HitmanPro-20170131-0145.log

Document joint : GAExUPy5G1D_HitmanPro-20170131-0145.log

Cliquez pour partager vos propres fichiers

Format du document : application/octet-stream

Prévisualisation

[code]
HitmanPro 3.7.15.281
www.hitmanpro.com

Computer name . . . . : WIN7-PC
Windows . . . . . . . : 6.1.1.7601.X86/2
User name . . . . . . : win7-PC\win7
UAC . . . . . . . . . : Enabled
License . . . . . . . : Free

Scan date . . . . . . : 2017-01-31 01:41:25
Scan mode . . . . . . : Normal
Scan duration . . . . : 3m 11s
Disk access mode . . : Direct disk access (SRB)
Cloud . . . . . . . . : Internet
Reboot . . . . . . . : No

Threats . . . . . . . : 36
Traces . . . . . . . : 105

Objects scanned . . . : 715,465
Files scanned . . . . : 20,718
Remnants scanned . . : 179,543 files / 515,204 keys

Malware _____________________________________________________________________

C:\AdwCleaner\quarantine\files\cgghjzjzlsdzvmlosfuaocnbehjiirpp\uninstaller.exe
Size . . . . . . . : 373,760 bytes
Age . . . . . . . : 2.4 days (2017-01-28 17:09:58)
Entropy . . . . . : 5.1
SHA-256 . . . . . : C67D7653858894FEDD9032C23C847BCAD130FA89283DE2B371E391B7B2690B2B
Needs elevation . : Yes
Product
Publisher
Description . . . : uninstaller
Version . . . . . : 1.0.0.0
LanguageID . . . . : 0
> Bitdefender . . . : Trojan.GenericKD.4253147
Fuzzy . . . . . . : 105.0
Forensic Cluster
-0.1s C:\AdwCleaner\quarantine\files\cgghjzjzlsdzvmlosfuaocnbehjiirpp\
-0.1s C:\AdwCleaner\quarantine\files\cgghjzjzlsdzvmlosfuaocnbehjiirpp\pccleanplus.exe
-0.0s C:\AdwCleaner\quarantine\files\cgghjzjzlsdzvmlosfuaocnbehjiirpp\pccleanplus.exe.config
0.0s C:\AdwCleaner\quarantine\files\cgghjzjzlsdzvmlosfuaocnbehjiirpp\uninstaller.exe
0.0s C:\AdwCleaner\quarantine\files\cgghjzjzlsdzvmlosfuaocnbehjiirpp\uninstaller.exe.config
1.1s C:\AdwCleaner\quarantine\files\hnwnimyzekrfwlitnwqkhemmnqpcprco\
1.1s C:\AdwCleaner\quarantine\files\hnwnimyzekrfwlitnwqkhemmnqpcprco\dump\
1.1s C:\AdwCleaner\quarantine\files\hnwnimyzekrfwlitnwqkhemmnqpcprco\dump\BugReportConfig.ini
1.3s C:\AdwCleaner\quarantine\files\kedjtsuxpdneuqvapqhjsptkltjblfex\
1.3s C:\AdwCleaner\quarantine\files\kedjtsuxpdneuqvapqhjsptkltjblfex\QQLive\
1.3s C:\AdwCleaner\quarantine\files\kedjtsuxpdneuqvapqhjsptkltjblfex\QQLive\FailRecord.dat
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\cookies
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\cookies-journal
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Web Data
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Web Data-journal
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\data_0
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\data_1
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\data_2
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\data_3
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000001
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000002
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000003
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000004
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000005
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000006
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000007
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000008
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000009
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_00000a
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_00000b
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_00000c
1.6s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_00000d
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_00000e
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_00000f
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000010
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000011
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000012
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000013
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000014
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000015
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000016
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000017
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000018
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\f_000019
1.7s C:\AdwCleaner\quarantine\files\ghduuhawjldovjyinlmtzarzddruzozl\Cache\index
2.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\
2.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\cef.pak
2.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\cef_100_percent.pak
2.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\cef_200_percent.pak
2.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\cef_extensions.pak
2.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\d3dcompiler_43.dll
3.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\d3dcompiler_47.dll
3.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\debug.log
3.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\devtools_resources.pak
3.1s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\icudtl.dat
3.2s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\libcef.dll
3.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\libEGL.dll
3.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\libGLESv2.dll
3.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\natives_blob.bin
3.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\snapshot_blob.bin
3.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\version
3.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\wb_blob.bin
3.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\wintool.exe
3.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\WintoolUprI.exe
4.2s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\
4.2s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\am.pak
4.4s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ar.pak
4.5s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\bg.pak
4.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\bn.pak
4.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ca.pak
4.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\cs.pak
4.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\da.pak
4.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\de.pak
4.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\el.pak
4.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\en-GB.pak
4.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\en-US.pak
4.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\es-419.pak
5.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\es.pak
5.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\et.pak
5.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\fa.pak
5.1s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\fi.pak
5.2s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\fil.pak
5.3s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\fr.pak
5.4s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\gu.pak
5.5s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\he.pak
5.5s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\hi.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\hr.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\hu.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\id.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\it.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ja.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\kn.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ko.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\lt.pak
5.6s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\lv.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ml.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\mr.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ms.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\nb.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\nl.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\pl.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\pt-BR.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\pt-PT.pak
5.7s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ro.pak
5.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ru.pak
5.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\sk.pak
5.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\sl.pak
5.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\sr.pak
5.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\sv.pak
5.8s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\sw.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\ta.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\te.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\th.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\tr.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\uk.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\vi.pak
5.9s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\zh-CN.pak
6.0s C:\AdwCleaner\quarantine\files\revuzikgkkehlvxgjozazuzlsquitllv\locales\zh-TW.pak
7.7s C:\AdwCleaner\quarantine\files\olpmpvenxoqjbmraxkyvkgtdihmybwbi\
7.7s C:\AdwCleaner\quarantine\files\olpmpvenxoqjbmraxkyvkgtdihmybwbi\MIO.exe
7.7s C:\AdwCleaner\quarantine\files\olpmpvenxoqjbmraxkyvkgtdihmybwbi\loader\
7.7s C:\AdwCleaner\quarantine\files\olpmpvenxoqjbmraxkyvkgtdihmybwbi\mktg.dat
7.9s C:\AdwCleaner\quarantine\files\zykzkuxxhepnjjqxcytcwbzgkbzvxjih.back
8.0s C:\AdwCleaner\quarantine\files\ciuntnusbrdreybqxctnjlxjiifobqfk.back
8.4s C:\AdwCleaner\quarantine\files\ishksjfhuvnhxehiurpvggszzytcchck.back
8.6s C:\AdwCleaner\quarantine\files\jbemcutgdujosvznoahjhnhspmgztgbs.back
8.8s C:\AdwCleaner\quarantine\files\akkkusgwvolaujvjyxmciwmobpdwycyn.back
8.9s C:\AdwCleaner\quarantine\files\dquqpvvlnsesfynqrywywifcaqvxtovc.back
9.0s C:\AdwCleaner\quarantine\files\uzwusfkdkkwdvbxaehilkiulbizkyugm.back
9.2s C:\AdwCleaner\quarantine\files\yfhnldjasbjxtdumlewjgwugzeoevyyt.back
9.3s C:\AdwCleaner\quarantine\files\tfidugkazjdmdgrakumjevskwvdjravi.back
9.5s C:\AdwCleaner\quarantine\files\tmqnrlgicvvpvurhipbpkhefxijqqzjj.back
9.6s C:\AdwCleaner\quarantine\files\wzigsbtzsvrcjlvburebualvwdfhhegv.back
9.7s C:\AdwCleaner\quarantine\files\rshktoomuqgqnaooyoyfnndlwmbifdfv.back
9.9s C:\AdwCleaner\quarantine\files\yrwtbablnkqehocxslbnotwkdzkonarl.back
10.0s C:\AdwCleaner\quarantine\files\ehzkbmkcikahvbexrluxkealzwdzsgnn.back
10.3s C:\AdwCleaner\quarantine\files\oafjmkfsxrhzolhykcpektcxpznrydjm.back
10.7s C:\AdwCleaner\quarantine\files\nrnzjkxtahigaghnzkawqwrruirxmncz.back
10.9s C:\AdwCleaner\quarantine\files\kgptuxidjjubhecnwuhcntpgdpcqnxxa.back
11.1s C:\AdwCleaner\quarantine\files\adtkufwxjxhjodhvvpldtydpupqxgjbd.back
11.4s C:\AdwCleaner\quarantine\files\jmpqazfhnihpeessmwhieahkdnpfdehe.back
11.5s C:\AdwCleaner\quarantine\files\qvxkefjzdemunvxcgughoobyoyrpwkjb.back
11.8s C:\AdwCleaner\quarantine\files\egqyhjrcrxxrcbpuvfhoklgwxuoxmxrg.back
11.9s C:\AdwCleaner\quarantine\files\fidrbalrvdacsdrveuemwmrbmhzofwgb.back
12.1s C:\AdwCleaner\quarantine\files\yejejxposkbwoizleajxqbayyrbqvkhf.back
12.4s C:\AdwCleaner\quarantine\files\vrnzmlzburkehwwurtevpsldpnjojjvv.back
12.6s C:\AdwCleaner\quarantine\files\bxisyydlifokqduzryvanwaovegqanwl.back

