device\Harddisk0\DR0 -> \Device\Ide\IAAStorageDevice-1
17:05:36.484 Disk 0 Vendor: SAMSUNG_ VT10 Size: 238475MB BusType: 8
17:05:36.520 Disk 0 MBR read successfully
17:05:36.524 Disk 0 MBR scan
17:05:36.528 Disk 0 Windows 7 default MBR code
17:05:36.550 Disk 0 scanning sectors +488392065
17:05:36.634 Disk 0 scanning C:\Windows\system32\drivers
17:05:46.564 Service scanning
17:05:48.595 Service sptd C:\Windows\System32\Drivers\sptd.sys **LOCKED** 32
17:05:49.252 Modules scanning
17:06:06.356 Module: C:\Windows\System32\user32.dll **SUSPICIOUS**
17:06:08.755 Disk 0 trace - called modules:
17:06:08.775 ntkrnlpa.exe CLASSPNP.SYS disk.sys >>UNKNOWN [0x8557b1f8]<<
17:06:08.785 1 nt!IofCallDriver -> \Device\Harddisk0\DR0[0x86d60030]
17:06:08.785 3 CLASSPNP.SYS[8b99959e] -> nt!IofCallDriver -> \Device\Ide\IAAStorageDevice-1[0x855a3028]
17:06:08.952 \Driver\iaStorV[0x862c3ee8] -> IRP_MJ_CREATE -> 0x8557b1f8
17:06:08.960 Scan finished successfully
17:06:29.265 Disk 0 MBR has been saved successfully to "C:\Users\YURIK\Desktop\MBR.dat"
17:06:29.378 The log file has been saved successfully to "C:\Users\YURIK\Desktop\aswMBR.txt"





yurik36
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-11-11
OS OS : 7
Points Points : 18568
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan Generic

Post by Superdave on Fri Nov 11, 2011 11:40 pm

Hello and welcome to GeekPolice.Net My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*****************************************************************
What appears to be wrong with your computer?

P2P - I see you have P2P software installed on your machine. (uTorrent)We are not here to pass judgment on file-sharing as a concept. However, we will warn you that engaging in this activity and having this kind of software installed on your machine will always make you more susceptible to re-infections. It is certainly contributing to your current situation.

Please note: Even if you are using a "safe" P2P program, it is only the program that is safe. You will be sharing files from uncertified sources, and these are often infected. The bad guys use P2P filesharing as a major conduit to spread their wares.

I would strongly recommend that you uninstall them, however that choice is up to you. If you choose to remove these programs, you can do so via Control Panel >> Add or Remove Programs.
************************************************
SUPERAntiSpyware

If you already have SUPERAntiSpyware be sure to check for updates before scanning!


Download [You must be registered and logged in to see this link.]
* Double-click the icon on your desktop to run the installer.
* When asked to Update the program definitions, click Yes
* If you encounter any problems while downloading the updates, manually download and unzip them from here
* Next click the Preferences button.

Under Start-Up Options uncheck Start SUPERAntiSpyware when Windows starts
* Click the Scanning Control tab.
* Under Scanner Options make sure only the following are checked:

Close browsers before scanning
Scan for tracking cookies
Terminate memory threats before quarantining
Please leave the others unchecked

Click the Close button to leave the control center screen.

* On the main screen click Scan your computer
* On the left check the box for the drive you are scanning.
* On the right choose Perform Complete Scan
* Click Next to start the scan. Please be patient while it scans your computer.
* After the scan is complete a summary box will appear. Click OK
* Make sure everything in the white box has a check next to it, then click Next
* It will quarantine what it found and if it asks if you want to reboot, click Yes

To retrieve the removal information please do the following:
After reboot, double-click the SUPERAntiSpyware icon on your desktop.
Click Preferences. Click the Statistics/Logs tab.

Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.

It will open in your default text editor (preferably Notepad).
Save the notepad file to your desktop by clicking (in notepad) File > Save As...

* Save the log somewhere you can easily find it. (normally the desktop)
* Click close and close again to exit the program.
*Copy and Paste the log in your post.
**************************************************
Please download Malwarebytes Anti-Malware from [You must be registered and logged in to see this link.]
Double Click mbam-setup.exe to install the application.

  • Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  • If an update is found, it will download and install the latest version.
  • Once the program has loaded, select "Perform Full Scan", then click Scan.
  • The scan may take some time to finish,so please be patient.
  • When the scan is complete, click OK, then Show Results to view the results.
  • Make sure that everything is checked, and click Remove Selected.
  • When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
  • Please save the log to a location you will remember.
  • The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
  • Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
********************************************************
Download DDS from [You must be registered and logged in to see this link.] or [You must be registered and logged in to see this link.] and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control [You must be registered and logged in to see this link.].Then post your DDS logs. (DDS.txt and Attach.txt )

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83181
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan Generic

Post by yurik36 on Sat Nov 12, 2011 3:12 am

I got SuperAntispyware done:

SUPERAntiSpyware Scan Log
[You must be registered and logged in to see this link.]

Generated 11/11/2011 at 10:07 PM

Application Version : 5.0.1136

Core Rules Database Version : 7935
Trace Rules Database Version: 5747

Scan type : Complete Scan
Total Scan Time : 02:56:29

Operating System Information
Windows 7 Ultimate 32-bit (Build 6.01.7600)
UAC On - Limited User

Memory items scanned : 727
Memory threats detected : 0
Registry items scanned : 40335
Registry threats detected : 0
File items scanned : 177281
File threats detected : 541

