ads appearing

bbudesa

bbudesa

Member
John - I've also been having problems with pop up ads, and have been following instructions given to others to try and solve the problem. the one program I'm not able to download from your other instructions is HighjackThis.

the other logs so far look like this:

Malwarebytes Anti-Malware (PRO) 1.75.0.1300
www.malwarebytes.org

Database version: v2013.10.05.03

Windows 7 Service Pack 1 x64 NTFS
Internet Explorer 10.0.9200.16686
Bob :: BUDESAPC [administrator]

Protection: Enabled

10/5/2013 7:39:29 AM
MBAM-log-2013-10-05 (07-43-56).txt

Scan type: Quick scan
Scan options enabled: Memory | Startup | Registry | File System | Heuristics/Extra | Heuristics/Shuriken | PUP | PUM
Scan options disabled: P2P
Objects scanned: 267074
Time elapsed: 3 minute(s), 48 second(s)

Memory Processes Detected: 3
C:\Program Files (x86)\Optimizer Pro\OptProCrash.exe (PUP.Optional.OptimizerPro.A) -> 4228 -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro.A) -> 5308 -> No action taken.
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> 4728 -> No action taken.

Memory Modules Detected: 0
(No malicious items detected)

Registry Keys Detected: 10
HKLM\SOFTWARE\{6791A2F3-FC80-475C-A002-C014AF797E9C} (PUP.Optional.OptimzerPro.A) -> No action taken.
HKLM\SYSTEM\CurrentControlSet\Services\70e6ca8c (PUP.Optional.OptimizerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Optimizer Pro_is1 (PUP.Optional.OptimizerPro.A) -> No action taken.
HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
HKCU\Software\Conduit\FF (PUP.Optional.Conduit.A) -> No action taken.
HKCU\SOFTWARE\OPTIMIZER PRO (PUP.Optional.OptimizerPro.A) -> No action taken.
HKCU\SOFTWARE\SEARCHPROTECT (PUP.Optional.SearchProtect.A) -> No action taken.
HKCU\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.
HKLM\SOFTWARE\BROWSERSAFEGUARD (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
HKLM\SOFTWARE\SWEETIM (PUP.Optional.SweetIM.A) -> No action taken.

Registry Values Detected: 7
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|Optimizer Pro (PUP.Optional.OptimizePro.A) -> Data: C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe -> No action taken.
HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\Run|BrowserSafeguard (PUP.Optional.BrowserSafeGuard.A) -> Data: C:\Program Files (x86)\Browsersafeguard\Browsersafeguard.exe -> No action taken.
HKCU\Software\Optimizer Pro|AdsBuyNowURL (PUP.Optional.OptimizerPro.A) -> Data: http://pcup26b.pcutilitiespro.reven...7-US-006_49F9E2C3-B06F-9D1F-D3FD-404CAD56537E -> No action taken.
HKCU\Software\SearchProtect|IELastInstalledTBHomepage (PUP.Optional.SearchProtect.A) -> Data: http://search.conduit.com?SearchSource=10&CUI=UN15816199932515321&UM=2&ctid=CT3310511 -> No action taken.
HKCU\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5DF51917-2DCB-11E3-9BC1-00E04C77C924} -> No action taken.
HKLM\SOFTWARE\Browsersafeguard|sourceid (PUP.Optional.BrowserSafeGuard.A) -> Data: google_groovestream-display-us-CPC-300x250-28480164530 -> No action taken.
HKLM\Software\SweetIM|simapp_id (PUP.Optional.SweetIM.A) -> Data: {5DF51917-2DCB-11E3-9BC1-00E04C77C924} -> No action taken.

Registry Data Items Detected: 2
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows|AppInit_DLLs (PUP.Optional.OptimizerPro.A) -> Bad: (c:\progra~2\optimi~1\optpro~1.dll) Good: () -> No action taken.
HKCU\SOFTWARE\Microsoft\Internet Explorer\Main|Start Page (PUP.Optional.Conduit) -> Bad: (http://search.conduit.com?SearchSource=10&CUI=UN15816199932515321&UM=2&ctid=CT3310511) Good: (http://www.google.com) -> No action taken.

Folders Detected: 13
C:\Program Files (x86)\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Bob\Documents\Optimizer Pro (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511 (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\plugins (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\xpi\defaults (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\xpi\defaults\preferences (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3310511 (PUP.Optional.Conduit.A) -> No action taken.
C:\Windows\System32\WNLT\Installation (PUP.Optional.InstallBrain.A) -> No action taken.
C:\Windows\SysWOW64\WNLT\Installation (PUP.Optional.InstallBrain.A) -> No action taken.

Files Detected: 73
C:\Program Files (x86)\Optimizer Pro\OptProLauncher.exe (PUP.Optional.OptimizePro.A) -> No action taken.
C:\$RECYCLE.BIN\S-1-5-21-1832021186-1526691404-913494652-1000\$RBOS79N.exe (PUP.Optional.iBryte) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\mgsqlite3.7z (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\mgsqlite3.dll (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\nsl8B98.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\nsq1238.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\nsq3C44.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\nsqF939.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\nsv31B6.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\Shortcut_IMsetup.exe (PUP.Optional.SweetIM) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\SPStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\SweetIMInstallValidator.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\WSSetup.exe (PUP.Optional.InstallBrain.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\chLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\ctbe.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\ffLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\ieLogic.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\sl.exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\spch.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\spff.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\statisticsStub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\stub.exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\Downloads\Player_Setup.exe (PUP.Optional.DomaIQ) -> No action taken.
C:\Users\Bob\Local Settings\Temporary Internet Files\Content.IE5\E6DOSC2M\checktbexist[1].exe (PUP.Optional.Conduit) -> No action taken.
C:\Users\Bob\Local Settings\Temporary Internet Files\Content.IE5\XR7QX2CO\checktbexist[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\Local Settings\Temporary Internet Files\Content.IE5\XR7QX2CO\statisticsstub[1].exe (PUP.Optional.Conduit.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptimizerPro.chm (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\English.ini (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\file_id.diz (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\HomePage.url (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptimizerPro.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProCrash.dll (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProCrash.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProCrash_x64.dll (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProGuard.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProReminder.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProSchedule.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProSmartScan.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProStart.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\OptProUninstaller.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\scan.gif (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\sqlite3.dll (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\StartupList.txt (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\unins000.dat (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\unins000.exe (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Optimizer Pro\unins000.msg (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Users\Bob\Documents\Optimizer Pro\CookiesException.txt (PUP.Optional.OptimizerPro.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\ewebstorewrapper.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\BrowserSafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\install.log (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\makecert.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\TrustedRoot.cer (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\uninstall.browsersafeguard.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\certutil.exe (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\libnspr4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\libplc4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\libplds4.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\nss3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\smime3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Program Files (x86)\Browsersafeguard\Resources\softokn3.dll (PUP.Optional.BrowserSafeGuard.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\chromeid.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\conduit.xml (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\CT3310511.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\CT3310511.xpi (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\initData.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\manifest.json (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\setup.ini.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\version.txt (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\plugins\TBVerifier.dll (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\xpi\install.rdf (PUP.Optional.Conduit.A) -> No action taken.
C:\Users\Bob\AppData\Local\Temp\ct3310511\xpi\defaults\preferences\defaults.js (PUP.Optional.Conduit.A) -> No action taken.
C:\ProgramData\Conduit\IE\CT3310511\UninstallerUI.exe (PUP.Optional.Conduit.A) -> No action taken.

(end)

# AdwCleaner v3.006 - Report created 04/10/2013 at 22:59:31
# Updated 01/10/2013 by Xplode
# Operating System : Windows 7 Home Premium Service Pack 1 (64 bits)
# Username : Bob - BUDESAPC
# Running from : C:\Users\Bob\Desktop\adwcleaner.exe
# Option : Clean

***** [ Services ] *****


***** [ Files / Folders ] *****

Folder Deleted : C:\Program Files (x86)\SweetPacks
Folder Deleted : C:\Users\Bob\AppData\LocalLow\SweetPacks
Folder Deleted : C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\phm5365y.default\Smartbar
Folder Deleted : C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\phm5365y.default\CT3299872
Folder Deleted : C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\phm5365y.default\Extensions\{6ec74131-08b2-4f67-a9bc-5914ef1edb97}
File Deleted : C:\Windows\System32\dmwu.exe
File Deleted : C:\Windows\System32\ImhxxpComm.dll

***** [ Shortcuts ] *****


***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{5E6C03E0-D368-4690-8168-9848D4C0F587}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5E6C03E0-D368-4690-8168-9848D4C0F587}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{5E6C03E0-D368-4690-8168-9848D4C0F587}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{5E6C03E0-D368-4690-8168-9848D4C0F587}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{E0551D68-A212-447F-BBC3-241ACBD69FAE}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{C04318C5-579B-443C-903A-934F09679CD7}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\URLSearchHooks [{7E8A1050-CF67-4575-92DF-DCC60E7D952D}]
Key Deleted : HKCU\Software\Conduit
Key Deleted : HKCU\Software\AppDataLow\Software\smartbar
Key Deleted : HKCU\Software\AppDataLow\Software\SweetPacks
Key Deleted : HKLM\Software\SweetPacks
Key Deleted : [x64] HKLM\SOFTWARE\wnlt

***** [ Browsers ] *****

-\\ Internet Explorer v10.0.9200.16686


-\\ Mozilla Firefox v24.0 (en-US)

[ File : C:\Users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\phm5365y.default\prefs.js ]