C:\AdwCleaner\quarantine\files\darqsxkxlgmzqevtrfzgsepizsewykxj\uninstall.exe
Size . . . . . . . : 358,912 bytes
Age . . . . . . . : 2.4 days (2017-01-28 17:09:50)
Entropy . . . . . : 6.4
SHA-256 . . . . . : 84AB913D949C3F372E13DB627B5A7D998478B0B8A1FC961249FC2EF1543A419B
> Bitdefender . . . : Gen:Variant.Zusy.208899
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ConvertAd.gen
Fuzzy . . . . . . : 108.0

C:\AdwCleaner\quarantine\files\fazqqjsqyhklflzedoalysaygpguoccd\Uninstall.exe
Size . . . . . . . : 51,270 bytes
Age . . . . . . . : 0.1 days (2017-01-30 22:46:59)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 530877A2D25A38ECC060959675BF69F986C1DE39E0BB245B0FCA2989947C5E92
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ConvertAd.heur
Fuzzy . . . . . . : 112.0
Forensic Cluster
-3.9s C:\AdwCleaner\quarantine\registry\reg_wjbhtzyeoprbrngpjhfhhfycnnoomlvf.reg
-3.5s C:\AdwCleaner\quarantine\registry\reg_srboohqtsrgrzsidezrtdbhuhpplqglg.reg
-3.3s C:\AdwCleaner\quarantine\registry\reg_vpqtodsqvxkwrvjcyvqrhfhmpkkahzvm.reg
-2.1s C:\AdwCleaner\quarantine\registry\reg_oewuasxmgnxxqonrluhpooiahomurrcl.reg
-1.9s C:\AdwCleaner\quarantine\registry\reg_buasrbxkoczhwootyrvmsibsphoiuvnq.reg
-1.6s C:\AdwCleaner\quarantine\registry\reg_ilkxespeekiazqmmmcqwpmopozzcndlc.reg
-0.1s C:\AdwCleaner\quarantine\files\fazqqjsqyhklflzedoalysaygpguoccd\
-0.1s C:\AdwCleaner\quarantine\files\fazqqjsqyhklflzedoalysaygpguoccd\qnswC978.tmp
0.0s C:\AdwCleaner\quarantine\files\fazqqjsqyhklflzedoalysaygpguoccd\Uninstall.exe

C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
Size . . . . . . . : 266,752 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:03:27)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 0608342B9A7732D058BB64E333A523B3F494E2E63E3CE89A1BFDBB8ADDA0638E
Product . . . . . : W
Publisher . . . . : .
Description . . . : agent
Version . . . . . : 2.6.8.5559
Copyright . . . . : Copyright (C) 2015
LanguageID . . . . : 1033
> Bitdefender . . . : Gen:Variant.Razy.103352
Fuzzy . . . . . . : 103.0
Forensic Cluster
-0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
0.3s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
0.4s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
0.6s C:\AdwCleaner\quarantine\files\rtpidiyiobpucbhhrhqkivxejslhxqcf.back
0.8s C:\AdwCleaner\quarantine\files\jjvsitmykxfcemrtwhcxiwjztrjuzkdz.back
1.0s C:\AdwCleaner\quarantine\files\axlvpdvnggqanoagsoghwjeospxtaens.back
2.8s C:\AdwCleaner\quarantine\registry\reg_piejfppdzmrzfgjfhnynygnxybxynaqp.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_bfrvqroertlbfvkenzkwgzkvuruzltai.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_nmivjwetekpcifwrfdeusgndsfxugqbo.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_ldaloqyoyytlvrmhfexruavwgtucnmkx.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_ovylfscsjgvzqhngojvshwlmxvuflkiz.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_cvdpukjlwkwgetlddlwfeujaojqoglrf.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_lqtbqbecxmhexpqnwwvdehrudjwkuohq.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_wqieulhwhrnsrlxteahwymvanjqwppxo.reg
6.3s C:\AdwCleaner\AdwCleaner[C6].txt