Adware.Tracking Cookie
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\T6FAOO0Q.txt [ /burstbeacon.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\FTDS7U2Z.txt [ /xm.xtendmedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\OVYO3CTF.txt [ /ads.lzjl.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\CYJMYZKG.txt [ /ads.financialcontent.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\2W4YKDNM.txt [ /tacoda.at.atwola.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\E189C9SJ.txt [ /vidasco.rotator.hadj7.adjuggler.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\43PTNCBV.txt [ /serving-sys.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\UXAG9352.txt [ /adxpose.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\7CBMBCU1.txt [ /insightexpressai.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\RL73F0WX.txt [ /www.burstbeacon.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\CO57M5OZ.txt [ /bizzclick.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\0W50Y1P1.txt [ /ads.parkingpath.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\JBSGBF22.txt [ /trafficno.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\5204L8LD.txt [ /adjuggler.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\U283QDKC.txt [ /collective-media.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\TSE4FGSC.txt [ /atdmt.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\SRUW4CUA.txt [ /rotator.adjuggler.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\X2Y31EUQ.txt [ /ar.atwola.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\N51FYXTI.txt [ /ad.yieldmanager.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\1FEGS9UX.txt [ /adup.rotator.hadj7.adjuggler.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\B9TMNRMW.txt [ /mediaservices-d.openxenterprise.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\WHMEI21L.txt [ /adserver.leanmarket.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\AO800NEK.txt [ /harrenmedianetwork.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\YBHVYLGJ.txt [ /mm.chitika.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\WIK4GPTQ.txt [ /yieldmanager.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\DOI94HYE.txt [ /clicksor.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\UC9C2UQM.txt [ /adserver.adtechus.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\SCJEFETA.txt [ /revsci.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\757X2900.txt [ /ads.gamersmedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\2U207Z65.txt [ /miva.cinomedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\DLL2I4SJ.txt [ /clickbooth.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\NFMNCW4G.txt [ /chitika.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\IBIO7L7N.txt [ /enhance.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\32CK822N.txt [ /akamai.interclickproxy.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\HQAY86IM.txt [ /urlstats--higherimages4--com.rtrk.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\MKGT43DJ.txt [ /invitemedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\OSOKAH4O.txt [ /ads.bighealthtree.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\3AM61YSG.txt [ /adinterax.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\3JR3T6KV.txt [ /crackle.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\HEN4QW52.txt [ /at.atwola.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\E9P8VCGC.txt [ /a1.interclick.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\WPXZRM91.txt [ /xml.trafficengine.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\XA74MX6G.txt [ /specificclick.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\RZPLP55U.txt [ /ghmedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\8D3PLPGR.txt [ /legolas-media.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\8BX1I61W.txt [ /ads.cleveland.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\4ZI8F5XY.txt [ /media6degrees.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\FUBK5DRE.txt [ /ads.pubmatic.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\5DSNHLQ6.txt [ /web-traffic-analysis.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\90APVAC0.txt [ /ads.lycos.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\V5CASJT7.txt [ /filter.plusfind.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\H42OYN12.txt [ /content.yieldmanager.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\64A9Y0W8.txt [ /pro-market.net ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\AE5JASHV.txt [ /imrworldwide.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\08U6THZ0.txt [ /interclick.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\UMYUL567.txt [ /ads.adk2.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\QBREOEB1.txt [ /adbrite.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\G8LSBB09.txt [ /lucidmedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\K4S2ABDR.txt [ /ads.undertone.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\1WYWVQ4N.txt [ /ox-d.enveromedia.com ]
C:\Users\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\U4GRL5ZO.txt [ /trafficengine.net ]
C:\USERS\YURIK\AppData\Roaming\Microsoft\Windows\Cookies\NX4NAL3V.txt [ Cookie:yurik@adsonar.com/adserving ]
C:\USERS\YURIK\Cookies\T6FAOO0Q.txt [ Cookie:yurik@burstbeacon.com/ ]
C:\USERS\YURIK\Cookies\FTDS7U2Z.txt [ Cookie:yurik@xm.xtendmedia.com/ ]
C:\USERS\YURIK\Cookies\2W4YKDNM.txt [ Cookie:yurik@tacoda.at.atwola.com/ ]
C:\USERS\YURIK\Cookies\E189C9SJ.txt [ Cookie:yurik@vidasco.rotator.hadj7.adjuggler.net/ ]
C:\USERS\YURIK\Cookies\43PTNCBV.txt [ Cookie:yurik@serving-sys.com/ ]
C:\USERS\YURIK\Cookies\UXAG9352.txt [ Cookie:yurik@adxpose.com/ ]
C:\USERS\YURIK\Cookies\CO57M5OZ.txt [ Cookie:yurik@bizzclick.com/ ]
C:\USERS\YURIK\Cookies\U283QDKC.txt [ Cookie:yurik@collective-media.net/ ]
C:\USERS\YURIK\Cookies\N51FYXTI.txt [ Cookie:yurik@ad.yieldmanager.com/ ]
C:\USERS\YURIK\Cookies\1FEGS9UX.txt [ Cookie:yurik@adup.rotator.hadj7.adjuggler.net/ ]
C:\USERS\YURIK\Cookies\B9TMNRMW.txt [ Cookie:yurik@mediaservices-d.openxenterprise.com/ ]
C:\USERS\YURIK\Cookies\WHMEI21L.txt [ Cookie:yurik@adserver.leanmarket.com/ ]
C:\USERS\YURIK\Cookies\YBHVYLGJ.txt [ Cookie:yurik@mm.chitika.net/ ]
C:\USERS\YURIK\Cookies\WIK4GPTQ.txt [ Cookie:yurik@yieldmanager.net/ ]
C:\USERS\YURIK\Cookies\DOI94HYE.txt [ Cookie:yurik@clicksor.com/ ]
C:\USERS\YURIK\Cookies\SCJEFETA.txt [ Cookie:yurik@revsci.net/ ]
C:\USERS\YURIK\Cookies\757X2900.txt [ Cookie:yurik@ads.gamersmedia.com/ ]
C:\USERS\YURIK\Cookies\2U207Z65.txt [ Cookie:yurik@miva.cinomedia.com/ ]
C:\USERS\YURIK\Cookies\DLL2I4SJ.txt [ Cookie:yurik@clickbooth.com/ ]
C:\USERS\YURIK\Cookies\NX4NAL3V.txt [ Cookie:yurik@adsonar.com/adserving ]
C:\USERS\YURIK\Cookies\NFMNCW4G.txt [ Cookie:yurik@chitika.net/ ]
C:\USERS\YURIK\Cookies\IBIO7L7N.txt [ Cookie:yurik@enhance.com/ ]
C:\USERS\YURIK\Cookies\32CK822N.txt [ Cookie:yurik@akamai.interclickproxy.com/ ]
C:\USERS\YURIK\Cookies\HQAY86IM.txt [ Cookie:yurik@urlstats--higherimages4--com.rtrk.com/ ]
C:\USERS\YURIK\Cookies\MKGT43DJ.txt [ Cookie:yurik@invitemedia.com/ ]
C:\USERS\YURIK\Cookies\3AM61YSG.txt [ Cookie:yurik@adinterax.com/ ]
C:\USERS\YURIK\Cookies\3JR3T6KV.txt [ Cookie:yurik@crackle.com/ ]
C:\USERS\YURIK\Cookies\HEN4QW52.txt [ Cookie:yurik@at.atwola.com/ ]
C:\USERS\YURIK\Cookies\E9P8VCGC.txt [ Cookie:yurik@a1.interclick.com/ ]
C:\USERS\YURIK\Cookies\WPXZRM91.txt [ Cookie:yurik@xml.trafficengine.net/ ]
C:\USERS\YURIK\Cookies\XA74MX6G.txt [ Cookie:yurik@specificclick.net/ ]
C:\USERS\YURIK\Cookies\RZPLP55U.txt [ Cookie:yurik@ghmedia.com/ ]
C:\USERS\YURIK\Cookies\8D3PLPGR.txt [ Cookie:yurik@legolas-media.com/ ]
C:\USERS\YURIK\Cookies\4ZI8F5XY.txt [ Cookie:yurik@media6degrees.com/ ]
C:\USERS\YURIK\Cookies\5DSNHLQ6.txt [ Cookie:yurik@web-traffic-analysis.net/ ]
C:\USERS\YURIK\Cookies\V5CASJT7.txt [ Cookie:yurik@filter.plusfind.net/ ]
C:\USERS\YURIK\Cookies\H42OYN12.txt [ Cookie:yurik@content.yieldmanager.com/ ]
C:\USERS\YURIK\Cookies\64A9Y0W8.txt [ Cookie:yurik@pro-market.net/ ]
C:\USERS\YURIK\Cookies\AE5JASHV.txt [ Cookie:yurik@imrworldwide.com/cgi-bin ]
C:\USERS\YURIK\Cookies\08U6THZ0.txt [ Cookie:yurik@interclick.com/ ]
C:\USERS\YURIK\Cookies\QBREOEB1.txt [ Cookie:yurik@adbrite.com/ ]