Line Deleted : user_pref("CT3299872.1000082.isPlayDisplay", "true");
Line Deleted : user_pref("CT3299872.1000082.state", "{\"state\":\"stopped\",\"text\":\"1.FM (Cou...\",\"description\":\"1.FM (Country)\",\"url\":\"hxxp://1.fm/wm/energycountry32k.asx\"}");
Line Deleted : user_pref("CT3299872.1000234.TWC_TMP_city", "JACKSONVILLE");
Line Deleted : user_pref("CT3299872.1000234.TWC_TMP_country", "US");
Line Deleted : user_pref("CT3299872.1000234.TWC_country", "UNITED STATES");
Line Deleted : user_pref("CT3299872.1000234.TWC_locId", "USOR0173");
Line Deleted : user_pref("CT3299872.1000234.TWC_location", "Jacksonville, OR");
Line Deleted : user_pref("CT3299872.1000234.TWC_region", "US");
Line Deleted : user_pref("CT3299872.1000234.TWC_temp_dis", "f");
Line Deleted : user_pref("CT3299872.1000234.TWC_wind_dis", "mph");
Line Deleted : user_pref("CT3299872.ENABALE_HISTORY", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.ENABLE_RETURN_WEB_SEARCH_ON_THE_PAGE", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.FirstTime", "true");
Line Deleted : user_pref("CT3299872.FirstTimeFF3", "true");
Line Deleted : user_pref("CT3299872.PG_ENABLE", "dHJ1ZQ==");
Line Deleted : user_pref("CT3299872.SF_JUST_INSTALLED.enc", "RkFMU0U=");
Line Deleted : user_pref("CT3299872.SF_STATUS.enc", "RU5BQkxFRA==");
Line Deleted : user_pref("CT3299872.SearchFromAddressBarUrl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3299872&SearchSource=2&CUI=UN38310724284265119&UM=2&q=");
Line Deleted : user_pref("CT3299872.UserID", "UN38310724284265119");
Line Deleted : user_pref("CT3299872.addressBarTakeOverEnabledInHidden", "true");
Line Deleted : user_pref("CT3299872.browser.search.defaultthis.engineName", true);
Line Deleted : user_pref("CT3299872.cbfirsttime.enc", "RnJpIE9jdCAwNCAyMDEzIDIyOjEzOjQxIEdNVC0wNzAwIChQYWNpZmljIFN0YW5kYXJkIFRpbWUp");
Line Deleted : user_pref("CT3299872.countryCode", "US");
Line Deleted : user_pref("CT3299872.embeddedsData", "[{\"appId\":\"130116395078024690\",\"apiPermissions\":{\"crossDomainAjax\":true,\"getMainFrameTitle\":true,\"getMainFrameUrl\":true,\"getSearchTerm\":true,\"insta[...]
Line Deleted : user_pref("CT3299872.event_data.enc", "JTVCJTVE");
Line Deleted : user_pref("CT3299872.fired_events.enc", "");
Line Deleted : user_pref("CT3299872.firstTimeDialogOpened", "true");
Line Deleted : user_pref("CT3299872.fixPageNotFoundErrorByUser", "TRUE");
Line Deleted : user_pref("CT3299872.fixPageNotFoundErrorInHidden", "true");
Line Deleted : user_pref("CT3299872.fullUserID", "UN38310724284265119.XP.202304221315");
Line Deleted : user_pref("CT3299872.homepageuserchanged", true);
Line Deleted : user_pref("CT3299872.installType", "Unknown");
Line Deleted : user_pref("CT3299872.isCheckedStartAsHidden", true);
Line Deleted : user_pref("CT3299872.isEnableAllDialogs", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.isFirstTimeToolbarLoading", "false");
Line Deleted : user_pref("CT3299872.isToolbarShrinked", "{\"dataType\":\"string\",\"data\":\"false\"}");
Line Deleted : user_pref("CT3299872.isWelcomPage", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.key_date.enc", "NA==");
Line Deleted : user_pref("CT3299872.keyword", true);
Line Deleted : user_pref("CT3299872.lastNewTabSettings", "{\"isEnabled\":true,\"newTabUrl\":\"hxxp://search.conduit.com/?ctid=CT3299872&octid=CT3299872&SearchSource=15&CUI=UN38310724284265119&SSPV=&Lay=1&UM=2\"}");
Line Deleted : user_pref("CT3299872.lastVersion", "10.20.1.8");
Line Deleted : user_pref("CT3299872.mam_gk_appStateReportTime.enc", "MTM4MDk1MDAxNTExNA==");
Line Deleted : user_pref("CT3299872.mam_gk_appState_ACplus.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_CouponBuddy.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Discover.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Easytobook.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Easytobook_targeted.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_Find-a-Pro.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_PriceGong.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appState_WindowShopper.enc", "b24=");
Line Deleted : user_pref("CT3299872.mam_gk_appsData.enc", "eyJhcHBzIjpbeyJpZCI6IkNvdXBvbkJ1ZGR5IiwidXJsIjoiaHR0cDovL3d3dy5zb2NpYWxncm93dGh0ZWNobm9sb2dpZXMuY29tL2NvdXBvbmJ1ZGR5X3YwMDMvaW5kZXgucGhwP2N0aWQ9RUJUT09MQkFS[...]
Line Deleted : user_pref("CT3299872.mam_gk_appsDefaultEnabled.enc", "bnVsbA==");
Line Deleted : user_pref("CT3299872.mam_gk_configuration.enc", "eyJjb25maWd1cmF0aW9uIjpbeyJpZCI6IlBpY2xpY2tWMi1XZWJTZWFyY2giLCJjcml0ZXJpYXMiOlt7ImNyaXRlcmlhSWQiOiJkOTM0ZDI1My0wODliLTRkODUtOWIxNS0zYTM3N2MxNWEzMmYiLCJ[...]
Line Deleted : user_pref("CT3299872.mam_gk_currentVersion.enc", "MS4xMC40LjA=");
Line Deleted : user_pref("CT3299872.mam_gk_existingUsersRecoveryDone.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_first_time.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_installer_preapproved.enc", "VFJVRQ==");
Line Deleted : user_pref("CT3299872.mam_gk_lastLoginTime.enc", "MTM4MDk1MDAxMTc2Mg==");
Line Deleted : user_pref("CT3299872.mam_gk_localization.enc", "eyJnYWRnZXRDb250ZW50UG9saWN5Ijp7IlRleHQiOiJDb250ZW50IFBvbGljeSJ9LCJnYWRnZXREZXNjcmlwdGlvblByaW1hcnkiOnsiVGV4dCI6IlZhbHVlIEFwcHMgZW5yaWNoZXMgeW91ciB3ZWIg[...]
Line Deleted : user_pref("CT3299872.mam_gk_newApps.enc", "W3siaWQiOiJQcmljZUdyYWJiZXIiLCJuYW1lIjoiUHJpY2VHcmFiYmVyIiwiZGVzY3JpcHRpb24iOiJDb21wYXJlIHByb2R1Y3QgcHJpY2VzIGFuZCB3YXRjaCBmb3IgZGVhbHMhIFRoZSBvZmZlciBjaGVja[...]
Line Deleted : user_pref("CT3299872.mam_gk_new_welcome_experience.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_pgUnloadedOnce.enc", "dHJ1ZQ==");
Line Deleted : user_pref("CT3299872.mam_gk_settings1.10.4.0.enc", "eyJTdGF0dXMiOiJzdWNjZWVkZWQiLCJEYXRhIjp7ImludGVydmFsIjoyNDAsInN0YW1wIjoiMzVfMCIsImlzVGVzdCI6dHJ1ZSwiVXNlckNvdW50cnlDb2RlIjoiVVMiLCJpc1dlbGNvbWVFeHBl[...]
Line Deleted : user_pref("CT3299872.mam_gk_showWelcomeGadget.enc", "ZmFsc2U=");
Line Deleted : user_pref("CT3299872.mam_gk_userId.enc", "ZGE1ZDdjMjktOWMwNC00YWUzLWI0ZDYtNzlmNGIyYTQ0YzQw");
Line Deleted : user_pref("CT3299872.mam_gk_user_approval_interacted.enc", "MQ==");
Line Deleted : user_pref("CT3299872.mam_gk_welcomeDialogMode.enc", "MQ==");
Line Deleted : user_pref("CT3299872.navigationAliasesJson", "{\"EB_SEARCH_TERM\":\"\",\"EB_MAIN_FRAME_URL\":\"hxxp%3A%2F%2Fwww.yahoo.com%2F\",\"EB_MAIN_FRAME_TITLE\":\"Yahoo\",\"EB_TOOLBAR_SUB_DOMAIN\":\"hxxp://Inst[...]
Line Deleted : user_pref("CT3299872.originalHomepage", "chrome://branding/locale/browserconfig.properties");
Line Deleted : user_pref("CT3299872.originalSearchAddressUrl", false);
Line Deleted : user_pref("CT3299872.originalSearchEngine", "Google");
Line Deleted : user_pref("CT3299872.originalSearchEngineName", "Google");
Line Deleted : user_pref("CT3299872.personalApps", "{\"dataType\":\"object\",\"data\":\"[\\\"BROWSER_COMPONENT\\\"]\"}");
Line Deleted : user_pref("CT3299872.price-gong.isManagedApp", "true");
Line Deleted : user_pref("CT3299872.revertSettingsEnabled", "false");
Line Deleted : user_pref("CT3299872.search.searchAppId", "130116395078024690");
Line Deleted : user_pref("CT3299872.search.searchCount", "0");
Line Deleted : user_pref("CT3299872.searchFromAddressBarEnabledByUser", "true");
Line Deleted : user_pref("CT3299872.searchInNewTabEnabledByUser", "true");
Line Deleted : user_pref("CT3299872.searchInNewTabEnabledInHidden", "true");
Line Deleted : user_pref("CT3299872.searchSuggestEnabledByUser", "TRUE");
Line Deleted : user_pref("CT3299872.searchUserMode", "2");
Line Deleted : user_pref("CT3299872.selectToSearchBoxEnabled", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_login_isFirstLoginInvoked", "{\"dataType\":\"boolean\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_login_loginCount", "{\"dataType\":\"number\",\"data\":\"4\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_activeCTID", "{\"dataType\":\"string\",\"data\":\"CT3299872\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_activeDownloadUrl", "{\"dataType\":\"string\",\"data\":\"hxxp://InstalllConverter.OurToolbar.com//xpi\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_activeToolbarName", "{\"dataType\":\"string\",\"data\":\"Installl Converter \"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_toolbarGrouping_invoked", "{\"dataType\":\"string\",\"data\":\"true\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_service_usage_toolbarUsageCount", "{\"dataType\":\"number\",\"data\":\"2\"}");
Line Deleted : user_pref("CT3299872.serviceLayer_services_Configuration_lastUpdate", "1380950004380");
Line Deleted : user_pref("CT3299872.serviceLayer_services_appTrackingFirstTime_lastUpdate", "1380950006377");
Line Deleted : user_pref("CT3299872.serviceLayer_services_appsMetadata_lastUpdate", "1380950005915");
Line Deleted : user_pref("CT3299872.serviceLayer_services_gottenAppsContextMenu_lastUpdate", "1380950005967");
Line Deleted : user_pref("CT3299872.serviceLayer_services_login_10.20.1.8_lastUpdate", "1380950019033");
Line Deleted : user_pref("CT3299872.serviceLayer_services_menu_769c590835a76d075fe33b9a87a87786_lastUpdate", "1380950006197");
Line Deleted : user_pref("CT3299872.serviceLayer_services_menu_d32f45618f5a02bd965c56155a643855_lastUpdate", "1380950006244");
Line Deleted : user_pref("CT3299872.serviceLayer_services_otherAppsContextMenu_lastUpdate", "1380950005999");
Line Deleted : user_pref("CT3299872.serviceLayer_services_searchAPI_lastUpdate", "1380950005058");
Line Deleted : user_pref("CT3299872.serviceLayer_services_serviceMap_lastUpdate", "1380950000440");
Line Deleted : user_pref("CT3299872.serviceLayer_services_setupAPI_lastUpdate", "1380950004810");
Line Deleted : user_pref("CT3299872.serviceLayer_services_toolbarContextMenu_lastUpdate", "1380950005877");
Line Deleted : user_pref("CT3299872.serviceLayer_services_toolbarSettings_lastUpdate", "1380950004969");
Line Deleted : user_pref("CT3299872.serviceLayer_services_translation_lastUpdate", "1380950006024");
Line Deleted : user_pref("CT3299872.settingsINI", true);
Line Deleted : user_pref("CT3299872.showToolbarPermission", "false");
Line Deleted : user_pref("CT3299872.smartbar.CTID", "CT3299872");
Line Deleted : user_pref("CT3299872.smartbar.Uninstall", "0");
Line Deleted : user_pref("CT3299872.smartbar.homepage", true);
Line Deleted : user_pref("CT3299872.smartbar.toolbarName", "Installl Converter ");
Line Deleted : user_pref("CT3299872.toolbarBornServerTime", "5-10-2013");
Line Deleted : user_pref("CT3299872.toolbarCurrentServerTime", "5-10-2013");
Line Deleted : user_pref("CT3299872.toolbarLoginClientTime", "Fri Oct 04 2013 22:13:39 GMT-0700 (Pacific Standard Time)");
Line Deleted : user_pref("CT3299872.userIdGenerationCounter", "1");
Line Deleted : user_pref("CT3299872_Firefox.csv", "[{\"from\":\"Abs Layer\",\"action\":\"loading toolbar\",\"time\":1380952715081,\"isWithState\":\"\",\"timeFromStart\":0,\"timeFromPrev\":0}]");
Line Deleted : user_pref("CT3310511.FF19Solved", "true");
Line Deleted : user_pref("CT3310511.UserID", "UN85074045849673028");
Line Deleted : user_pref("CT3310511.browser.search.defaultthis.engineName", "true");
Line Deleted : user_pref("CT3310511.fullUserID", "UN85074045849673028.IN.20131004210946");
Line Deleted : user_pref("CT3310511.installDate", "04/10/2013 21:09:48");
Line Deleted : user_pref("CT3310511.installSessionId", "{3B681802-1D65-4F14-9AC1-C26C642356E0}");
Line Deleted : user_pref("CT3310511.installSp", "TRUE");
Line Deleted : user_pref("CT3310511.installerVersion", "1.7.1.4");
Line Deleted : user_pref("CT3310511.keyword", "true");
Line Deleted : user_pref("CT3310511.originalHomepage", "hxxp://my.msn.com/?ppud=4");
Line Deleted : user_pref("CT3310511.originalSearchAddressUrl", "");
Line Deleted : user_pref("CT3310511.originalSearchEngine", "");
Line Deleted : user_pref("CT3310511.originalSearchEngineName", "");
Line Deleted : user_pref("CT3310511.searchRevert", "false");
Line Deleted : user_pref("CT3310511.searchUserMode", "2");
Line Deleted : user_pref("CT3310511.versionFromInstaller", "10.20.1.8");
Line Deleted : user_pref("CT3310511.xpeMode", "0");
Line Deleted : user_pref("Smartbar.ConduitHomepagesList", "");
Line Deleted : user_pref("Smartbar.ConduitSearchEngineList", "Installl Converter Customized Web Search");
Line Deleted : user_pref("Smartbar.ConduitSearchUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3299872&SearchSource=2&CUI=UN38310724284265119&UM=2&q=");
Line Deleted : user_pref("Smartbar.keywordURLSelectedCTID", "CT3299872");
Line Deleted : user_pref("browser.search.defaultenginename", "Installl Converter Customized Web Search");
Line Deleted : user_pref("browser.search.selectedEngine", "Installl Converter Customized Web Search");
Line Deleted : user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3299872&SearchSource=2&CUI=UN38310724284265119&UM=2&q=");
Line Deleted : user_pref("smartbar.addressBarOwnerCTID", "CT3299872");
Line Deleted : user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?UM=2&ctid=CT3299872&SearchSource=13&CUI=UN38310724284265119");
Line Deleted : user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3299872&SearchSource=2&CUI=UN38310724284265119&UM=2&q=");
Line Deleted : user_pref("smartbar.defaultSearchOwnerCTID", "CT3299872");
Line Deleted : user_pref("smartbar.homePageOwnerCTID", "CT3299872");
Line Deleted : user_pref("smartbar.machineId", "OKPQQXAROCHHCAWPFEJN0SMAZCYYRCEYRDVSJFS4M/7+MOQ6+2JXIOZFNPEQBJKHS5NQUNTK+ATB3NNX1YHBLA");

[ File : C:\Users\Terri\AppData\Roaming\Mozilla\Firefox\Profiles\mtmtq4fd.default\prefs.js ]


-\\ Google Chrome v30.0.1599.69

[ File : C:\Users\Bob\AppData\Local\Google\Chrome\User Data\Default\preferences ]

Deleted : homepage
Deleted : urls_to_restore_on_startup

[ File : C:\Users\Terri\AppData\Local\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [36293 octets] - [03/10/2013 16:52:31]
AdwCleaner[R1].txt - [36354 octets] - [03/10/2013 17:11:26]
AdwCleaner[R2].txt - [36362 octets] - [03/10/2013 19:09:20]
AdwCleaner[R3].txt - [1884 octets] - [03/10/2013 19:28:43]
AdwCleaner[R4].txt - [1942 octets] - [04/10/2013 20:41:46]
AdwCleaner[R5].txt - [17070 octets] - [04/10/2013 22:58:58]
AdwCleaner[S0].txt - [35952 octets] - [03/10/2013 19:12:38]
AdwCleaner[S1].txt - [2013 octets] - [04/10/2013 20:42:34]
AdwCleaner[S2].txt - [17081 octets] - [04/10/2013 22:59:31]

########## EOF - C:\AdwCleaner\AdwCleaner[S2].txt - [17142 octets] ##########

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.0.3 (09.27.2013:1)
OS: Windows 7 Home Premium x64
Ran by Bob on Fri 10/04/2013 at 21:40:10.14
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\ConduitFloatingPlugin_banjjklfojcdbofbhbgiedekefohoaff
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Toolbar\\{7e8a1050-cf67-4575-92df-dcc60e7d952d}



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\im
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\iminstaller
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduit
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\conduitsearchscopes
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\smartbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\toolbar
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\conduit
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\searchprotect
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\Toolbar.CT3310511
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{389B2410-5C1A-488F-9269-1B2DF8BFF98F}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{7e8a1050-cf67-4575-92df-dcc60e7d952d}



~~~ Files

Successfully deleted: [File] "C:\end"