C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
Size . . . . . . . : 1,661,440 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:03:27)
Entropy . . . . . : 6.7
SHA-256 . . . . . : CEB858BE50EB63DE2167BF0421529F6A814D60C728230D3E44DB5AFE9A5AFC11
Product . . . . . : SBWatchman
Publisher . . . . : Search Module Ltd.
Description . . . : Search Module Update Service
Version . . . . . : 2.6.8.5559
Copyright . . . . : Copyright (C) 2014
LanguageID . . . . : 1033
> Bitdefender . . . : Adware.Generic.1739143
Fuzzy . . . . . . : 102.0
Forensic Cluster
-0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\
-0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\
-0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
0.1s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
0.1s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
0.3s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
0.4s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
0.6s C:\AdwCleaner\quarantine\files\rtpidiyiobpucbhhrhqkivxejslhxqcf.back
0.8s C:\AdwCleaner\quarantine\files\jjvsitmykxfcemrtwhcxiwjztrjuzkdz.back
0.9s C:\AdwCleaner\quarantine\files\axlvpdvnggqanoagsoghwjeospxtaens.back
2.8s C:\AdwCleaner\quarantine\registry\reg_piejfppdzmrzfgjfhnynygnxybxynaqp.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_bfrvqroertlbfvkenzkwgzkvuruzltai.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_nmivjwetekpcifwrfdeusgndsfxugqbo.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_ldaloqyoyytlvrmhfexruavwgtucnmkx.reg
3.6s C:\AdwCleaner\quarantine\registry\reg_ovylfscsjgvzqhngojvshwlmxvuflkiz.reg
3.8s C:\AdwCleaner\quarantine\registry\reg_cvdpukjlwkwgetlddlwfeujaojqoglrf.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_lqtbqbecxmhexpqnwwvdehrudjwkuohq.reg
4.3s C:\AdwCleaner\quarantine\registry\reg_wqieulhwhrnsrlxteahwymvanjqwppxo.reg
6.3s C:\AdwCleaner\AdwCleaner[C6].txt

C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
Size . . . . . . . : 588,288 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:03:27)
Entropy . . . . . : 6.6
SHA-256 . . . . . : C81E51071DC5EA689455203AAD1A3342A53D6C0A4969611D6F9EAC8F8ADA3846
> Bitdefender . . . : Gen:Variant.Razy.102210
> Kaspersky . . . . : not-a-virus:AdWare.Win32.Agent.xxdehp
Fuzzy . . . . . . : 108.0
Forensic Cluster
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
-0.1s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
0.5s C:\AdwCleaner\quarantine\files\rtpidiyiobpucbhhrhqkivxejslhxqcf.back
0.6s C:\AdwCleaner\quarantine\files\jjvsitmykxfcemrtwhcxiwjztrjuzkdz.back
0.8s C:\AdwCleaner\quarantine\files\axlvpdvnggqanoagsoghwjeospxtaens.back
2.7s C:\AdwCleaner\quarantine\registry\reg_piejfppdzmrzfgjfhnynygnxybxynaqp.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_bfrvqroertlbfvkenzkwgzkvuruzltai.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_nmivjwetekpcifwrfdeusgndsfxugqbo.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_ldaloqyoyytlvrmhfexruavwgtucnmkx.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_ovylfscsjgvzqhngojvshwlmxvuflkiz.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_cvdpukjlwkwgetlddlwfeujaojqoglrf.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_lqtbqbecxmhexpqnwwvdehrudjwkuohq.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_wqieulhwhrnsrlxteahwymvanjqwppxo.reg
6.1s C:\AdwCleaner\AdwCleaner[C6].txt

C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
Size . . . . . . . : 2,043,904 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:03:27)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 31DF63A4524ECC6C114C96855A5158E1634FB5E8FB28E0558CA9937574CC54BD
Product . . . . . : W
Publisher . . . . : Search Module Ltd.
Description . . . : Search Module Update Service
Version . . . . . : 2.6.8.5559
Copyright . . . . : Copyright (C) 2014
LanguageID . . . . : 1033
> Bitdefender . . . : Gen:Variant.Midie.34765
Fuzzy . . . . . . : 102.0
Forensic Cluster
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
-0.1s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
0.5s C:\AdwCleaner\quarantine\files\rtpidiyiobpucbhhrhqkivxejslhxqcf.back
0.6s C:\AdwCleaner\quarantine\files\jjvsitmykxfcemrtwhcxiwjztrjuzkdz.back
0.8s C:\AdwCleaner\quarantine\files\axlvpdvnggqanoagsoghwjeospxtaens.back
2.7s C:\AdwCleaner\quarantine\registry\reg_piejfppdzmrzfgjfhnynygnxybxynaqp.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_bfrvqroertlbfvkenzkwgzkvuruzltai.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_nmivjwetekpcifwrfdeusgndsfxugqbo.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_ldaloqyoyytlvrmhfexruavwgtucnmkx.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_ovylfscsjgvzqhngojvshwlmxvuflkiz.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_cvdpukjlwkwgetlddlwfeujaojqoglrf.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_lqtbqbecxmhexpqnwwvdehrudjwkuohq.reg
4.1s C:\AdwCleaner\quarantine\registry\reg_wqieulhwhrnsrlxteahwymvanjqwppxo.reg
6.1s C:\AdwCleaner\AdwCleaner[C6].txt

C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
Size . . . . . . . : 383,488 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:03:27)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 5F88694F112602AC431CBC6D1758E09BD600F45C25BC1B7A43A79379160D82A2
> Bitdefender . . . : Gen:Variant.Strictor.108635
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.Generic
Fuzzy . . . . . . : 108.0
Forensic Cluster
-0.3s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\
-0.3s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\
-0.3s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
-0.3s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
0.1s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
0.3s C:\AdwCleaner\quarantine\files\rtpidiyiobpucbhhrhqkivxejslhxqcf.back
0.5s C:\AdwCleaner\quarantine\files\jjvsitmykxfcemrtwhcxiwjztrjuzkdz.back
0.6s C:\AdwCleaner\quarantine\files\axlvpdvnggqanoagsoghwjeospxtaens.back
2.5s C:\AdwCleaner\quarantine\registry\reg_piejfppdzmrzfgjfhnynygnxybxynaqp.reg
2.7s C:\AdwCleaner\quarantine\registry\reg_bfrvqroertlbfvkenzkwgzkvuruzltai.reg
2.9s C:\AdwCleaner\quarantine\registry\reg_nmivjwetekpcifwrfdeusgndsfxugqbo.reg
3.1s C:\AdwCleaner\quarantine\registry\reg_ldaloqyoyytlvrmhfexruavwgtucnmkx.reg
3.3s C:\AdwCleaner\quarantine\registry\reg_ovylfscsjgvzqhngojvshwlmxvuflkiz.reg
3.5s C:\AdwCleaner\quarantine\registry\reg_cvdpukjlwkwgetlddlwfeujaojqoglrf.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_lqtbqbecxmhexpqnwwvdehrudjwkuohq.reg
4.0s C:\AdwCleaner\quarantine\registry\reg_wqieulhwhrnsrlxteahwymvanjqwppxo.reg
6.0s C:\AdwCleaner\AdwCleaner[C6].txt