C:\USERS\YURIK\Cookies\1WYWVQ4N.txt [ Cookie:yurik@ox-d.enveromedia.com/ ]
C:\USERS\YURIK\Cookies\U4GRL5ZO.txt [ Cookie:yurik@trafficengine.net/ ]
.tns-counter.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adxpose.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.engine.goodadvert.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
b.dclick.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.paypal.112.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
count.rbc.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hotlog.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.network.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.247realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.directadvert.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
user.lucidmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.engine2.goodadvert.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adtechus.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pubads.g.doubleclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dealtime.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazonbebe.122.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xiti.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.alliancedata.122.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.overture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
wstat.wibiya.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.112.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.112.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fls.doubleclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fls.doubleclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.histats.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adv.otclick-adv.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.getclicky.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.static.getclicky.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hornymatches.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
in.getclicky.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.avgtechnologies.112.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yadro.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
[You must be registered and logged in to see this link.] [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
pointclicktrack.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.accountonline.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.drive.videoclick.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.eyewonder.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizrate.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizrate.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bizrate.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rutracker.org [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thefind.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thefind.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thefind.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thefind.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wnkocjd5obq.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wfliggc5wko.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.smilemedia.co.il [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjkyohc5gfo.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediabrandsww.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dominionenterprises.112.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tradedoubler.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.klerk.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wml4elc5ico.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.akamai.interclickproxy.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
network.realmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.r1-ads.ace.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.intermundomedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zag.122.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wckiehajmhp.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lfstmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wfmiepdjolo.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.sol.adbureau.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartadserver.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjmyaidzkap.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjnyaoazchp.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.spylog.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjmikkdzsgo.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wdk4kldzmgq.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.counter.inkfrog.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.counter.inkfrog.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6aekisiazcho.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wmkowocziao.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjmycjdpigp.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dealtime.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dealtime.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
stat.dealtime.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www1.dealtime.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wgmigodpefo.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.counter.inkfrog.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wmlogmajwdq.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjk4aodzkbo.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6aelyklcjogp.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjkoajajiaq.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ehg-verizon.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hitbox.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.e-2dj6wjloogdpidq.stats.esomniture.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.dmtracker.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.keygenguru.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.keygenguru.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracksguru.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracksguru.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.cracksguru.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.keygenguru.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.legolas-media.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syrian-cracker.blogspot.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.syrian-cracker.blogspot.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediafire.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pro-market.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
sales.liveperson.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.openstat.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.prd1.netshelter.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adinterax.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adviewclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.casalemedia.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media2.legacy.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.clickfuse.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.burstnet.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.rambler.ru [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\YURIK\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.insightexpressai.com [ C:\USERS\YURIK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7C9FG7T ]
core.insightexpressai.com [ C:\USERS\YURIK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7C9FG7T ]
counter.rambler.ru [ C:\USERS\YURIK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7C9FG7T ]
ia.media-imdb.com [ C:\USERS\YURIK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7C9FG7T ]
media3.break.com [ C:\USERS\YURIK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7C9FG7T ]
secure-us.imrworldwide.com [ C:\USERS\YURIK\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\Q7C9FG7T ]
.tns-counter.ru [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
b.dclick.ru [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.rambler.ru [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\YURIK\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\T7HHD2V6.DEFAULT\COOKIES.SQLITE ]