~~~ Folders

Successfully deleted: [Folder] "C:\ProgramData\conduit"
Successfully deleted: [Folder] "C:\Users\Bob\AppData\Roaming\searchprotect"
Successfully deleted: [Folder] "C:\Users\Bob\appdata\local\conduit"
Successfully deleted: [Folder] "C:\Users\Bob\appdata\local\cre"
Successfully deleted: [Folder] "C:\Users\Bob\appdata\locallow\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\conduit"
Successfully deleted: [Folder] "C:\Program Files (x86)\searchprotect"
Successfully deleted: [Folder] "C:\Windows\syswow64\arfc"
Successfully deleted: [Folder] "C:\Windows\syswow64\jmdp"
Successfully deleted: [Folder] "C:\Windows\syswow64\wnlt"



~~~ FireFox

Successfully deleted: [File] C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\phm5365y.default\searchplugins\conduit.xml
Successfully deleted: [File] C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\phm5365y.default\searchplugins\mystart search.xml
Successfully deleted: [Folder] C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\phm5365y.default\extensions\{7e8a1050-cf67-4575-92df-dcc60e7d952d}
Successfully deleted the following from C:\Users\Bob\AppData\Roaming\mozilla\firefox\profiles\phm5365y.default\prefs.js

user_pref("CT3310511.smartbar.homepage", "true");
user_pref("Smartbar.ConduitHomepagesList", "hxxp://search.conduit.com/?ctid=CT3310511&CUI=UN85074045849673028&UM=2&SearchSource=13&UP=SP6BEC4209-332C-4996-A7A6-EB33CDEA8069");
user_pref("Smartbar.SearchFromAddressBarSavedUrl", "");
user_pref("browser.search.defaultenginename", "SweetPacks Customized Web Search");
user_pref("browser.search.defaultthis.engineName", "SweetPacks Customized Web Search");
user_pref("browser.search.defaulturl", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&CUI=UN85074045849673028&UM=2&SearchSource=3&q={searchTerms}");
user_pref("browser.search.selectedEngine", "SweetPacks Customized Web Search");
user_pref("browser.startup.homepage", "hxxp://search.conduit.com/?ctid=CT3310511&CUI=UN85074045849673028&UM=2&SearchSource=13&UP=SP6BEC4209-332C-4996-A7A6-EB33CDEA8069");
user_pref("keyword.URL", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN85074045849673028&UM=2&q=");
user_pref("smartbar.addressBarOwnerCTID", "CT3310511");
user_pref("smartbar.conduitHomepageList", "hxxp://search.conduit.com/?ctid=CT3310511&CUI=UN85074045849673028&UM=2&SearchSource=13,hxxp://search.conduit.com/?ctid=CT3310511&CUI
user_pref("smartbar.conduitSearchAddressUrlList", "hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3310511&SearchSource=2&CUI=UN85074045849673028&UM=2&q=");
user_pref("smartbar.defaultSearchOwnerCTID", "CT3310511");
user_pref("smartbar.homePageOwnerCTID", "CT3310511");
user_pref("smartbar.machineId", "OKPQQXAROCHHCAWPFEJN0SMAZCYYRCEYRDVSJFS4M/7+MOQ6+2JXIOZFNPEQBJKHS5NQUNTK+ATB3NNX1YHBLA");



~~~ Event Viewer Logs were cleared





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on Fri 10/04/2013 at 21:48:24.46
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