C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
Size . . . . . . . : 25,600 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:03:27)
Entropy . . . . . : 6.1
SHA-256 . . . . . : A811D3E949E8F89A967C540103EA4CF83A5249A0673BC18EE52FDD83A2C60812
> Bitdefender . . . : Gen:Variant.Zusy.208792
Fuzzy . . . . . . : 108.0
Forensic Cluster
-0.4s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\
-0.4s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\
-0.4s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\sma.exe
-0.4s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smci32.dll
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smi32.exe
-0.2s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smu.exe
-0.1s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\SMUninstall.exe
0.0s C:\AdwCleaner\quarantine\files\iagffyxvrqtoquzvfcdunlnffpkdsgzg\GNUpdate\smw.sys
0.2s C:\AdwCleaner\quarantine\files\rtpidiyiobpucbhhrhqkivxejslhxqcf.back
0.4s C:\AdwCleaner\quarantine\files\jjvsitmykxfcemrtwhcxiwjztrjuzkdz.back
0.6s C:\AdwCleaner\quarantine\files\axlvpdvnggqanoagsoghwjeospxtaens.back
2.4s C:\AdwCleaner\quarantine\registry\reg_piejfppdzmrzfgjfhnynygnxybxynaqp.reg
2.6s C:\AdwCleaner\quarantine\registry\reg_bfrvqroertlbfvkenzkwgzkvuruzltai.reg
2.8s C:\AdwCleaner\quarantine\registry\reg_nmivjwetekpcifwrfdeusgndsfxugqbo.reg
3.0s C:\AdwCleaner\quarantine\registry\reg_ldaloqyoyytlvrmhfexruavwgtucnmkx.reg
3.2s C:\AdwCleaner\quarantine\registry\reg_ovylfscsjgvzqhngojvshwlmxvuflkiz.reg
3.4s C:\AdwCleaner\quarantine\registry\reg_cvdpukjlwkwgetlddlwfeujaojqoglrf.reg
3.7s C:\AdwCleaner\quarantine\registry\reg_lqtbqbecxmhexpqnwwvdehrudjwkuohq.reg
3.9s C:\AdwCleaner\quarantine\registry\reg_wqieulhwhrnsrlxteahwymvanjqwppxo.reg
5.9s C:\AdwCleaner\AdwCleaner[C6].txt

C:\AdwCleaner\quarantine\files\mpdvwqcneenbhooeyvtkadqicvscadnw\Uninstall.exe
Size . . . . . . . : 51,270 bytes
Age . . . . . . . : 0.3 days (2017-01-30 19:02:19)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 530877A2D25A38ECC060959675BF69F986C1DE39E0BB245B0FCA2989947C5E92
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ConvertAd.heur
Fuzzy . . . . . . : 112.0
Forensic Cluster
-4.4s C:\AdwCleaner\quarantine\registry\reg_rwspbfaorbgjnfsfrdkomzojuqzwmxqb.reg
-4.1s C:\AdwCleaner\quarantine\registry\reg_sjnfymwppyewcnmlvzbrzzimymapdwpn.reg
-3.9s C:\AdwCleaner\quarantine\registry\reg_ryyavtlkxqtkitipacwvyndmadkxyqkh.reg
-2.9s C:\AdwCleaner\quarantine\registry\reg_bpuypgfsqdsaxefigchxqbrapsbcpwof.reg
-2.7s C:\AdwCleaner\quarantine\registry\reg_pepjlggrimcucaasuyveaxpjbddafdkv.reg
-2.5s C:\AdwCleaner\quarantine\registry\reg_trbovmgrjsvsusktotxwqbujsezjonzi.reg
-0.0s C:\AdwCleaner\quarantine\files\mpdvwqcneenbhooeyvtkadqicvscadnw\
-0.0s C:\AdwCleaner\quarantine\files\mpdvwqcneenbhooeyvtkadqicvscadnw\qnsbCC19.tmp
0.0s C:\AdwCleaner\quarantine\files\mpdvwqcneenbhooeyvtkadqicvscadnw\Uninstall.exe
3.5s C:\AdwCleaner\quarantine\files\plnrkadegbhfndgjwwhsojkckkaazldv\
3.5s C:\AdwCleaner\quarantine\files\plnrkadegbhfndgjwwhsojkckkaazldv\smhe.js