Trojan.Agent/Gen-Autorun[Swisyn]
C:\USERS\YURIK\DOWNLOADS\CRACK\KEYGEN.EXE
Here is the MBAM:
Malwarebytes' Anti-Malware 1.51.2.1300
[You must be registered and logged in to see this link.]

Database version: 8143

Windows 6.1.7600
Internet Explorer 8.0.7600.16385

11/11/2011 10:19:16 PM
mbam-log-2011-11-11 (22-19-16).txt

Scan type: Full scan (C:\|)
Objects scanned: 363565
Time elapsed: 2 hour(s), 49 minute(s), 3 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 1
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon\Shell (Backdoor.Agent) -> Value: Shell -> Delete on reboot.

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)


yurik36
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-11-11
OS OS : 7
Points Points : 18568
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan Generic

Post by Superdave on Sat Nov 12, 2011 7:06 pm

Your computer has keygens, which is a form of software piracy. What is so bad about Cracks, Hacks, Pirated software, warez, or Keygens?

Most popular cracks or keygens I see, are for Adobe CS3, a lot of different games, Nero, Kaspersky antivirus, and much more. All of these cracks and keygens have what is called "cloaked malware," which is a form of spyware or viruses or trojans that hide themselves inside the keygen or crack files. Most hacks for games that come in the form of a program or installer, will also be infected. It is the opportunity for attackers to present a seemingly safe situation where the opportunity to steal something is in play, while the malware infects your system in the process. Yes, it will install what you were looking for, but also allow malware to potentially take control of your computer.

Lastly, it is illegal. I will counsel you that we do not report such incidents. However, it is not good practice to pirate software.
********************************************************
I still need to see the DDS logs and I would also like to know what symptoms you are experiencing with your computer.
I am also required to give you this warning.


One or more of the identified infections is a backdoor trojan.

This allows hackers to remotely control your computer, steal critical system information and Download and Execute files

Read this article: Danger: [You must be registered and logged in to see this link.]

If your computer was used for online banking, has credit card information or other sensitive data on it, all passwords should be changed immediately to include those used for banking, email, eBay and forums. You should consider them to be compromised. They should be changed by using a different computer and not the infected one! If not, an attacker may get the new passwords and transaction information. Banking and credit card institutions should be notified of the possible security breach.

I would counsel you to disconnect this PC from the Internet immediately.

Though the Trojan has been identified and can be killed, because of it's backdoor functionality, your PC is very likely compromised and there is no way to be sure your computer can ever again be trusted. Many experts in the security community believe that once infected with this type of Trojan, the best course of action would be a reformat and reinstall of the OS. Please read these for more information:

[You must be registered and logged in to see this link.]

[You must be registered and logged in to see this link.]

We can attempt to clean this machine but i can't guarantee that it will be 100% secure afterwards.

Should you have any questions, please feel free to ask.

Please let us know what you have decided to do in your next post

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83181
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan Generic

Post by yurik36 on Wed Nov 16, 2011 2:30 am

Thanks for the help.Just reinstalled OS.

yurik36
Beginner
Beginner

Posts Posts : 4
Joined Joined : 2011-11-11
OS OS : 7
Points Points : 18568
# Likes # Likes : 0

View user profile

Back to top Go down

Re: Trojan Generic

Post by Superdave on Wed Nov 16, 2011 2:50 am

Well, that's too bad. I hope you didn't lose any data.

Superdave
Captain
Captain

Posts Posts : 4202
Joined Joined : 2010-02-01
Gender Gender : Male
OS OS : Windows 8.1 and a dual-boot with XP Home SP3
Protection Protection : MSE, Windows Defender, Windows firewall
Points Points : 83181
# Likes # Likes : 0

View user profile

Back to top Go down

View previous topic View next topic Back to top

- Similar topics

 
Permissions in this forum:
You cannot reply to topics in this forum