ComboFix 13-10-04.02 - Bob 10/04/2013 22:43:04.1.3 - x64
Microsoft Windows 7 Home Premium 6.1.7601.1.1252.1.1033.18.7935.5661 [GMT -7:00]
Running from: c:\users\Bob\Desktop\Combofix.exe
AV: avast! Internet Security *Enabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: avast! Internet Security *Enabled* {131692B0-0864-D491-4E21-3A3A1D8BBB47}
SP: avast! Internet Security *Enabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
* Created a new restore point
.
.
((((((((((((((((((((((((( Files Created from 2013-09-05 to 2013-10-05 )))))))))))))))))))))))))))))))
.
.
2013-10-05 05:49 . 2013-10-05 05:49 -------- d-----w- c:\users\Terri\AppData\Local\temp
2013-10-05 05:49 . 2013-10-05 05:49 -------- d-----w- c:\users\Guest\AppData\Local\temp
2013-10-05 04:54 . 2013-10-05 04:54 76232 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3145EE68-C558-44B8-93D4-827A908E1EF1}\offreg.dll
2013-10-05 04:10 . 2013-10-05 04:10 -------- d-----w- c:\program files (x86)\SweetPacks
2013-10-05 04:09 . 2013-10-05 04:09 -------- d-----w- c:\windows\system32\ljkb
2013-10-05 04:09 . 2013-09-17 17:25 1761584 ----a-w- c:\windows\system32\dmwu.exe
2013-10-05 04:09 . 2013-09-17 17:20 33792 ----a-w- c:\windows\system32\ImHttpComm.dll
2013-10-05 03:54 . 2013-10-05 03:54 -------- d-----w- c:\windows\ERUNT
2013-10-04 13:37 . 2013-09-05 05:32 9694160 ----a-w- c:\programdata\Microsoft\Windows Defender\Definition Updates\{3145EE68-C558-44B8-93D4-827A908E1EF1}\mpengine.dll
2013-10-04 03:51 . 2013-10-04 03:51 -------- d-----w- c:\users\Bob\AppData\Local\Diagnostics
2013-10-03 23:50 . 2013-10-05 03:42 -------- d-----w- C:\AdwCleaner
2013-10-03 22:21 . 2013-10-03 22:21 -------- d-----w- c:\users\Bob\AppData\Local\Programs
2013-10-03 22:21 . 2013-10-03 22:21 -------- d-----w- c:\users\Bob\AppData\Local\GreatArcadeHits
2013-10-02 13:43 . 2013-10-02 13:43 -------- d-----w- c:\users\Bob\AppData\Roaming\DiskDefrag
2013-10-01 22:27 . 2013-10-01 22:27 -------- d-----w- c:\users\Bob\AppData\Local\Macromedia
2013-10-01 16:20 . 2013-10-05 02:32 -------- d-----w- c:\programdata\GlarySoft
2013-10-01 13:08 . 2013-10-01 13:08 -------- d-----w- c:\program files (x86)\WinDirStat
2013-10-01 03:05 . 2013-09-09 07:57 829264 ----a-w- c:\windows\system32\msvcr100.dll
2013-10-01 03:05 . 2013-09-09 07:57 608080 ----a-w- c:\windows\system32\msvcp100.dll
2013-09-30 22:51 . 2013-09-30 22:51 -------- d-----w- c:\program files\iPod
2013-09-30 22:50 . 2013-09-30 22:51 -------- d-----w- c:\programdata\34BE82C4-E596-4e99-A191-52C6199EBF69
2013-09-30 22:50 . 2013-09-30 22:51 -------- d-----w- c:\program files\iTunes
2013-09-30 22:50 . 2013-09-30 22:51 -------- d-----w- c:\program files (x86)\iTunes
2013-09-25 02:21 . 2013-09-25 02:21 -------- d-----w- c:\programdata\ClubSanDisk
2013-09-11 23:17 . 2013-08-05 02:25 155584 ----a-w- c:\windows\system32\drivers\ataport.sys
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files (x86)\Mozilla Firefox\plugins\nppdf32.dll
2013-09-05 14:04 . 2013-09-05 14:04 209272 ----a-w- c:\program files (x86)\Internet Explorer\Plugins\nppdf32.dll
.
.
.
(((((((((((((((((((((((((((((((((((((((( Find3M Report ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2013-09-20 13:42 . 2012-04-06 00:31 692616 ----a-w- c:\windows\SysWow64\FlashPlayerApp.exe
2013-09-20 13:42 . 2011-06-03 00:49 71048 ----a-w- c:\windows\SysWow64\FlashPlayerCPLApp.cpl
2013-09-12 10:06 . 2009-12-12 17:49 79143768 ----a-w- c:\windows\system32\MRT.exe
2013-08-30 07:48 . 2013-03-15 13:47 65336 ----a-w- c:\windows\system32\drivers\aswRvrt.sys
2013-08-30 07:48 . 2013-03-15 13:47 204880 ----a-w- c:\windows\system32\drivers\aswVmm.sys
2013-08-30 07:48 . 2012-03-25 17:46 72016 ----a-w- c:\windows\system32\drivers\aswRdr2.sys
2013-08-30 07:48 . 2011-06-25 21:21 1030952 ----a-w- c:\windows\system32\drivers\aswSnx.sys
2013-08-30 07:48 . 2010-01-26 04:44 378944 ----a-w- c:\windows\system32\drivers\aswSP.sys
2013-08-30 07:48 . 2010-01-26 04:44 64288 ----a-w- c:\windows\system32\drivers\aswTdi.sys
2013-08-30 07:48 . 2012-03-25 17:46 22600 ----a-w- c:\windows\system32\drivers\aswKbd.sys
2013-08-30 07:48 . 2011-12-22 17:59 131232 ----a-w- c:\windows\system32\drivers\aswFW.sys
2013-08-30 07:48 . 2011-12-22 17:59 270824 ----a-w- c:\windows\system32\drivers\aswNdis2.sys
2013-08-30 07:48 . 2010-01-26 04:44 33400 ----a-w- c:\windows\system32\drivers\aswFsBlk.sys
2013-08-30 07:48 . 2010-01-26 04:44 80816 ----a-w- c:\windows\system32\drivers\aswMonFlt.sys
2013-08-30 07:47 . 2010-06-29 11:12 41664 ----a-w- c:\windows\avastSS.scr
2013-08-30 07:47 . 2011-01-23 21:24 287840 ----a-w- c:\windows\system32\aswBoot.exe
2013-08-07 11:22 . 2009-12-11 00:47 278800 ------w- c:\windows\system32\MpSigStub.exe
2013-08-02 01:48 . 2013-09-11 23:17 44032 ----a-w- c:\windows\apppatch\acwow64.dll
2013-07-25 09:25 . 2013-08-17 21:52 1888768 ----a-w- c:\windows\system32\WMVDECOD.DLL
2013-07-25 08:57 . 2013-08-17 21:52 1620992 ----a-w- c:\windows\SysWow64\WMVDECOD.DLL
2013-07-19 01:58 . 2013-08-17 21:53 2048 ----a-w- c:\windows\system32\tzres.dll
2013-07-19 01:41 . 2013-08-17 21:53 2048 ----a-w- c:\windows\SysWow64\tzres.dll
2013-07-09 05:52 . 2013-08-17 21:52 224256 ----a-w- c:\windows\system32\wintrust.dll
2013-07-09 05:51 . 2013-08-17 21:52 1217024 ----a-w- c:\windows\system32\rpcrt4.dll
2013-07-09 05:46 . 2013-08-17 21:52 1472512 ----a-w- c:\windows\system32\crypt32.dll
2013-07-09 05:46 . 2013-08-17 21:52 184320 ----a-w- c:\windows\system32\cryptsvc.dll
2013-07-09 05:46 . 2013-08-17 21:52 139776 ----a-w- c:\windows\system32\cryptnet.dll
2013-07-09 04:52 . 2013-08-17 21:52 663552 ----a-w- c:\windows\SysWow64\rpcrt4.dll
2013-07-09 04:52 . 2013-08-17 21:52 175104 ----a-w- c:\windows\SysWow64\wintrust.dll
2013-07-09 04:46 . 2013-08-17 21:52 1166848 ----a-w- c:\windows\SysWow64\crypt32.dll
2013-07-09 04:46 . 2013-08-17 21:52 140288 ----a-w- c:\windows\SysWow64\cryptsvc.dll
2013-07-09 04:46 . 2013-08-17 21:52 103936 ----a-w- c:\windows\SysWow64\cryptnet.dll
2013-03-31 05:01 . 2013-03-31 05:01 2000040 ----a-w- c:\program files (x86)\DriverRestore.exe
2011-05-17 09:53 . 2011-05-17 09:53 411136 ----a-w- c:\program files (x86)\googleearth.exe
2011-05-17 09:41 . 2011-05-17 09:41 291840 ----a-w- c:\program files (x86)\gpsbabel.exe
2011-05-17 09:40 . 2011-05-17 09:40 56320 ----a-w- c:\program files (x86)\earthflashsol.exe
2011-05-17 09:18 . 2011-05-17 09:18 632656 ----a-w- c:\program files (x86)\msvcr80.dll
2011-05-17 09:18 . 2011-05-17 09:18 554832 ----a-w- c:\program files (x86)\msvcp80.dll
2011-05-17 09:17 . 2011-05-17 09:17 53248 ----a-w- c:\program files (x86)\wavdest.ax
2011-05-17 09:14 . 2011-05-17 09:14 5816320 ----a-w- c:\program files (x86)\gdal17.dll
.
.
((((((((((((((((((((((((((((((((((((( Reg Loading Points ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\~\Browser Helper Objects\{D0C21091-FF8E-432C-9006-0540E81BA9D7}]
2013-08-14 07:17 321488 ----a-w- c:\users\Bob\AppData\Local\GreatArcadeHits\GreatArcadeHitsIE.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Logitech Vid"="c:\program files (x86)\Logitech\Vid HD\Vid.exe" [2010-10-29 5915480]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Wow6432Node\Microsoft\Windows\CurrentVersion\Run]
"avast"="c:\program files\Alwil Software\Avast5\avastUI.exe" [2013-08-30 4858968]
"APSDaemon"="c:\program files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe" [2013-04-22 59720]
"Adobe ARM"="c:\program files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2013-04-04 958576]
"QuickTime Task"="c:\program files (x86)\QuickTime\QTTask.exe" [2013-05-01 421888]
"iTunesHelper"="c:\program files (x86)\iTunes\iTunesHelper.exe" [2013-09-18 152392]
.
c:\users\Bob\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
OpenOffice.org 3.1.lnk - c:\program files (x86)\OpenOffice.org 3\program\quickstart.exe [2009-8-18 384000]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\AutorunsDisabled\
HP Digital Imaging Monitor.lnk - c:\program files (x86)\HP\Digital Imaging\bin\hpqtra08.exe [2009-5-21 275768]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"ConsentPromptBehaviorAdmin"= 5 (0x5)
"ConsentPromptBehaviorUser"= 3 (0x3)
"EnableUIADesktopToggle"= 0 (0x0)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\windows]
"LoadAppInit_DLLs"=1 (0x1)
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows\currentversion\run-disabled]
"SunJavaUpdateSched"="c:\program files (x86)\Common Files\Java\Java Update\jusched.exe"
.
R2 clr_optimization_v4.0.30319_64;Microsoft .NET Framework NGEN v4.0.30319_X64;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe;c:\windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe [x]
R2 SkypeUpdate;Skype Updater;c:\program files (x86)\Skype\Updater\Updater.exe;c:\program files (x86)\Skype\Updater\Updater.exe [x]
R3 BBSvc;Bing Bar Update Service;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE;c:\program files (x86)\Microsoft\BingBar\BBSvc.EXE [x]
R3 cleanhlp;cleanhlp;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys;c:\program files (x86)\Emsisoft Anti-Malware\cleanhlp64.sys [x]
R3 lvpopf64;Logitech POP Suppression Filter;c:\windows\system32\DRIVERS\lvpopf64.sys;c:\windows\SYSNATIVE\DRIVERS\lvpopf64.sys [x]
R3 LVRS64;Logitech RightSound Filter Driver;c:\windows\system32\DRIVERS\lvrs64.sys;c:\windows\SYSNATIVE\DRIVERS\lvrs64.sys [x]
R3 LVUVC64;Logitech Webcam 250(UVC);c:\windows\system32\DRIVERS\lvuvc64.sys;c:\windows\SYSNATIVE\DRIVERS\lvuvc64.sys [x]
R3 PrintNotify;Printer Extensions and Notifications;c:\windows\system32\svchost.exe;c:\windows\SYSNATIVE\svchost.exe [x]
R3 TsUsbFlt;TsUsbFlt;c:\windows\system32\drivers\tsusbflt.sys;c:\windows\SYSNATIVE\drivers\tsusbflt.sys [x]
R3 USBAAPL64;Apple Mobile USB Driver;c:\windows\system32\Drivers\usbaapl64.sys;c:\windows\SYSNATIVE\Drivers\usbaapl64.sys [x]
R3 WatAdminSvc;Windows Activation Technologies Service;c:\windows\system32\Wat\WatAdminSvc.exe;c:\windows\SYSNATIVE\Wat\WatAdminSvc.exe [x]
R4 MSSQLServerADHelper100;SQL Active Directory Helper Service;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE;c:\program files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE [x]
R4 SQLAgent$XMAP7;SQL Server Agent (XMAP7);c:\program files (x86)\Microsoft SQL Server\MSSQL10.XMAP7\MSSQL\Binn\SQLAGENT.EXE;c:\program files (x86)\Microsoft SQL Server\MSSQL10.XMAP7\MSSQL\Binn\SQLAGENT.EXE [x]
S0 aswKbd;aswKbd; [x]
S0 aswNdis;avast! Firewall NDIS Filter Service;c:\windows\system32\DRIVERS\aswNdis.sys;c:\windows\SYSNATIVE\DRIVERS\aswNdis.sys [x]
S0 aswNdis2;avast! Firewall Core Firewall Service; [x]
S0 aswRvrt;aswRvrt; [x]
S0 aswVmm;aswVmm; [x]
S1 aswFW;avast! TDI Firewall driver; [x]
S1 aswSnx;aswSnx; [x]
S1 aswSP;aswSP; [x]
S2 AMD External Events Utility;AMD External Events Utility;c:\windows\system32\atiesrxx.exe;c:\windows\SYSNATIVE\atiesrxx.exe [x]
S2 aswFsBlk;aswFsBlk; [x]
S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys;c:\windows\SYSNATIVE\drivers\aswMonFlt.sys [x]
S2 avast! Firewall;avast! Firewall;c:\program files\Alwil Software\Avast5\afwServ.exe;c:\program files\Alwil Software\Avast5\afwServ.exe [x]
S2 LVPrcS64;Process Monitor;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe;c:\program files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe [x]
S2 MBAMScheduler;MBAMScheduler;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe [x]
S2 MBAMService;MBAMService;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe;c:\program files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe [x]
S2 MSSQL$XMAP7;SQL Server (XMAP7);c:\program files (x86)\Microsoft SQL Server\MSSQL10.XMAP7\MSSQL\Binn\sqlservr.exe;c:\program files (x86)\Microsoft SQL Server\MSSQL10.XMAP7\MSSQL\Binn\sqlservr.exe [x]
S3 LVPr2M64;Logitech LVPr2M64 Driver;c:\windows\system32\DRIVERS\LVPr2M64.sys;c:\windows\SYSNATIVE\DRIVERS\LVPr2M64.sys [x]
S3 MBAMProtector;MBAMProtector;c:\windows\system32\drivers\mbam.sys;c:\windows\SYSNATIVE\drivers\mbam.sys [x]
S3 RTL8167;Realtek 8167 NT Driver;c:\windows\system32\DRIVERS\Rt64win7.sys;c:\windows\SYSNATIVE\DRIVERS\Rt64win7.sys [x]
S3 VIAHdAudAddService;VIA High Definition Audio Driver Service;c:\windows\system32\drivers\viahduaa.sys;c:\windows\SYSNATIVE\drivers\viahduaa.sys [x]
.
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\windows nt\currentversion\svchost]
hpdevmgmt REG_MULTI_SZ hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{10880D85-AAD9-4558-ABDC-2AB1552D831F}]
2010-08-16 21:43 451872 ----a-w- c:\program files (x86)\Common Files\LightScribe\LSRunOnce.exe
.
[HKEY_LOCAL_MACHINE\software\wow6432node\microsoft\active setup\installed components\{8A69D345-D564-463c-AFF1-A69D9E530F96}]
2013-10-04 18:44 1185744 ----a-w- c:\program files (x86)\Google\Chrome\Application\30.0.1599.69\Installer\chrmstp.exe
.
Contents of the 'Scheduled Tasks' folder
.
2013-10-05 c:\windows\Tasks\Adobe Flash Player Updater.job
- c:\windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2012-04-06 13:42]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:17]
.
2013-10-05 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files (x86)\Google\Update\GoogleUpdate.exe [2010-01-15 23:17]
.
2013-10-05 c:\windows\Tasks\GreatArcadeHits.job
- c:\users\Bob\AppData\Local\GreatArcadeHits\GAHUpdate.exe [2013-08-07 07:17]
.
.
--------- X64 Entries -----------
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2013-08-30 07:47 133840 ----a-w- c:\program files\Alwil Software\Avast5\ashShA64.dll
.
------- Supplementary Scan -------
.
uLocal Page = c:\windows\system32\blank.htm
uStart Page = hxxp://www.google.com
mLocal Page = c:\windows\SysWOW64\blank.htm
uInternet Settings,ProxyOverride = <-loopback>
uInternet Settings,ProxyServer = http=127.0.0.1:60124;https=127.0.0.1:60124
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: E&xport to Microsoft Excel - c:\progra~2\MICROS~2\Office12\EXCEL.EXE/3000
Trusted Zone: intuit.com\ttlc
TCP: DhcpNameServer = 192.168.2.1
FF - ProfilePath - c:\users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\phm5365y.default\
FF - prefs.js: browser.search.selectedEngine - Installl Converter Customized Web Search
FF - prefs.js: browser.startup.homepage - hxxp://search.conduit.com/?UM=2&ctid=CT3299872&SearchSource=13&CUI=UN38310724284265119
FF - prefs.js: keyword.URL - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT3299872&SearchSource=2&CUI=UN38310724284265119&UM=2&q=
FF - prefs.js: network.proxy.type - 4
FF - ExtSQL: 2013-10-04 22:13; {6ec74131-08b2-4f67-a9bc-5914ef1edb97}; c:\users\Bob\AppData\Roaming\Mozilla\Firefox\Profiles\phm5365y.default\extensions\{6ec74131-08b2-4f67-a9bc-5914ef1edb97}
FF - ExtSQL: !HIDDEN! 2010-04-05 14:44; [email protected]; c:\program files (x86)\HP\Digital Imaging\Smart Web Printing\MozillaAddOn3
.
- - - - ORPHANS REMOVED - - - -
.
URLSearchHooks-{09ec805c-cb2e-4d53-b0d3-a75a428b81c7} - (no file)
Toolbar-10 - (no file)
Toolbar-{0134af61-7a0c-4649-aeca-90d776060cb3} - (no file)
Wow6432Node-HKCU-Run-RESTART_STICKY_NOTES - c:\windows\System32\StikyNot.exe
SafeBoot-CleanHlp
SafeBoot-CleanHlp.sys
HKLM_Wow6432Node-ActiveSetup-{2D46B6DC-2207-486B-B523-A557E6D54B47} - start
Toolbar-10 - (no file)
ShellIconOverlayIdentifiers-{FB314ED9-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDA-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDB-A251-47B7-93E1-CDD82E34AF8B} - (no file)
ShellIconOverlayIdentifiers-{FB314EDC-A251-47B7-93E1-CDD82E34AF8B} - (no file)
AddRemove-Adobe Shockwave Player - c:\windows\system32\Adobe\Shockwave 11\uninstaller.exe
.
.
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\system32\\Macromed\\Flash\\FlashUtil64_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="FlashBroker"
"LocalizedString"="@c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe,-101"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\Elevation]
"Enabled"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\LocalServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\FlashUtil32_11_8_800_175_ActiveX.exe"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{73C9DFA0-750D-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Shockwave Flash Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\MiscStatus]
@="0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ProgID]
@="ShockwaveFlash.ShockwaveFlash.11"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB6E-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="ShockwaveFlash.ShockwaveFlash"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}]
@Denied: (A 2) (Everyone)
@="Macromedia Flash Factory Object"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\InprocServer32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx"
"ThreadingModel"="Apartment"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ProgID]
@="FlashFactory.FlashFactory.1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\ToolboxBitmap32]
@="c:\\Windows\\SysWOW64\\Macromed\\Flash\\Flash32_11_8_800_175.ocx, 1"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\TypeLib]
@="{D27CDB6B-AE6D-11cf-96B8-444553540000}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\Version]
@="1.0"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\CLSID\{D27CDB70-AE6D-11cf-96B8-444553540000}\VersionIndependentProgID]
@="FlashFactory.FlashFactory"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}]
@Denied: (A 2) (Everyone)
@="IFlashBroker5"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\ProxyStubClsid32]
@="{00020424-0000-0000-C000-000000000046}"
.
[HKEY_LOCAL_MACHINE\software\Classes\Wow6432Node\Interface\{6AE38AE0-750C-11E1-B0C4-0800200C9A66}\TypeLib]
@="{FAB3E735-69C7-453B-A446-B6823C6DF1C9}"
"Version"="1.0"
.
[HKEY_LOCAL_MACHINE\system\ControlSet001\Control\PCW\Security]
@Denied: (Full) (Everyone)
.
Completion time: 2013-10-04 22:56:10
ComboFix-quarantined-files.txt 2013-10-05 05:56
.
Pre-Run: 343,056,830,464 bytes free
Post-Run: 343,267,287,040 bytes free
.
- - End Of File - - 3FF6632D12BE89362A4B7FDA366BB781
A36C5E4F47E84449FF07ED3517B43A31
 
John - Finally got HighjackThis loaded.

When I ran it, an error message box showed up, which told me to go to:
wordpad c:\windows\system32\drivers\etc\hosts, and look for files with 'highjackthis' in any lines and delete them.

When I looked at the file, this is what popped up:

#623
127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups
127.0.0.1 ads.icksor.com # hosts anti-adware / pups
127.0.0.1 ads.regiedepub.com # hosts anti-adware / pups
127.0.0.1 ads.sucomspot.com # hosts anti-adware / pups
127.0.0.1 ads.tersecta.com # hosts anti-adware / pups
127.0.0.1 a.dungtank.com # hosts anti-adware / pups
127.0.0.1 adwcleaner.programmesetjeux.com # hosts anti-adware / pups
127.0.0.1 adwcleaner.telecharger.toggle.com # hosts anti-adware / pups
127.0.0.1 aff.foxtab.com # hosts anti-adware / pups
127.0.0.1 affilibot.eu # hosts anti-adware / pups
127.0.0.1 agence-exusive.com # hosts anti-adware / pups
127.0.0.1 a.juiceknowledge.com # hosts anti-adware / pups
127.0.0.1 ak.imgfa.com # hosts anti-adware / pups
127.0.0.1 ak.imgfarm.com # hosts anti-adware / pups
127.0.0.1 antivirusgratuit.vg # hosts anti-adware / pups
127.0.0.1 antivirus.nouvee-version.net # hosts anti-adware / pups
127.0.0.1 api.downloadmr.com # hosts anti-adware / pups
127.0.0.1 api.ibario.com # hosts anti-adware / pups
127.0.0.1 api.yontoo.com # hosts anti-adware / pups
127.0.0.1 apnmedia.ask.com # hosts anti-adware / pups
127.0.0.1 app.elegantupdate.net # hosts anti-adware / pups
127.0.0.1 app.installdistribution.net # hosts anti-adware / pups
127.0.0.1 application-error.net # hosts anti-adware / pups
127.0.0.1 app.localxpath.net # hosts anti-adware / pups
127.0.0.1 app.media-app.com # hosts anti-adware / pups
127.0.0.1 app.offerbox.com # hosts anti-adware / pups
127.0.0.1 app.softimizer.com # hosts anti-adware / pups
127.0.0.1 app.wideseam6.com # hosts anti-adware / pups
127.0.0.1 argentastuce.com # hosts anti-adware / pups
127.0.0.1 argent-avail-domicile.fr # hosts anti-adware / pups
127.0.0.1 argent-domicile.eu # hosts anti-adware / pups
127.0.0.1 argent-vital.com # hosts anti-adware / pups
127.0.0.1 atelecharger.info # hosts anti-adware / pups
127.0.0.1 avaaffic.com # hosts anti-adware / pups
127.0.0.1 availchezsoi.onlc.fr # hosts anti-adware / pups
127.0.0.1 bfd34af056e54c8abcb9dd50862f0b9b.integration.download.conduit-services.com # hosts anti-adware / pups
127.0.0.1 b.juiceknowledge.com # hosts anti-adware / pups
127.0.0.1 blog.upoharbd.com # hosts anti-adware / pups
127.0.0.1 boolu.springjapan.info # hosts anti-adware / pups
127.0.0.1 boostersonpc.com # hosts anti-adware / pups
127.0.0.1 buzz-france.info # hosts anti-adware / pups
127.0.0.1 cache-download.real.com # hosts anti-adware / pups
127.0.0.1 caefourinternet.com # hosts anti-adware / pups
127.0.0.1 cash-avalanches.com # hosts anti-adware / pups
127.0.0.1 cash-methodes.be # hosts anti-adware / pups
127.0.0.1 cash-professor.com # hosts anti-adware / pups
127.0.0.1 casinoonlinecash.org # hosts anti-adware / pups
127.0.0.1 cdn1.outbrowse.com # hosts anti-adware / pups
127.0.0.1 cdn2.otherdownload.com # hosts anti-adware / pups
127.0.0.1 cdn2.recentdownload.com # hosts anti-adware / pups
127.0.0.1 cdn3.otherdownload.com # hosts anti-adware / pups
127.0.0.1 cdn.appround.biz # hosts anti-adware / pups
127.0.0.1 cdn.bigspeedpro.com # hosts anti-adware / pups
127.0.0.1 cdn.bispd.com # hosts anti-adware / pups
127.0.0.1 cdn.bisrv.com # hosts anti-adware / pups
127.0.0.1 cdn.cdndp.com # hosts anti-adware / pups
127.0.0.1 cdn.download.sweetpacks.com # hosts anti-adware / pups
127.0.0.1 cdneu.bestflvplayer.net # hosts anti-adware / pups
127.0.0.1 cdneu.coolflvplayer.com # hosts anti-adware / pups
127.0.0.1 cdneu.coolvideoconverter.com # hosts anti-adware / pups
127.0.0.1 cdneu.driverpackcdn.com # hosts anti-adware / pups
127.0.0.1 cdneu.friedcookiescdn.com # hosts anti-adware / pups
127.0.0.1 cdneu.onedownloadspot.com # hosts anti-adware / pups
127.0.0.1 cdneu.telechargercdn.com # hosts anti-adware / pups
127.0.0.1 cdn.goateastcach.us # hosts anti-adware / pups
127.0.0.1 cdn.guttastatdk.us # hosts anti-adware / pups
127.0.0.1 cdn.inskinmedia.com # hosts anti-adware / pups
127.0.0.1 cdn.insta.oibundles2.com # hosts anti-adware / pups
127.0.0.1 cdn.insta.playbryte.com # hosts anti-adware / pups
127.0.0.1 cdn.llogetfastcach.us # hosts anti-adware / pups
127.0.0.1 cdn.montiera.com # hosts anti-adware / pups
127.0.0.1 cdn.msdwnld.com # hosts anti-adware / pups
127.0.0.1 cdn.ppdownload.com # hosts anti-adware / pups
127.0.0.1 cdn.riceateastcach.us # hosts anti-adware / pups
127.0.0.1 cdn.shyapotato.us # hosts anti-adware / pups
127.0.0.1 cdn.solimba.com # hosts anti-adware / pups
127.0.0.1 cdn.tuto4pc.com # hosts anti-adware / pups
127.0.0.1 cdnus.bestflvplayer.net # hosts anti-adware / pups
127.0.0.1 cdnus.coolflvplayer.com # hosts anti-adware / pups
127.0.0.1 cdnus.coolvideoconverter.com # hosts anti-adware / pups
127.0.0.1 cdnus.driverpackcdn.com # hosts anti-adware / pups
127.0.0.1 cdnus.extrimdownloadmanager.com # hosts anti-adware / pups
127.0.0.1 cdnus.ironcdn.com # hosts anti-adware / pups
127.0.0.1 cdnus.onedownloadspot.com # hosts anti-adware / pups
127.0.0.1 cdnus.telechargercdn.com # hosts anti-adware / pups
127.0.0.1 cdn.visualbee.net # hosts anti-adware / pups
127.0.0.1 c.download-best-softwares.com # hosts anti-adware / pups
127.0.0.1 cen.incredibar.com # hosts anti-adware / pups
127.0.0.1 cf1.vuze.com # hosts anti-adware / pups
127.0.0.1 cia.mediahubaffiliates.biz # hosts anti-adware / pups
127.0.0.1 clubcasino.biz # hosts anti-adware / pups
127.0.0.1 c-mediaplayer-2010.com # hosts anti-adware / pups
127.0.0.1 cms.distributionengine.conduit-services.com # hosts anti-adware / pups
127.0.0.1 coachforlife.info # hosts anti-adware / pups
127.0.0.1 commeneussir.com # hosts anti-adware / pups
127.0.0.1 comment-gagner-argent-internet.fr # hosts anti-adware / pups
127.0.0.1 content.sweetim.com # hosts anti-adware / pups
127.0.0.1 counter.d.adapd.com # hosts anti-adware / pups
127.0.0.1 cpadominator.com # hosts anti-adware / pups
127.0.0.1 cpafixadvertiser.info # hosts anti-adware / pups
127.0.0.1 cp.tuguu.com # hosts anti-adware / pups
127.0.0.1 crazyspandacasino.com # hosts anti-adware / pups
127.0.0.1 create-ringtones.com # hosts anti-adware / pups
127.0.0.1 cs.adxpansion.com # hosts anti-adware / pups
127.0.0.1 d11ftuwdwpx4fl.cloudfront.net # hosts anti-adware / pups
127.0.0.1 d1m9ge5vns34so.oudfront.net # hosts anti-adware / pups
127.0.0.1 d1w467en2eqqh2.oudfront.net # hosts anti-adware / pups
127.0.0.1 d2qsma9t6l5kt7.oudfront.net # hosts anti-adware / pups
127.0.0.1 d30p0quhwpvm.cloudfront.net # hosts anti-adware / pups
127.0.0.1 d61.newplaysite.com # hosts anti-adware / pups
127.0.0.1 d62.newplaysite.com # hosts anti-adware / pups
127.0.0.1 d63.newplaysite.com # hosts anti-adware / pups
127.0.0.1 d64.newplaysite.com # hosts anti-adware / pups
127.0.0.1 d71.newplaysite.com # hosts anti-adware / pups
127.0.0.1 d74.newplaysite.com # hosts anti-adware / pups
127.0.0.1 d.adapd.com # hosts anti-adware / pups
127.0.0.1 data.downloadstaer.net # hosts anti-adware / pups
127.0.0.1 data.oa-software.com # hosts anti-adware / pups
127.0.0.1 datefks.info # hosts anti-adware / pups
127.0.0.1 db.nordicx.net # hosts anti-adware / pups
127.0.0.1 db.prepay-africa.com # hosts anti-adware / pups
127.0.0.1 dde.integration.storage.conduit-services.com # hosts anti-adware / pups
127.0.0.1 dec.pcvideosfreedownload.com # hosts anti-adware / pups
127.0.0.1 delivery.afficbroker.com # hosts anti-adware / pups
127.0.0.1 delta.goforfiles.com # hosts anti-adware / pups
127.0.0.1 depanne-pc.com # hosts anti-adware / pups
127.0.0.1 depanne-pc.info # hosts anti-adware / pups
127.0.0.1 dfc.mediaformatconverter.com # hosts anti-adware / pups
127.0.0.1 d.freevideosfordownload.com # hosts anti-adware / pups
127.0.0.1 dfr.eorezo.com # hosts anti-adware / pups
127.0.0.1 dgc.freemediavideoconverter.com # hosts anti-adware / pups
127.0.0.1 dhc.freewindowsmediaconverter.com # hosts anti-adware / pups
127.0.0.1 direct.excellerater.com # hosts anti-adware / pups
127.0.0.1 dl01.socdn.com # hosts anti-adware / pups
127.0.0.1 dl6.iq7download.com # hosts anti-adware / pups
127.0.0.1 dl.babylon.com # hosts anti-adware / pups
127.0.0.1 dl.cdn-services.com # hosts anti-adware / pups
127.0.0.1 dl.elex.soft365.com # hosts anti-adware / pups
127.0.0.1 dl.flvplayer123.com # hosts anti-adware / pups
127.0.0.1 dlfr.tuto4pc.com # hosts anti-adware / pups
127.0.0.1 dl.instaiq.com # hosts anti-adware / pups
127.0.0.1 dlmanager.net # hosts anti-adware / pups
127.0.0.1 dlp.downloadyourplayer.com # hosts anti-adware / pups
127.0.0.1 dlp.latestplayerplugin.com # hosts anti-adware / pups
127.0.0.1 dl-plugin.com # hosts anti-adware / pups
127.0.0.1 dlp.ooopsvideo.com # hosts anti-adware / pups
127.0.0.1 dlp.totalvideoplugin.com # hosts anti-adware / pups
127.0.0.1 dls.nicdls.com # hosts anti-adware / pups
127.0.0.1 dl.softservers.net # hosts anti-adware / pups
127.0.0.1 dls.softgratuit.com # hosts anti-adware / pups
127.0.0.1 dls.softlate.com # hosts anti-adware / pups
127.0.0.1 dl.v2.domaiq.com # hosts anti-adware / pups
127.0.0.1 dn.download-manage.com # hosts anti-adware / pups
127.0.0.1 dnld.instacore.com # hosts anti-adware / pups
127.0.0.1 domaiq.com # hosts anti-adware / pups
127.0.0.1 down1oads.com # hosts anti-adware / pups
127.0.0.1 downlesoft.com # hosts anti-adware / pups
127.0.0.1 download2.us # hosts anti-adware / pups
127.0.0.1 download366.net # hosts anti-adware / pups
127.0.0.1 download.cdn013.com # hosts anti-adware / pups
127.0.0.1 downloadcdn.beerinstaller.com # hosts anti-adware / pups
127.0.0.1 downloadcdn.betterinstaller.com # hosts anti-adware / pups
127.0.0.1 downloadcdn.filebulldog.com # hosts anti-adware / pups
127.0.0.1 download.cdn.ftalk.com # hosts anti-adware / pups
127.0.0.1 download.cdn.imesh.com # hosts anti-adware / pups
127.0.0.1 download.cdn.koyotesoft.com # hosts anti-adware / pups
127.0.0.1 download.cdnperformance.info # hosts anti-adware / pups
127.0.0.1 download.cdn.torchbrowser.com # hosts anti-adware / pups
127.0.0.1 do-wn-lo-ad.com # hosts anti-adware / pups
127.0.0.1 downloader.downloadinfo.co # hosts anti-adware / pups
127.0.0.1 download.fr.filewin.com # hosts anti-adware / pups
127.0.0.1 download.fuzezip.com # hosts anti-adware / pups
127.0.0.1 download.ilivid.com # hosts anti-adware / pups
127.0.0.1 download.imesh.com # hosts anti-adware / pups
127.0.0.1 downloadinfo.co # hosts anti-adware / pups
127.0.0.1 download.instabrain.com # hosts anti-adware / pups
127.0.0.1 download.ircfast.com # hosts anti-adware / pups
127.0.0.1 download.jzip.com # hosts anti-adware / pups
127.0.0.1 download.lollipop-network.com # hosts anti-adware / pups
127.0.0.1 downloadsecurise.com # hosts anti-adware / pups
127.0.0.1 downloads.getsoftfree.com # hosts anti-adware / pups
127.0.0.1 download.shoptowin.net # hosts anti-adware / pups
127.0.0.1 downloads.malavida.net # hosts anti-adware / pups
127.0.0.1 downloadsoftfr.com # hosts anti-adware / pups
127.0.0.1 download.softiglu.com # hosts anti-adware / pups
127.0.0.1 download.telechargers.net # hosts anti-adware / pups
127.0.0.1 download.televisionfanatic.com # hosts anti-adware / pups
127.0.0.1 download.toggle.com # hosts anti-adware / pups
127.0.0.1 download.wajam.com # hosts anti-adware / pups
127.0.0.1 download.winds10.com # hosts anti-adware / pups
127.0.0.1 driverutilities.com # hosts anti-adware / pups
127.0.0.1 dt3j8jg8ei6zr.oudfront.net # hosts anti-adware / pups
127.0.0.1 dtrack.secdls.com # hosts anti-adware / pups
127.0.0.1 enigmasoftware.com # hosts anti-adware / pups
127.0.0.1 eorezo.com # hosts anti-adware / pups
127.0.0.1 ero-odnoklassniki.info # hosts anti-adware / pups
127.0.0.1 eu.paydaycashloanadvancea2478.com # hosts anti-adware / pups
127.0.0.1 explorer-2010.com # hosts anti-adware / pups
127.0.0.1 facebookmotdepasse.blogspot.fr # hosts anti-adware / pups
127.0.0.1 facebook-piraters.blogspot.fr # hosts anti-adware / pups
127.0.0.1 facenouf.com # hosts anti-adware / pups
127.0.0.1 ff.conduit-download.com # hosts anti-adware / pups