C:\AdwCleaner\quarantine\files\zlvdumdshxehnbgtddmoglbhtrajcdjo\Uninstall.exe
Size . . . . . . . : 51,270 bytes
Age . . . . . . . : 2.4 days (2017-01-28 17:08:19)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 530877A2D25A38ECC060959675BF69F986C1DE39E0BB245B0FCA2989947C5E92
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ConvertAd.heur
Fuzzy . . . . . . : 112.0
Forensic Cluster
-5.3s C:\AdwCleaner\quarantine\registry\reg_hemaysagihluiiaxtroztmqllwmeokzm.reg
-4.9s C:\AdwCleaner\quarantine\registry\reg_tqsspfsjjyucmawjaqjdnirrnfbrfhiz.reg
-4.6s C:\AdwCleaner\quarantine\registry\reg_lehmnzfdvwhuswhgdkrxzqgmtcksqkby.reg
-3.7s C:\AdwCleaner\quarantine\registry\reg_srppupdijwllgxcaqrkqprsqxbdyqljy.reg
-3.3s C:\AdwCleaner\quarantine\registry\reg_oepncvfiwufgunntcnymtogifeuwlpub.reg
-3.1s C:\AdwCleaner\quarantine\registry\reg_ymttbymryfpuewzrxdhvndqkprrvsgwh.reg
-0.6s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\
-0.6s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\LICENSE.txt
-0.6s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\openweb.bat
-0.6s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\SnareWindowsInstallSupport.dll
-0.5s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\stopweb.bat
-0.5s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\s_32.ico
-0.5s C:\AdwCleaner\quarantine\files\fennmviphjltsyqgcslmknovztvuqxfw\WinSnare.dll
0.0s C:\AdwCleaner\quarantine\files\zlvdumdshxehnbgtddmoglbhtrajcdjo\
0.0s C:\AdwCleaner\quarantine\files\zlvdumdshxehnbgtddmoglbhtrajcdjo\qnsgBDD4.tmp
0.0s C:\AdwCleaner\quarantine\files\zlvdumdshxehnbgtddmoglbhtrajcdjo\Uninstall.exe
0.3s C:\AdwCleaner\quarantine\files\ngemzdgcsvaztpifelhclamoefoetrls\
0.3s C:\AdwCleaner\quarantine\files\ngemzdgcsvaztpifelhclamoefoetrls\dump\
0.3s C:\AdwCleaner\quarantine\files\ngemzdgcsvaztpifelhclamoefoetrls\dump\BugReportConfig.ini
3.2s C:\AdwCleaner\quarantine\files\tkktcucomrlgyrvknaqanqphozqtjjtd\
3.2s C:\AdwCleaner\quarantine\files\tkktcucomrlgyrvknaqanqphozqtjjtd\WinSnare.dll
3.2s C:\AdwCleaner\quarantine\files\tkktcucomrlgyrvknaqanqphozqtjjtd\WinSnare64.dll
3.4s C:\AdwCleaner\quarantine\files\iftzxgqlqnjqamiasmghytzivrezxhvk\
3.4s C:\AdwCleaner\quarantine\files\iftzxgqlqnjqamiasmghytzivrezxhvk\UCOmÈhV.lnk
3.4s C:\AdwCleaner\quarantine\files\iftzxgqlqnjqamiasmghytzivrezxhvk\xS}UCOmÈhV.lnk
3.6s C:\AdwCleaner\quarantine\files\pjtcsrrupofmqrokjmbidnwfohcajbkw\
3.6s C:\AdwCleaner\quarantine\files\pjtcsrrupofmqrokjmbidnwfohcajbkw\ff.HP
3.6s C:\AdwCleaner\quarantine\files\pjtcsrrupofmqrokjmbidnwfohcajbkw\ff.NT
3.6s C:\AdwCleaner\quarantine\files\pjtcsrrupofmqrokjmbidnwfohcajbkw\snp.sc
3.7s C:\AdwCleaner\quarantine\files\zcxusxpspwvxppgzzlmvzhcvmoxepsio\
3.7s C:\AdwCleaner\quarantine\files\zcxusxpspwvxppgzzlmvzhcvmoxepsio\Common\I18N\
3.7s C:\AdwCleaner\quarantine\files\zcxusxpspwvxppgzzlmvzhcvmoxepsio\Common\I18N\conf.db
3.7s C:\AdwCleaner\quarantine\files\zcxusxpspwvxppgzzlmvzhcvmoxepsio\Common\
4.7s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\calendar.exe
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\CalendarEntry.dll
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\CalendarServ.exe
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\CrashReport.exe
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\CrashReportModuleConf.ini
4.8s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\CrashUL.exe
4.9s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPConfig.ini
4.9s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPDR.dll
5.0s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPHelp.dll
5.0s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPKernel.dll
5.1s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPNet.dll
5.1s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPTask.dll
5.1s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\InstallHelper.exe
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Report.exe
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config-3\
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config-3\Config.json
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config-3\Festival.json
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config-3\Language.json
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config7\
5.2s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config7\Config.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config7\Festival.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config7\Festival_special.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config7\Language.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config8\
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config8\Config.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config8\Festival.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config8\Language.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config9\
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config9\Config.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config9\Festival.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\DefaultConfig\
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\DefaultConfig\Config.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\DefaultConfig\Festival.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\DefaultConfig\Language.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\Config9\Language.json
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\EVPData\
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\bg_aero.png
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\skin.xml
5.3s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\bg_aero1.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\bg_classsic.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\bg_main.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\bg_menu.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\bg_modern.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_checkbox_hover.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_checkbox_normal.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_checkbox_selected.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_checkbox_unselect.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_left_hover.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_left_normal.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_left_pressed.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_mode_hover.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_mode_normal.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_mode_pressed.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_radio_hover.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_radio_normal.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_radio_selected.png
5.4s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_right_hover.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_right_normal.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_right_pressed.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_scroll_disabled.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_scroll_hover.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_scroll_normal.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_scroll_pressed.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_switchdown_hover.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_switchdown_normal.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_switchdown_pressed.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_switchup_hover.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_switchup_normal.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_switchup_pressed.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_today_hover.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_today_normal.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\btn_today_pressed.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_clover_color.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_clover_grey.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_clover_half.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_heart_color.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_heart_grey.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_heart_half.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_money_color.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_money_grey.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_money_half.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_pen_color.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_pen_grey.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\icn_pen_half.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\img_arrow_down.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\img_arrow_up.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\main_bg_bottom.png
5.5s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\main_bg_frame.png
5.6s C:\AdwCleaner\quarantine\files\irfmxyfgdokafccjszykqvyepcoaumrz\2.0.0.1000121\skin\images\scroll.bmp

C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\kns4C9B.tmp
Size . . . . . . . : 439,296 bytes
Age . . . . . . . : 0.0 days (2017-01-31 00:50:35)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 934A72D4495F5B30A80235CBB26C629853781D1DA07B308549382830548CC78B
Service . . . . . : goryzufe
Parent Name . . . : C:\Windows\system32\services.exe
Running processes : 148
> Bitdefender . . . : Gen:Variant.Adware.ConvertAd.1268
Fuzzy . . . . . . : 128.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\goryzufe\
Forensic Cluster
-2.2s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro4403.tmp
-0.1s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HN902SR9\RKFqof[1].exe
0.0s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\kns4C9B.tmp
1.8s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\0LCEnWBn[1].exe
7.0s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\dl[1]

C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro4403.tmp
Size . . . . . . . : 230,400 bytes
Age . . . . . . . : 0.0 days (2017-01-31 00:50:33)
Entropy . . . . . : 6.5
SHA-256 . . . . . : D9CF1C7250AB9C68A818F051DD487C4BF29BEC2B8AEBFC47EC0A4023AA0EF5B7
> Bitdefender . . . : Gen:Variant.Zusy.217410
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ConvertAd.bxsv
Fuzzy . . . . . . : 110.0
Forensic Cluster
0.0s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro4403.tmp
2.1s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HN902SR9\RKFqof[1].exe
2.2s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\kns4C9B.tmp
4.0s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\0LCEnWBn[1].exe
9.2s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\dl[1]

C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro48A5.tmp
Size . . . . . . . : 230,400 bytes
Age . . . . . . . : 0.3 days (2017-01-30 17:37:43)
Entropy . . . . . : 6.5
SHA-256 . . . . . : D9CF1C7250AB9C68A818F051DD487C4BF29BEC2B8AEBFC47EC0A4023AA0EF5B7
> Bitdefender . . . : Gen:Variant.Zusy.217410
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ConvertAd.bxsv
Fuzzy . . . . . . : 110.0