127.0.0.1 fichier1.easycommander.com # hosts anti-adware / pups
127.0.0.1 file-exactor.com # hosts anti-adware / pups
127.0.0.1 files123321.uk.to # hosts anti-adware / pups
127.0.0.1 files.download1ick.ws # hosts anti-adware / pups
127.0.0.1 files.iranapps.com # hosts anti-adware / pups
127.0.0.1 files.vaultnoir.com # hosts anti-adware / pups
127.0.0.1 find2download.fr # hosts anti-adware / pups
127.0.0.1 flexweb.getyoursoft.com # hosts anti-adware / pups
127.0.0.1 flvmplayer.com # hosts anti-adware / pups
127.0.0.1 flvmplayer.s3-website-us-east-1.amazonaws.com # hosts anti-adware / pups
127.0.0.1 fmccijsu.changeip.org # hosts anti-adware / pups
127.0.0.1 francais.babylon.com # hosts anti-adware / pups
127.0.0.1 fr.ask.com # hosts anti-adware / pups
127.0.0.1 freeaddons.free.fr # hosts anti-adware / pups
127.0.0.1 freecompressor.com # hosts anti-adware / pups
127.0.0.1 french.ircfast.com # hosts anti-adware / pups
127.0.0.1 fr.excite.eu # hosts anti-adware / pups
127.0.0.1 fr.iminent.com # hosts anti-adware / pups
127.0.0.1 fr.malavida.com # hosts anti-adware / pups
127.0.0.1 fr.phreat.com # hosts anti-adware / pups
127.0.0.1 fr.smeet.com # hosts anti-adware / pups
127.0.0.1 fr.winds10.com # hosts anti-adware / pups
127.0.0.1 ftp2solls.org # hosts anti-adware / pups
127.0.0.1 functionjs.com # hosts anti-adware / pups
127.0.0.1 fupackcodecs.com # hosts anti-adware / pups
127.0.0.1 fupackvista.com # hosts anti-adware / pups
127.0.0.1 gagner-argent.blog4ever.com # hosts anti-adware / pups
127.0.0.1 gagnerargent.blog4ever.com # hosts anti-adware / pups
127.0.0.1 gagner-argent-domicile.be # hosts anti-adware / pups
127.0.0.1 gagnerargentnet.canalblog.com # hosts anti-adware / pups
127.0.0.1 gagner-de-l-argent-facile.net # hosts anti-adware / pups
127.0.0.1 gagner-de-l-argent.org # hosts anti-adware / pups
127.0.0.1 gagner-du-temps.eu # hosts anti-adware / pups
127.0.0.1 gagner-facile.net # hosts anti-adware / pups
127.0.0.1 gagner-rapidemen.ifrance.com # hosts anti-adware / pups
127.0.0.1 gagner-rapidement.ifrance.com # hosts anti-adware / pups
127.0.0.1 gains-complementaires.com # hosts anti-adware / pups
127.0.0.1 gamepoluss.eu # hosts anti-adware / pups
127.0.0.1 gapokga.com # hosts anti-adware / pups
127.0.0.1 gask.samo-project.com # hosts anti-adware / pups
127.0.0.1 getfreemediaonline.com # hosts anti-adware / pups
127.0.0.1 gimp.soft32.fr # hosts anti-adware / pups
127.0.0.1 ginyas.com # hosts anti-adware / pups
127.0.0.1 gogo20.cusi.fr # hosts anti-adware / pups
127.0.0.1 go.goforfiles.com # hosts anti-adware / pups
127.0.0.1 gooofu.com # hosts anti-adware / pups
127.0.0.1 go.tvnoop.com # hosts anti-adware / pups
127.0.0.1 greattubeporn.com # hosts anti-adware / pups
127.0.0.1 hpm.tbm-ntwk.com # hosts anti-adware / pups
127.0.0.1 icargent.com # hosts anti-adware / pups
127.0.0.1 ic.illyx.com # hosts anti-adware / pups
127.0.0.1 ie.conduit-download.com # hosts anti-adware / pups
127.0.0.1 ie.dealply.com # hosts anti-adware / pups
127.0.0.1 imesh.com # hosts anti-adware / pups
127.0.0.1 img.planetsappho.net # hosts anti-adware / pups
127.0.0.1 insta.iminent.com # hosts anti-adware / pups
127.0.0.1 installer.betterinstaller.com # hosts anti-adware / pups
127.0.0.1 installer.filebulldog.com # hosts anti-adware / pups
127.0.0.1 installertechcontent.com # hosts anti-adware / pups
127.0.0.1 install.outbrowse.com # hosts anti-adware / pups
127.0.0.1 installs.peepsrv.com # hosts anti-adware / pups
127.0.0.1 insta.optimum-installer.com # hosts anti-adware / pups
127.0.0.1 insta.optimuminstaller.com # hosts anti-adware / pups
127.0.0.1 institut-dulac.com # hosts anti-adware / pups
127.0.0.1 interdescargas.com # hosts anti-adware / pups
127.0.0.1 i.vertitechnologygroup.com # hosts anti-adware / pups
127.0.0.1 jdownloader.org # hosts anti-adware / pups
127.0.0.1 jeboost.com # hosts anti-adware / pups
127.0.0.1 jlyxe.changeip.name # hosts anti-adware / pups
127.0.0.1 landing.etype.com # hosts anti-adware / pups
127.0.0.1 la.playerflv.com # hosts anti-adware / pups
127.0.0.1 lcstatx.dallasdroidapps.com # hosts anti-adware / pups
127.0.0.1 lestutoriels-enarchives.com # hosts anti-adware / pups
127.0.0.1 lesvirus.fr # hosts anti-adware / pups
127.0.0.1 linkfixerplus.com # hosts anti-adware / pups
127.0.0.1 live-casino-online.org # hosts anti-adware / pups
127.0.0.1 load.keygendb.net # hosts anti-adware / pups
127.0.0.1 load.scanscout.com # hosts anti-adware / pups
127.0.0.1 lp.ick2saveapp.com # hosts anti-adware / pups
127.0.0.1 lp.ilivid.com # hosts anti-adware / pups
127.0.0.1 lp.imesh.com # hosts anti-adware / pups
127.0.0.1 lproot.soft365.com # hosts anti-adware / pups
127.0.0.1 lp.sweetim.com # hosts anti-adware / pups
127.0.0.1 lp.torchbrowser.com # hosts anti-adware / pups
127.0.0.1 media-app.com # hosts anti-adware / pups
127.0.0.1 media.comesvita.com.es # hosts anti-adware / pups
127.0.0.1 mediaplayer-codecpack.com # hosts anti-adware / pups
127.0.0.1 media-player-helper.com # hosts anti-adware / pups
127.0.0.1 media.pussycash.com # hosts anti-adware / pups
127.0.0.1 messenger.descargar.es # hosts anti-adware / pups
127.0.0.1 methode-cash.com # hosts anti-adware / pups
127.0.0.1 methodegagnante.com # hosts anti-adware / pups
127.0.0.1 mfd.malavida.com # hosts anti-adware / pups
127.0.0.1 mflashplayer.com # hosts anti-adware / pups
127.0.0.1 milfs****.com # hosts anti-adware / pups
127.0.0.1 mires.eorezo.com # hosts anti-adware / pups
127.0.0.1 mirfr.eorezo.com # hosts anti-adware / pups
127.0.0.1 mn.babcdn.com # hosts anti-adware / pups
127.0.0.1 mntr.babcdn.com # hosts anti-adware / pups
127.0.0.1 new-2011.net # hosts anti-adware / pups
127.0.0.1 new-2012.net # hosts anti-adware / pups
127.0.0.1 new-windows7.com # hosts anti-adware / pups
127.0.0.1 offers.avazuscd.net # hosts anti-adware / pups
127.0.0.1 offre-surprise.com # hosts anti-adware / pups
127.0.0.1 onedownloadspot.com # hosts anti-adware / pups
127.0.0.1 os.coolvideoconverter.com # hosts anti-adware / pups
127.0.0.1 pageerror-download.com # hosts anti-adware / pups
127.0.0.1 pcpitstop.com # hosts anti-adware / pups
127.0.0.1 pctuto.com # hosts anti-adware / pups
127.0.0.1 planetedata.free.fr # hosts anti-adware / pups
127.0.0.1 protectorlb-1556088852.us-east-1.elb.amazonaws.com # hosts anti-adware / pups
127.0.0.1 pu.plugrush.com # hosts anti-adware / pups
127.0.0.1 qiweol.info # hosts anti-adware / pups
127.0.0.1 qoqoz.com # hosts anti-adware / pups
127.0.0.1 quad-anti-spyware.com # hosts anti-adware / pups
127.0.0.1 quad-eaner.com # hosts anti-adware / pups
127.0.0.1 qwe.goforfiles.com # hosts anti-adware / pups
127.0.0.1 regisybooster2010.fr # hosts anti-adware / pups
127.0.0.1 regisyonwindows.com # hosts anti-adware / pups
127.0.0.1 regisywinner.com # hosts anti-adware / pups
127.0.0.1 repair-my-pc.info # hosts anti-adware / pups
127.0.0.1 repair-pc-eors.info # hosts anti-adware / pups
127.0.0.1 repare-internet-explorer.com # hosts anti-adware / pups
127.0.0.1 reparer-windowsvista.com # hosts anti-adware / pups
127.0.0.1 reparer-windowsxp.com # hosts anti-adware / pups
127.0.0.1 reparez-internet-explorer.com # hosts anti-adware / pups
127.0.0.1 reparez-windows.com # hosts anti-adware / pups
127.0.0.1 reparez-windows.info # hosts anti-adware / pups
127.0.0.1 reparez-windows-vista.com # hosts anti-adware / pups
127.0.0.1 reparez-windows-xp.com # hosts anti-adware / pups
127.0.0.1 reussiteaffiliation.com # hosts anti-adware / pups
127.0.0.1 ron.protectorwide.asia # hosts anti-adware / pups
127.0.0.1 rpc.hitexchangeserver.com # hosts anti-adware / pups
127.0.0.1 rp.funmoodscdn.com # hosts anti-adware / pups
127.0.0.1 rp.telechargercdn.com # hosts anti-adware / pups
127.0.0.1 scache.regiedepub.com # hosts anti-adware / pups
127.0.0.1 scriptsname.com # hosts anti-adware / pups
127.0.0.1 search.babylon.com # hosts anti-adware / pups
127.0.0.1 searchqu.com # hosts anti-adware / pups
127.0.0.1 secured-download.com # hosts anti-adware / pups
127.0.0.1 securelinkdownload.com # hosts anti-adware / pups
127.0.0.1 securisedownload.com # hosts anti-adware / pups
127.0.0.1 service.getwebcake.com # hosts anti-adware / pups
127.0.0.1 servicemap.conduit-services.com # hosts anti-adware / pups
127.0.0.1 service.yontoo.com # hosts anti-adware / pups
127.0.0.1 setup2.iminent.com # hosts anti-adware / pups
127.0.0.1 skype.telecharger-france.com # hosts anti-adware / pups
127.0.0.1 soft-2011.com # hosts anti-adware / pups
127.0.0.1 soft2pcfr.com # hosts anti-adware / pups
127.0.0.1 soft4click.com # hosts anti-adware / pups
127.0.0.1 soft.foxtab.com # hosts anti-adware / pups
127.0.0.1 softgratuit.com # hosts anti-adware / pups
127.0.0.1 softigloo.com # hosts anti-adware / pups
127.0.0.1 softingo.com # hosts anti-adware / pups
127.0.0.1 softmor.org # hosts anti-adware / pups
127.0.0.1 softs.illyx.com # hosts anti-adware / pups
127.0.0.1 soft.tc # hosts anti-adware / pups
127.0.0.1 soft.telecharger.com # hosts anti-adware / pups
127.0.0.1 software.cdn012.com # hosts anti-adware / pups
127.0.0.1 software.cdnredire01.info # hosts anti-adware / pups
127.0.0.1 softwareprovisioning.com # hosts anti-adware / pups
127.0.0.1 softwares.the-ad.net # hosts anti-adware / pups
127.0.0.1 software.the-ad.net # hosts anti-adware / pups
127.0.0.1 solutionsmiions.com # hosts anti-adware / pups
127.0.0.1 sondages-remuneres.net # hosts anti-adware / pups
127.0.0.1 spamfighter.com # hosts anti-adware / pups
127.0.0.1 speedmaxpc.com # hosts anti-adware / pups
127.0.0.1 spoau.com # hosts anti-adware / pups
127.0.0.1 spybotseah-full.info # hosts anti-adware / pups
127.0.0.1 spynomore.com # hosts anti-adware / pups
127.0.0.1 spywareremove.com # hosts anti-adware / pups
127.0.0.1 static.bicdn.com # hosts anti-adware / pups
127.0.0.1 staticrr.newdownloadls.com # hosts anti-adware / pups
127.0.0.1 static.v2.madodls.com # hosts anti-adware / pups
127.0.0.1 step.yourfiledownloader.com # hosts anti-adware / pups
127.0.0.1 storage.conduit.com # hosts anti-adware / pups
127.0.0.1 stp.babylon.com # hosts anti-adware / pups
127.0.0.1 stream-actu.com # hosts anti-adware / pups
127.0.0.1 streaming-direct.tv # hosts anti-adware / pups
127.0.0.1 streaming-vlc.com # hosts anti-adware / pups
127.0.0.1 suesliberte.net # hosts anti-adware / pups
127.0.0.1 supprimer-spyware.com # hosts anti-adware / pups
127.0.0.1 s.xingcloud.com # hosts anti-adware / pups
127.0.0.1 telecharger-0.driverutilities.com # hosts anti-adware / pups
127.0.0.1 telecharger-2012.com # hosts anti-adware / pups
127.0.0.1 telecharger-gratuit.com # hosts anti-adware / pups
127.0.0.1 telecharger.logiciel.net # hosts anti-adware / pups
127.0.0.1 tele-charger.org # hosts anti-adware / pups
127.0.0.1 telecharger.superfiles.com # hosts anti-adware / pups
127.0.0.1 telecharger.toggle.com # hosts anti-adware / pups
127.0.0.1 tools.dpliveupdate.com # hosts anti-adware / pups
127.0.0.1 top-2011.com # hosts anti-adware / pups
127.0.0.1 top-2012.com # hosts anti-adware / pups
127.0.0.1 top-regisy-cleaner.net # hosts anti-adware / pups
127.0.0.1 totaediaconverter-u.com # hosts anti-adware / pups
127.0.0.1 totalmediaconverter-u.com # hosts anti-adware / pups
127.0.0.1 tracking.toroadvertising.com # hosts anti-adware / pups
127.0.0.1 trf33pro.euroclicaelimite.netdna-cdn.com # hosts anti-adware / pups
127.0.0.1 trojan-killer.net # hosts anti-adware / pups
127.0.0.1 ttb.ooopsvideo.com # hosts anti-adware / pups
127.0.0.1 tuto4pc.com # hosts anti-adware / pups
127.0.0.1 tutoriales100.com # hosts anti-adware / pups
127.0.0.1 ude.conduit-data.com # hosts anti-adware / pups
127.0.0.1 uitow.info # hosts anti-adware / pups
127.0.0.1 uniblue.com # hosts anti-adware / pups
127.0.0.1 universal-downloader.en.softonic.com # hosts anti-adware / pups
127.0.0.1 universal-downloader.softonic.fr # hosts anti-adware / pups
127.0.0.1 up.lollipop-network.com # hosts anti-adware / pups
127.0.0.1 up.soft365.com # hosts anti-adware / pups
127.0.0.1 usage.toolbar.conduit-services.com # hosts anti-adware / pups
127.0.0.1 utils.babylon.com # hosts anti-adware / pups
127.0.0.1 utorrent.portalux.com # hosts anti-adware / pups
127.0.0.1 uwjem.info # hosts anti-adware / pups
127.0.0.1 v3.emicam.net # hosts anti-adware / pups
127.0.0.1 viccpm03.victoryproads.com # hosts anti-adware / pups
127.0.0.1 viccpm08.victoryproads.com # hosts anti-adware / pups
127.0.0.1 vipm03.victoryproads.com # hosts anti-adware / pups
127.0.0.1 vipm08.victoryproads.com # hosts anti-adware / pups
127.0.0.1 virusremovalhelpcenter.blogspot.com # hosts anti-adware / pups
127.0.0.1 vlc.load4free.net # hosts anti-adware / pups
127.0.0.1 voe-travail-a-domicile.com # hosts anti-adware / pups
127.0.0.1 vos-revenus-sur-internet.com # hosts anti-adware / pups
127.0.0.1 vsharetv.ouoolbar.com # hosts anti-adware / pups
127.0.0.1 vube.com # hosts anti-adware / pups
127.0.0.1 vzapp.iminent.com # hosts anti-adware / pups
127.0.0.1 want.suck-my-candy.com # hosts anti-adware / pups
127.0.0.1 webplayerddl.com # hosts anti-adware / pups
127.0.0.1 webplayer.tv # hosts anti-adware / pups
127.0.0.1 winskeat.fr # hosts anti-adware / pups
127.0.0.1 winzip-fu.net # hosts anti-adware / pups
127.0.0.1 wiseconvert15.greattoolbars.com # hosts anti-adware / pups
127.0.0.1 wiseconvert.com # hosts anti-adware / pups
127.0.0.1 ww.anti-spyware-101.com # hosts anti-adware / pups
127.0.0.1 www.01-telecharger.com # hosts anti-adware / pups
127.0.0.1 www.123mplayer.com # hosts anti-adware / pups
127.0.0.1 www.2012-plus.org # hosts anti-adware / pups
127.0.0.1 www.2607.cn # hosts anti-adware / pups
127.0.0.1 www2l.incredimail.com # hosts anti-adware / pups
127.0.0.1 www.2-removevirus.com # hosts anti-adware / pups
127.0.0.1 www.2-spyware.com # hosts anti-adware / pups
127.0.0.1 www.2-viruses.com # hosts anti-adware / pups
127.0.0.1 www3l.incredimail.com # hosts anti-adware / pups
127.0.0.1 www.411-spyware.com # hosts anti-adware / pups
127.0.0.1 www4l.incredimail.com # hosts anti-adware / pups
127.0.0.1 www5l.incredimail.com # hosts anti-adware / pups
127.0.0.1 www.77zip.com # hosts anti-adware / pups
127.0.0.1 www.ackinn.com # hosts anti-adware / pups
127.0.0.1 www.acksguru.com # hosts anti-adware / pups
127.0.0.1 www.affiliation-france.com # hosts anti-adware / pups
127.0.0.1 www.affpx.com # hosts anti-adware / pups
127.0.0.1 www.agence-exusive.com # hosts anti-adware / pups
127.0.0.1 www.americanpendulum.com # hosts anti-adware / pups
127.0.0.1 www.amoninst.com # hosts anti-adware / pups
127.0.0.1 www.anti-spyware-101.com # hosts anti-adware / pups
127.0.0.1 www.appround.biz # hosts anti-adware / pups
127.0.0.1 www.appround.net # hosts anti-adware / pups
127.0.0.1 www.asoftwareplus.com # hosts anti-adware / pups
127.0.0.1 www.assure-le.com # hosts anti-adware / pups
127.0.0.1 www.babylon.com # hosts anti-adware / pups
127.0.0.1 www.bestnewzipmy.info # hosts anti-adware / pups
127.0.0.1 www.bigspeedpro.com # hosts anti-adware / pups
127.0.0.1 www.bioartmed.com # hosts anti-adware / pups
127.0.0.1 www.bit-mania.com # hosts anti-adware / pups
127.0.0.1 www.blupapps.com # hosts anti-adware / pups
127.0.0.1 www.boxore.com # hosts anti-adware / pups
127.0.0.1 www.cloud4widget.com # hosts anti-adware / pups
127.0.0.1 www.contrejour.ie # hosts anti-adware / pups
127.0.0.1 www.cool-applications.com # hosts anti-adware / pups
127.0.0.1 www.coolzipextractorapp.com # hosts anti-adware / pups
127.0.0.1 www.coupon-miner.com # hosts anti-adware / pups
127.0.0.1 www.createstockdoingzero.biz # hosts anti-adware / pups
127.0.0.1 www.cyberfitex.com # hosts anti-adware / pups
127.0.0.1 www.deletevirus.net # hosts anti-adware / pups
127.0.0.1 www.direct-telecharger.com # hosts anti-adware / pups
127.0.0.1 www.dlsafebrowse.com # hosts anti-adware / pups
127.0.0.1 www.downlesoft.com # hosts anti-adware / pups
127.0.0.1 www.download-best-softwares.com # hosts anti-adware / pups
127.0.0.1 www.download-free.com # hosts anti-adware / pups
127.0.0.1 www.downloadsoftfr.com # hosts anti-adware / pups
127.0.0.1 www.downxsoft.com # hosts anti-adware / pups
127.0.0.1 www.duuqu.com # hosts anti-adware / pups
127.0.0.1 www.dynamicmonetizer.com # hosts anti-adware / pups
127.0.0.1 www.eanallvirus.com # hosts anti-adware / pups
127.0.0.1 www.easycuisinevideo.com # hosts anti-adware / pups
127.0.0.1 www.easy-money-making-idea.info # hosts anti-adware / pups
127.0.0.1 www.e-downloader.net # hosts anti-adware / pups
127.0.0.1 www.enigmasoftware.com # hosts anti-adware / pups
127.0.0.1 www.eorezo.com # hosts anti-adware / pups
127.0.0.1 www.extrimdownloadmanager.com # hosts anti-adware / pups
127.0.0.1 www.fasterpleanclean.com # hosts anti-adware / pups
127.0.0.1 www.flash-player-france.com # hosts anti-adware / pups
127.0.0.1 www.freemake.com # hosts anti-adware / pups
127.0.0.1 www.freemalwarecheck.com # hosts anti-adware / pups
127.0.0.1 www.frflashplayer.com # hosts anti-adware / pups
127.0.0.1 www.getyourplayer.com # hosts anti-adware / pups
127.0.0.1 www.getyoursoft.com # hosts anti-adware / pups
127.0.0.1 www.goplayer.cc # hosts anti-adware / pups
127.0.0.1 www.gpil.org # hosts anti-adware / pups
127.0.0.1 www.grabatimstat.us # hosts anti-adware / pups
127.0.0.1 www.gratuit-telecharger.com # hosts anti-adware / pups
127.0.0.1 www.greatappsdownload.com # hosts anti-adware / pups
127.0.0.1 www.help-removevirus.com # hosts anti-adware / pups
127.0.0.1 www.ilivid.com # hosts anti-adware / pups
127.0.0.1 www.imagup.com # hosts anti-adware / pups
127.0.0.1 www.intactdownload.com # hosts anti-adware / pups
127.0.0.1 www.keygendb.com # hosts anti-adware / pups
127.0.0.1 www.kgdbase.com # hosts anti-adware / pups
127.0.0.1 www.kiallvirus.com # hosts anti-adware / pups
127.0.0.1 www.koyotesoft.com # hosts anti-adware / pups
127.0.0.1 www.lavideobuzz.com # hosts anti-adware / pups
127.0.0.1 www.livecamsxxxnow.com # hosts anti-adware / pups
127.0.0.1 www.media-app.com # hosts anti-adware / pups
127.0.0.1 www.messengerdusexe.com # hosts anti-adware / pups
127.0.0.1 www.mille-logiciels.com # hosts anti-adware / pups
127.0.0.1 www.my-movie-player.com # hosts anti-adware / pups
127.0.0.1 www.newhtsoft.com # hosts anti-adware / pups
127.0.0.1 www.newzipopenerfun.com # hosts anti-adware / pups
127.0.0.1 www.nouveau-avast.com # hosts anti-adware / pups
127.0.0.1 www.noyapps.com # hosts anti-adware / pups
127.0.0.1 www.ntdlzone.com # hosts anti-adware / pups
127.0.0.1 www.officialvideoconverter.com # hosts anti-adware / pups
127.0.0.1 www.oldmo.org # hosts anti-adware / pups
127.0.0.1 www.onefloorsoft.com # hosts anti-adware / pups
127.0.0.1 www.onlineaway.net # hosts anti-adware / pups
127.0.0.1 www.onlinesafety411.com # hosts anti-adware / pups
127.0.0.1 www.ooopsvideo.com # hosts anti-adware / pups
127.0.0.1 www.openadserving.com # hosts anti-adware / pups
127.0.0.1 www.piraterfacebook.ws # hosts anti-adware / pups
127.0.0.1 www.pisk.com # hosts anti-adware / pups
127.0.0.1 www.playerplus.com # hosts anti-adware / pups
127.0.0.1 www.pornuv.net # hosts anti-adware / pups
127.0.0.1 www.powerpackdl.com # hosts anti-adware / pups
127.0.0.1 www.premiumdownload.org # hosts anti-adware / pups
127.0.0.1 www.proplayersetup.com # hosts anti-adware / pups
127.0.0.1 www.putlocker-downloader.com # hosts anti-adware / pups
127.0.0.1 www.puto.com # hosts anti-adware / pups
127.0.0.1 www.qwtbx.com # hosts anti-adware / pups
127.0.0.1 www.reallycoolapp.com # hosts anti-adware / pups
127.0.0.1 www.realtinypussy.org # hosts anti-adware / pups
127.0.0.1 www.rediremylink.com # hosts anti-adware / pups
127.0.0.1 www.regarder-tv.com # hosts anti-adware / pups
127.0.0.1 www.removeonline.com # hosts anti-adware / pups
127.0.0.1 www.removepcthreat.com # hosts anti-adware / pups
127.0.0.1 www.rescuemybrowser.com # hosts anti-adware / pups
127.0.0.1 www.retrogamer.com # hosts anti-adware / pups
127.0.0.1 www.safebro.com # hosts anti-adware / pups
127.0.0.1 www.sckarteast.us # hosts anti-adware / pups
127.0.0.1 www.securitystronghold.com # hosts anti-adware / pups
127.0.0.1 www.sendfilesapp.com # hosts anti-adware / pups
127.0.0.1 www.silentpornotube.com # hosts anti-adware / pups
127.0.0.1 www.simplyinstaller.com # hosts anti-adware / pups
127.0.0.1 www.skypegratuit.com # hosts anti-adware / pups
127.0.0.1 www.smarterpcsolutions.net # hosts anti-adware / pups
127.0.0.1 www.smuss.net # hosts anti-adware / pups
127.0.0.1 www.softigloo.com # hosts anti-adware / pups
127.0.0.1 www.softologic.com # hosts anti-adware / pups
127.0.0.1 www.softologicsa.com # hosts anti-adware / pups
127.0.0.1 www.softologicsb.com # hosts anti-adware / pups
127.0.0.1 www.softologicsc.com # hosts anti-adware / pups
127.0.0.1 www.softosystem.com # hosts anti-adware / pups
127.0.0.1 www.softpedia.com # hosts anti-adware / pups
127.0.0.1 www.software-files.net # hosts anti-adware / pups
127.0.0.1 www.softwaresbay.com # hosts anti-adware / pups
127.0.0.1 www.speedypc.com # hosts anti-adware / pups
127.0.0.1 www.sps-experten.de # hosts anti-adware / pups
127.0.0.1 www.spywarehelpcenter.com # hosts anti-adware / pups
127.0.0.1 www.spywareremove.com # hosts anti-adware / pups
127.0.0.1 www.spyware-techie.com # hosts anti-adware / pups
127.0.0.1 www.streaminghds.com # hosts anti-adware / pups
127.0.0.1 www.superfish.com # hosts anti-adware / pups
127.0.0.1 www.supprimer-spyware.org # hosts anti-adware / pups
127.0.0.1 www.telecharger-facile.com # hosts anti-adware / pups
127.0.0.1 www.telechargers.net # hosts anti-adware / pups
127.0.0.1 www.thelivetech.com # hosts anti-adware / pups
127.0.0.1 www.thetorrn-tv.net # hosts anti-adware / pups
127.0.0.1 www.toplugs.com # hosts anti-adware / pups
127.0.0.1 www.trackingtc123.com # hosts anti-adware / pups
127.0.0.1 www.tsxnrey.com # hosts anti-adware / pups
127.0.0.1 www.tuto4pc.com # hosts anti-adware / pups
127.0.0.1 www.twonext.com # hosts anti-adware / pups
127.0.0.1 www.uniblue.com # hosts anti-adware / pups
127.0.0.1 www.videoconveertool.net # hosts anti-adware / pups
127.0.0.1 www.videodownloadconverter.com # hosts anti-adware / pups
127.0.0.1 www.videoipa.com # hosts anti-adware / pups
127.0.0.1 www.videoplusmusic.com # hosts anti-adware / pups
127.0.0.1 www.videotender.com # hosts anti-adware / pups
127.0.0.1 www.vioplayer.com # hosts anti-adware / pups
127.0.0.1 www.visualbe.com # hosts anti-adware / pups
127.0.0.1 www.viuagirl.com # hosts anti-adware / pups
127.0.0.1 www.wajam.com # hosts anti-adware / pups
127.0.0.1 www.wiki-security.com # hosts anti-adware / pups
127.0.0.1 www.windownloader24.com # hosts anti-adware / pups
127.0.0.1 www.winload.de # hosts anti-adware / pups
127.0.0.1 www.winpoal.fr # hosts anti-adware / pups
127.0.0.1 www.wisedownloads.com # hosts anti-adware / pups
127.0.0.1 www.wslinx.com # hosts anti-adware / pups
127.0.0.1 www.xlplayer.com # hosts anti-adware / pups
127.0.0.1 www.zilliontoolkitusa.info # hosts anti-adware / pups
127.0.0.1 www.zimbio.com # hosts anti-adware / pups
127.0.0.1 xmlinsp.ddbbvt.eu # hosts anti-adware / pups
127.0.0.1 xmlinstcp.ddbbvt.eu # hosts anti-adware / pups
127.0.0.1 xrstats.com # hosts anti-adware / pups
# Copyright (c) 1993-2009 Microsoft Corp.
#
# This is a sample HOSTS file used by Microsoft TCP/IP for Windows.
#
# This file contains the mappings of IP addresses to host names. Each
# entry should be kept on an individual line. The IP address should
# be placed in the first column followed by the corresponding host name.
# The IP address and the host name should be separated by at least one
# space.
#
# Additionally, comments (such as these) may be inserted on individual
# lines or following the machine name denoted by a '#' symbol.
#
# For example:
#
# 102.54.94.97 rhino.acme.com # source server
# 38.25.63.10 x.acme.com # x client host