C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro5DDA.tmp
Size . . . . . . . : 230,400 bytes
Age . . . . . . . : 3.0 days (2017-01-28 01:02:31)
Entropy . . . . . : 6.5
SHA-256 . . . . . : D9CF1C7250AB9C68A818F051DD487C4BF29BEC2B8AEBFC47EC0A4023AA0EF5B7
> Bitdefender . . . : Gen:Variant.Zusy.217410
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ConvertAd.bxsv
Fuzzy . . . . . . : 110.0

C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\protbb26c896-d52e-4141-8a09-5d25b9ca27df.tmpfs
Size . . . . . . . : 230,400 bytes
Age . . . . . . . : 3.1 days (2017-01-27 22:31:11)
Entropy . . . . . : 6.5
SHA-256 . . . . . : D9CF1C7250AB9C68A818F051DD487C4BF29BEC2B8AEBFC47EC0A4023AA0EF5B7
Service . . . . . : gemeloki
Parent Name . . . : C:\Windows\system32\services.exe
Running processes : 2020
> Bitdefender . . . : Gen:Variant.Zusy.217410
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ConvertAd.bxsv
Fuzzy . . . . . . : 128.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\gemeloki\
Forensic Cluster
-17.7s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\
-17.7s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\ContentPush.exe
-17.7s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\Uninstall.exe
0.0s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\protbb26c896-d52e-4141-8a09-5d25b9ca27df.tmpfs

C:\Program Files\Elex-tech\YAC\curlpp.dll
Size . . . . . . . : 582,144 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 6.1
SHA-256 . . . . . : 40B2BF6E50080B681BCEA957B537001BE8D988C9431A3167C9840A050E54A8A9
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : libcurl wrapper
Version . . . . . : 0.7.3.0
LanguageID . . . . : 1033
> Kaspersky . . . . : not-a-virus:HEUR:Downloader.Win32.Elex.gen
Fuzzy . . . . . . : 108.0

C:\Program Files\Elex-tech\YAC\iSafeKrnl.sys
Size . . . . . . . : 227,776 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 5.5
SHA-256 . . . . . : 5F8A914B7CA5AA954BE43A893BBEF1B166D6FA22FD6D6C0355AC7911CDBFBFD9
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafe Kernel Driver
Version . . . . . : 6.10.449.30619
Copyright . . . . : Copyright (c) 2011-2016 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
Service . . . . . : iSafeKrnl
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ELEX.afy
Fuzzy . . . . . . : 90.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnl\

C:\Program Files\Elex-tech\YAC\iSafeKrnlBoot.sys
Size . . . . . . . : 50,280 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 6.2
SHA-256 . . . . . : 5CA7F0433D9F85DEC6699A7E2B163B99AFC78569DE23114BFCF41E08B47D3968
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafe Kernel Boot Driver
Version . . . . . : 6.10.449.30619
Copyright . . . . : Copyright (c) 2011-2016 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ELEX.yj
Fuzzy . . . . . . : 93.0

C:\Program Files\Elex-tech\YAC\iSafeKrnlKit.sys
Size . . . . . . . : 97,912 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 6.3
SHA-256 . . . . . : C154B524F7ED7893A2F99A6C9459CBD2F1A83BCBC99F0171F8043908B861449A
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafe Kernel Kit Driver
Version . . . . . : 6.10.449.30619
Copyright . . . . : Copyright (c) 2011-2016 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
Service . . . . . : iSafeKrnlKit
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:NetTool.Win32.NetFilter.p
Fuzzy . . . . . . : 90.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlKit\

C:\Program Files\Elex-tech\YAC\iSafeKrnlMon.sys
Size . . . . . . . : 45,032 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 6.4
SHA-256 . . . . . : 57A300DE25CD77A915D1E0A5499A6F14AD4CE5BFC5E97ABE8FC0D1AD568175B8
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : YAC Monitor Driver
Version . . . . . : 6.10.449.30619
Copyright . . . . : Copyright (c) 2011-2016 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
Service . . . . . : iSafeKrnlMon
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Bitdefender . . . : Application.iSafeKrnlMon.A
> Kaspersky . . . . : not-a-virus:NetTool.Win32.NetFilter.o
Fuzzy . . . . . . : 90.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlMon\

C:\Program Files\Elex-tech\YAC\iSafeKrnlR3.sys
Size . . . . . . . : 73,232 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 6.4
SHA-256 . . . . . : CDA114B8EA726E2440F554D49EBFD1482006DAF1611ACD1742FA9AB310290908
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafe Kernel Ring3 Driver
Version . . . . . : 6.10.449.30619
Copyright . . . . : Copyright (c) 2011-2016 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
Service . . . . . : iSafeKrnlR3
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ELEX.gen
Fuzzy . . . . . . : 90.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\iSafeKrnlR3\

C:\Program Files\Elex-tech\YAC\iSafeNetFilter.sys
Size . . . . . . . : 59,152 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 6.8
SHA-256 . . . . . : A26BC278DFD2A0AB88B1C6BA5BD71C549ECD2BD946692E476CEE42E8BCEE9F49
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafeNetFilter SDK WFP Driver (WPP)
Version . . . . . : 1.4.7.3
Copyright . . . . : Copyright (c) 2011-2013 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ELEX.gen
Fuzzy . . . . . . : 93.0

C:\Program Files\Elex-tech\YAC\iSafeSvc.exe
Size . . . . . . . : 131,024 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:18:10)
Entropy . . . . . : 5.6
SHA-256 . . . . . : 564A56CAF1D1CCCF8C4604DFB9014C8349E343033FD9B49336A9110434D7FB98
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafeSvc
Version . . . . . : 6,11,109,30775
Copyright . . . . : Copyright (c) 2011-2016 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
Service . . . . . : iSafeService
Parent Name . . . : C:\Windows\system32\services.exe
LanguageID . . . . : 1033
Authenticode . . . : Valid
Running processes : 868
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ELEX.gen
Fuzzy . . . . . . : 92.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\iSafeService\

C:\Program Files\iWebcam\InternetDownloadManageriWebcam.dll
Size . . . . . . . : 224,768 bytes
Age . . . . . . . : 18.4 days (2017-01-12 16:42:48)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 15EE18CABC9E98D1E5B647BF65C275C2C0F4154EDA8F6A8469736C54B3030C16
> Bitdefender . . . : Gen:Variant.Zusy.212856
> Kaspersky . . . . : Trojan.Win32.Agentb.ihvs
Fuzzy . . . . . . : 118.0

C:\Program Files\Qiaseferdusp Engine\local32spl.dll
Size . . . . . . . : 275,968 bytes
Age . . . . . . . : 18.4 days (2017-01-12 16:42:03)
Entropy . . . . . : 6.6
SHA-256 . . . . . : C7E719167D61C4A2933739124FAFDB4924F45E1D691846D8822FAA72C415F69C
> Bitdefender . . . : Gen:Variant.Symmi.69392
Fuzzy . . . . . . : 118.0

C:\Program Files\Weloied\Drjcache.dll
Size . . . . . . . : 179,200 bytes
Age . . . . . . . : 18.4 days (2017-01-12 16:41:17)
Entropy . . . . . : 6.6
SHA-256 . . . . . : A34BB612E464256C8AA4350419B223411ED4742930400FBB1677325DA704FA62
Service . . . . . : Qibely
> Bitdefender . . . : Gen:Variant.Graftor.317688
Fuzzy . . . . . . : 106.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\Qibely\

C:\ProgramData\Microsoft\IdentityCRL\ppcrlconf.dll
Size . . . . . . . : 443,392 bytes
Age . . . . . . . : 11.5 days (2017-01-19 14:24:53)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 194E9BCCB30696BD3FFA47CF6D1674521A9FC00E0294B72FCA03398F0BEA476F
Service . . . . . : MSLN
> Bitdefender . . . : Gen:Variant.Application.Razy.26604
Fuzzy . . . . . . : 112.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\MSLN\
Forensic Cluster
0.0s C:\ProgramData\Microsoft\IdentityCRL\ppcrlconf.dll
3.5s C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3.5s C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5457A8CE4B2A7499F8299A013B6E1C7C_CE50F893881D43DC0C815E4D80FAF2B4
3.8s C:\Users\Public\Desktop\Google Chrome.lnk
3.9s C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Chrome.lnk
3.9s C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\MetaData\5080DC7A65DB6A5960ECD874088F3328_C7B398B93BFA7397A840C520A0E096A2
3.9s C:\Windows\System32\config\systemprofile\AppData\LocalLow\Microsoft\CryptnetUrlCache\Content\5080DC7A65DB6A5960ECD874088F3328_C7B398B93BFA7397A840C520A0E096A2
4.1s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\LGBH8Q0W.txt
5.4s C:\Windows\System32\config\systemprofile\AppData\Roaming\Microsoft\Windows\Cookies\UM3BB18A.txt

C:\ProgramData\{c8a-ba-11-d8496-88bdb-c8bd-95a6c}\_-LO#onç9J.exe
Size . . . . . . . : 1,118,720 bytes
Age . . . . . . . : 3.1 days (2017-01-27 22:37:37)
Entropy . . . . . : 6.1
SHA-256 . . . . . : CA30296C75B1FDAF396913710C238335C0943D0C2EB19BDDE4EDB965B360838C
Needs elevation . : Yes
Product
Publisher
Description
Version . . . . . : 1.0.1.2
LanguageID . . . . : 0
> Bitdefender . . . : Trojan.GenericKD.4252738
Fuzzy . . . . . . : 115.0
Startup
HKU\S-1-5-21-1175016655-2442003890-1713799225-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\_-LO#onç9J.exe
Forensic Cluster
0.0s C:\ProgramData\{c8a-ba-11-d8496-88bdb-c8bd-95a6c}\_-LO#onç9J.exe
0.0s C:\ProgramData\{c8a-ba-11-d8496-88bdb-c8bd-95a6c}\_-LO#onç9J.exe.config

C:\ProgramData\{c8a-ba-11-d8496-88bdb-c8bd-95a6c}\kdLu+RsoHc.exe
Size . . . . . . . : 1,363,456 bytes
Age . . . . . . . : 3.1 days (2017-01-27 22:39:37)
Entropy . . . . . : 6.2
SHA-256 . . . . . : C569B4BEE7E8C0782F78FDDFA72096D344E0DE89A5A83E6663E2CBC1C34FB24C
Needs elevation . : Yes
Product
Publisher
Description
Version . . . . . : 1.0.0.8
LanguageID . . . . : 0
> Bitdefender . . . : Trojan.GenericKD.4252841
Fuzzy . . . . . . : 115.0
Startup
HKU\S-1-5-21-1175016655-2442003890-1713799225-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Run\kdLu+RsoHc.exe
Forensic Cluster
0.0s C:\ProgramData\{c8a-ba-11-d8496-88bdb-c8bd-95a6c}\kdLu+RsoHc.exe
0.0s C:\ProgramData\{c8a-ba-11-d8496-88bdb-c8bd-95a6c}\kdLu+RsoHc.exe.config
2.3s C:\Windows\Microsoft.NET\Framework\v2.0.50727\CONFIG\enterprisesec.config.cch

C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\qnsm9F7C.tmp
Size . . . . . . . : 158,720 bytes
Age . . . . . . . : 0.1 days (2017-01-30 23:21:33)
Entropy . . . . . : 6.4
SHA-256 . . . . . : BE4317DDD6DE0DBBDCA11414EC0CC43E69038E056BAD21A6738E39E397B80A42
Service . . . . . : zigipyro
Parent Name . . . : C:\Windows\system32\services.exe
Running processes : 2092
> Bitdefender . . . : Gen:Variant.Adware.ConvertAd.71
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ConvertAd.bbhf
Fuzzy . . . . . . : 136.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\zigipyro\
Forensic Cluster
-10.3s C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\
0.0s C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\qnsm9F7C.tmp
0.1s C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\Uninstall.exe

C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\Uninstall.exe
Size . . . . . . . : 51,270 bytes
Age . . . . . . . : 0.1 days (2017-01-30 23:21:33)
Entropy . . . . . : 7.2
SHA-256 . . . . . : 530877A2D25A38ECC060959675BF69F986C1DE39E0BB245B0FCA2989947C5E92
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ConvertAd.heur
Fuzzy . . . . . . : 100.0
Forensic Cluster
-10.4s C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\
-0.1s C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\qnsm9F7C.tmp
0.0s C:\Users\win7\AppData\Local\00000000-1485818482-0000-0000-50E549F2978C\Uninstall.exe

C:\Users\win7\AppData\Roaming\Kowelystzother\Ghikuy.dll
Size . . . . . . . : 123,392 bytes
Age . . . . . . . : 3.1 days (2017-01-27 22:31:49)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 6845C118F25B2BA5DA8A9A49EF5FF929BD0176F15560E1B5A53190D694F5FC5E
> Bitdefender . . . : Gen:Variant.Graftor.308925
Fuzzy . . . . . . : 110.0

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\0LCEnWBn[1].exe
Size . . . . . . . : 439,296 bytes
Age . . . . . . . : 0.0 days (2017-01-31 00:50:37)
Entropy . . . . . : 6.5
SHA-256 . . . . . : 934A72D4495F5B30A80235CBB26C629853781D1DA07B308549382830548CC78B
> Bitdefender . . . : Gen:Variant.Adware.ConvertAd.1268
Fuzzy . . . . . . : 108.0
Forensic Cluster
-4.0s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro4403.tmp
-1.9s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HN902SR9\RKFqof[1].exe
-1.8s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\kns4C9B.tmp
0.0s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\0LCEnWBn[1].exe
5.2s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\dl[1]

C:\Windows\system32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HN902SR9\RKFqof[1].exe
Size . . . . . . . : 230,400 bytes
Age . . . . . . . : 0.0 days (2017-01-31 00:50:35)
Entropy . . . . . : 6.5
SHA-256 . . . . . : D9CF1C7250AB9C68A818F051DD487C4BF29BEC2B8AEBFC47EC0A4023AA0EF5B7
> Bitdefender . . . : Gen:Variant.Zusy.217410
> Kaspersky . . . . : not-a-virus:AdWare.Win32.ConvertAd.bxsv
Fuzzy . . . . . . : 108.0
Forensic Cluster
-2.1s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\pro4403.tmp
0.0s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\HN902SR9\RKFqof[1].exe
0.1s C:\Program Files\bb26c896-d52e-4141-8a09-5d25b9ca27df1485549062\kns4C9B.tmp
1.9s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\0LCEnWBn[1].exe
7.1s C:\Windows\System32\config\systemprofile\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\2OYX1ETQ\dl[1]

C:\Windows\system32\DRIVERS\iSafeNetFilter.sys
Size . . . . . . . : 59,152 bytes
Age . . . . . . . : 0.0 days (2017-01-31 01:11:39)
Entropy . . . . . : 6.8
SHA-256 . . . . . : A26BC278DFD2A0AB88B1C6BA5BD71C549ECD2BD946692E476CEE42E8BCEE9F49
Product . . . . . : YAC Security Protection
Publisher . . . . : Elex do Brasil Participações Ltda
Description . . . : iSafeNetFilter SDK WFP Driver (WPP)
Version . . . . . : 1.4.7.3
Copyright . . . . : Copyright (c) 2011-2013 Elex do Brasil Participações Ltda
RSA Key Size . . . : 2048
Service . . . . . : iSafeNetFilter
LanguageID . . . . : 1033
Authenticode . . . : Valid
> Kaspersky . . . . : not-a-virus:HEUR:AdWare.Win32.ELEX.gen
Fuzzy . . . . . . : 101.0
Startup
HKLM\SYSTEM\CurrentControlSet\Services\iSafeNetFilter\

Suspicious files ____________________________________________________________

C:\Users\win7\AppData\Roaming\IDM\DwnlData\win7\sjtsetup_x86_32\sjtsetup_x86.exe
Size . . . . . . . : 334,440 bytes
Age . . . . . . . : 52.5 days (2016-12-09 13:14:35)
Entropy . . . . . : 7.7
SHA-256 . . . . . : 7ACB1E2EBA0092BE6037D3B3AED5B5FF1DF2FFD7CFBF16248FCAB615296889EA
Needs elevation . : Yes
Fuzzy . . . . . . : 23.0
Program has no publisher information but prompts the user for permission elevation.
Entropy (or randomness) indicates the program is encrypted, compressed or obfuscated. This is not typical for most programs.
Authors name is missing in version info. This is not common to most programs.
Version control is missing. This file is probably created by an individual. This is not typical for most programs.
Program contains PE structure anomalies. This is not typical for most programs.

Potential Unwanted Programs _________________________________________________

HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\iSafe\ (NationZoom)
HKLM\SOFTWARE\Wow6432Node\SearchModule\ (Goobzo)
HKLM\SOFTWARE\xvb`lj\ (Youndoo)
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_ISAFEKRNL\ (NationZoom)
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_ISAFENETFILTER\ (NationZoom)
HKLM\SYSTEM\ControlSet001\Enum\Root\LEGACY_SMUPDD\ (Goobzo)
HKLM\SYSTEM\ControlSet001\services\iSafeKrnl\ (NationZoom)
HKLM\SYSTEM\ControlSet001\services\iSafeNetFilter\ (NationZoom)
HKLM\SYSTEM\ControlSet001\services\iSafeService\ (NationZoom)
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_ISAFEKRNL\ (NationZoom)
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_ISAFENETFILTER\ (NationZoom)
HKLM\SYSTEM\ControlSet002\Enum\Root\LEGACY_SMUPDD\ (Goobzo)
HKLM\SYSTEM\ControlSet002\services\iSafeKrnl\ (NationZoom)
HKLM\SYSTEM\ControlSet002\services\iSafeNetFilter\ (NationZoom)
HKLM\SYSTEM\ControlSet002\services\iSafeService\ (NationZoom)
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ISAFEKRNL\ (NationZoom)
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_ISAFENETFILTER\ (NationZoom)
HKLM\SYSTEM\CurrentControlSet\Enum\Root\LEGACY_SMUPDD\ (Goobzo)
HKLM\SYSTEM\CurrentControlSet\services\iSafeKrnl\ (NationZoom)
HKLM\SYSTEM\CurrentControlSet\services\iSafeNetFilter\ (NationZoom)
HKLM\SYSTEM\CurrentControlSet\services\iSafeService\ (NationZoom)
HKU\.DEFAULT\Software\xvb`lj\ (Youndoo)
HKU\S-1-5-18\Software\xvb`lj\ (Youndoo)
HKU\S-1-5-21-1175016655-2442003890-1713799225-1000\Software\IM\ (Sweetpacks)
HKU\S-1-5-21-1175016655-2442003890-1713799225-1000\Software\Microsoft\Internet Explorer\SearchScopes\{33BB0A4E-99AF-4226-BDF6-49120163DE86}\ (QVO6)

Repairs _____________________________________________________________________

ASEC
WMI:root\subscription\ActiveScriptEventConsumer\

Cookies _____________________________________________________________________

C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\2ORUKBNC.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\59KMPR26.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\7FPCZU17.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\7LEQISZX.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\8E55AF11.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\AC993L51.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\DYGJYNF1.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\Low\4CCG119H.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\Low\7XLM5L21.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\Low\B91MUL20.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\Low\EYFAU7UO.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\Low\ULXKFMAD.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\Low\X0EBY9MX.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\PMCRZYGF.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\XJEUQKX4.txt
C:\Users\win7\AppData\Roaming\Microsoft\Windows\Cookies\XWC8EISR.txt

[/code]

Signaler le contenu de ce document