# localhost name resolution is handled within DNS itself.
# 127.0.0.1 localhost
# ::1 localhost


Not sure what all this means, but figured you might.

thanks for all your help.
 
First of all, it looks like you ran malwarebytes without having it remove the infections. Can you rerun it and make sure you click on the remove selected button to physically delete the items.

At work right now but will check in when I get home.
 
Just so we don't waste time waiting for each other, what time do you reckon you'll be back home and helping nongs like me?

I'll be back at that time.

thanks,

Bob
 
I'm home now. I see a few issues still. I would like for you to do the following.

1.

Please download and run TDSSkiller

When the program opens, click on the start scan button.

tdssstartscan_zps32a151cd.jpg


TDSSKiller will now scan your computer for the TDSS infection. When the scan has finished it will display a result screen stating whether or not the infection was found on your computer. If it was found it will display a screen similar to the one below.

2663-2-eng.png


To remove the infections simply click on the Continue button and TDSSKiller will attempt to clean them or remove them.

After trying to clean them it will pop up with the results of the scan and its actions.

2663_3_en.png


Please reboot the system if asked to do so.

After running there will be a log that will be located at the root of your c:\ drive labeled tdsskiller with a series of numbers after it example, C:\TDSSKiller.2.4.7_23.07.2010_15.31.43_log.txt

Please open the log and copy and paste it back here.

2.

Please download and run Superantispyware free edition and post the log.

http://www.superantispyware.com/downloadfile.html?productid=SUPERANTISPYWAREFREE

Make sure its fully updated before you run a full scan.

3

Rerun hijackthis but this time press and hold the shift key while right clicking on the hijackthis icon and then click on run as admin. You were getting that error because you weren't running it as admin.
 
OK, back behind the mouse.

I'll give this a try.

thanks

Ran TDSSKiller, but couldn't find the log file. I usually just save them to desktop for easy retrieval. would the log file have been saved elsewhere?

Superantispyware is running, and finding threats. will report soon.
 
Last edited by a moderator:
bbudesa said:
Ran TDSSKiller, but couldn't find the log file. I usually just save them to desktop for easy retrieval. would the log file have been saved elsewhere?

Superantispyware is running, and finding threats. will report soon.
Click to expand...

The tdsskiller log will be located at the root of the C drive. Example.

c:\TDSSKiller.2.8.16.0_20.09.2013_19.46.16_log
 
have to send log of SUPERAntiSpyware in two messages, cuz it's too long.

part 1

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 10/05/2013 at 12:19 PM

Application Version : 5.6.1040

Core Rules Database Version : 10812
Trace Rules Database Version: 8624

Scan type : Quick Scan
Total Scan Time : 00:03:58

Operating System Information
Windows 7 Home Premium 64-bit, Service Pack 1 (Build 6.01.7601)
UAC On - Limited User

Memory items scanned : 578
Memory threats detected : 0
Registry items scanned : 60349
Registry threats detected : 0
File items scanned : 10891
File threats detected : 558

Adware.Tracking Cookie
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.interclick.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.dealtime.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accounts.key.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adxpose.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
demandmedia.trc.taboola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
media2.legacy.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
media2.legacy.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.youporn.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bs.serving-sys.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.revsci.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.burstnet.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adtechus.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adtech.de [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.casalemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.pro-market.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.kontera.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mediaforge.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mediaplex.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ad.mlnadvertising.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.specificmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.specificclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.fastclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ru4.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.picadmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.realmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.247realmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.amazon-adsystem.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.thefind.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
 
part 2

.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.fisherinvestments.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.findthecompany.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.yadro.ru [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.findthecompany.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.findthecompany.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.companies.findthecompany.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.s.clickability.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.vancepublishing.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.chitika.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.saxowesterncommunications.122.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.highbeam.122.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.eyeviewads.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.compasshealthcare.122.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.keybank.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.intouchsolutions.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wjnywlc5wbp.stats.esomniture.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.networkten.122.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.nbcuniversal.122.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
uk.sitestat.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
engine.valueviewmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
engine.valueviewmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
engine.valueviewmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ads.cpallmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
media.lsbet.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.scrippsfoodnet.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.web-stat.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.getclicky.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
in.getclicky.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.tourdefrance.thetourtracker.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.tourdefrance.thetourtracker.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.warnerbros.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.s0.2mdn.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.s0.2mdn.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.stats.gearjunkie.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
rotator.adjuggler.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.microsoftwlcashback.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adultadworld.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adxpansion.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.cbsdigitalmedia.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.gntbcstglobal.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cn.clickable.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wnmiwiczwep.stats.esomniture.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.paypal.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.intermundomedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adinterax.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.timeinc.122.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.burstbeacon.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.media.adfrontiers.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.clickbooth.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
tracking.callmeasurement.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
tracking.callmeasurement.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
traffic.prod.cobaltgroup.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
delivery.adseekmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
delivery.adseekmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
delivery.adseekmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
delivery.adseekmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
delivery.adseekmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.e-2dj6afk4kgd5eaq.stats.esomniture.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
openx.sexsearch.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.socialsex.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.socialsex.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.socialsex.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
wt.socialsex.biz [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.youporn.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.e-2dj6wcmiqidpeco.stats.esomniture.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.overtons.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.s.clickability.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.vml.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ewscripps.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.solvemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.gmchevrolet.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
track.adform.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adform.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
mediaservices-d.openxenterprise.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.saymedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mpstat.us [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
343track.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.media2.legacy.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
lfscpttracking.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.steelhousemedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atwola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.tripod.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.histats.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cipc.memberclicks.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bizrate.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
stat.dealtime.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bookfinder.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
343track.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
tracktrk.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
tracktrk.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.lucidmedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.bravenet.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.yieldmanager.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.xiti.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.server.cpmstar.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.accounts.google.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accountaccess.edwardjones.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accountaccess.edwardjones.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accountaccess.edwardjones.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.accountaccess.edwardjones.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.accountaccess.edwardjones.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.accountaccess.edwardjones.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
statse.webtrendslive.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
tracktrack.info [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.omn.crackle.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.adfarm1.adition.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad2.adfarm1.adition.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.stats.paypal.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.ads.pointroll.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.imitrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.imitrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.c.atdmt.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
advpixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
advpixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.mmotraffic.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
demandmedia.trc.taboola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
demandmedia.trc.taboola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
demandmedia.trc.taboola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
demandmedia.trc.taboola.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
accounts.google.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.gtrkr.sitescoutadserver.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.apmebf.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.liveperson.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
affiliate.mlntracker.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.scrilltrk.sitescoutadserver.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.googleadservices.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.scrilltrk.sitescoutadserver.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
media.charter.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.clickbank.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.msnbc.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.technoratimedia.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
www.burstnet.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.advertising.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.collective-media.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.zedo.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.www.media970.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
3181142.fls.doubleclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
lfscpttracking.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.tribalfusion.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.questionmarket.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
cts.lipixeltrack.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.sparknetworks.112.2o7.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.doubleclick.net [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\BOB\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\PHM5365Y.DEFAULT\COOKIES.SQLITE ]
.serving-sys.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adviva.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.amazon-adsystem.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fr.sitestat.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atlanticmedia.122.2o7.net [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.google.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
accounts.youtube.com [ C:\USERS\BOB\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
 
results of recent HighjackThis scan:

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 12:26:19 PM, on 10/5/2013
Platform: Windows 7 SP1 (WinNT 6.00.3505)
MSIE: Internet Explorer v10.0 (10.00.9200.16686)
Boot mode: Normal

Running processes:
C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamgui.exe
C:\Program Files (x86)\Logitech\Vid HD\Vid.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files (x86)\iTunes\iTunesHelper.exe
C:\Program Files (x86)\ASUS\EPU-4 Engine\FourEngine.exe
C:\Program Files (x86)\Mozilla Firefox\firefox.exe
C:\Program Files (x86)\Mozilla Firefox\plugin-container.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerPlugin_11_8_800_168.exe
C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/p/?LinkId=255141
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://go.microsoft.com/fwlink/p/?LinkId=255141
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyServer = http=127.0.0.1:49551;https=127.0.0.1:49551
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = <-loopback>
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
O2 - BHO: HP Print Enhancer - {0347C33E-8762-4905-BF09-768834316C61} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_printenhancer.dll
O2 - BHO: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O2 - BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll
O2 - BHO: Bing Bar Helper - {d2ce3e00-f94a-4740-988e-03dc2f38c34f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll
O2 - BHO: HP Smart BHO Class - {FFFFFFFF-CF4E-4F2B-BDC2-0E72E116A856} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O3 - Toolbar: Bing Bar - {8dcb7100-df86-4384-8842-8fa844297b3f} - "C:\Program Files (x86)\Microsoft\BingBar\BingExt.dll" (file missing)
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\Alwil Software\Avast5\aswWebRepIE.dll
O3 - Toolbar: (no name) - {0134af61-7a0c-4649-aeca-90d776060cb3} - (no file)
O4 - HKLM\..\Run: [avast] "C:\Program Files\Alwil Software\Avast5\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
O4 - HKCU\..\Run: [Logitech Vid] "C:\Program Files (x86)\Logitech\Vid HD\Vid.exe" -bootmode
O4 - HKCU\..\Run: [RESTART_STICKY_NOTES] C:\Windows\System32\StikyNot.exe
O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
O4 - Startup: AutorunsDisabled
O4 - Global Startup: AutorunsDisabled
O8 - Extra context menu item: Add to Google Photos Screensa&ver - res://C:\Windows\system32\GPhotos.scr/200
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~2\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1004 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra 'Tools' menuitem: @C:\Program Files (x86)\Windows Live\Writer\WindowsLiveWriterShortcuts.dll,-1003 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files (x86)\Windows Live\Writer\WriterBrowserExtension.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~2\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Show or hide HP Smart Web Printing - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - C:\Program Files (x86)\HP\Digital Imaging\Smart Web Printing\hpswp_BHO.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O10 - Unknown file in Winsock LSP: c:\program files (x86)\common files\microsoft shared\windows live\wlidnsp.dll
O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab
O18 - Protocol: skype-ie-addon-data - {91774881-D725-4E58-B298-07617B9B86A8} - C:\Program Files (x86)\Skype\Toolbars\Internet Explorer\skypeieplugin.dll
O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
O18 - Protocol: wlpg - {E43EF6CD-A37A-4A9B-9E6F-83F89B8E6324} - C:\Program Files (x86)\Windows Live\Photo Gallery\AlbumDownloadProtocolHandler.dll
O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\Windows\System32\alg.exe (file missing)
O23 - Service: AMD External Events Utility - Unknown owner - C:\Windows\system32\atiesrxx.exe (file missing)
O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
O23 - Service: avast! Firewall - AVAST Software - C:\Program Files\Alwil Software\Avast5\afwServ.exe
O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\Windows\System32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\fxsresm.dll,-118 (Fax) - Unknown owner - C:\Windows\system32\fxssvc.exe (file missing)
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Update Service (gupdatem) (gupdatem) - Google Inc. - C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
O23 - Service: Google Updater Service (gusvc) - Google - C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Intuit Update Service (IntuitUpdateService) - Intuit Inc. - C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: LightScribeService Direct Disc Labeling Service (LightScribeService) - Hewlett-Packard Company - C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
O23 - Service: Process Monitor (LVPrcS64) - Logitech Inc. - C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
O23 - Service: MBAMScheduler - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
O23 - Service: MBAMService - Malwarebytes Corporation - C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\Windows\System32\msdtc.exe (file missing)
O23 - Service: Nero BackItUp Scheduler 4.0 - Nero AG - C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\Windows\system32\locator.exe (file missing)
O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\Windows\System32\snmptrap.exe (file missing)
O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\Windows\System32\spoolsv.exe (file missing)
O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\Windows\system32\sppsvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\Windows\system32\UI0Detect.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\Windows\system32\lsass.exe (file missing)
O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\Windows\System32\vds.exe (file missing)
O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\Windows\system32\vssvc.exe (file missing)
O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\Windows\system32\Wat\WatAdminSvc.exe (file missing)
O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\Windows\system32\wbengine.exe (file missing)
O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\Windows\system32\wbem\WmiApSrv.exe (file missing)
O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

--
End of file - 11160 bytes
 
I'm still waiting on the log from tdsskiller. In the meantime, please do the following as Superantispyware didn't catch what I thought it would.

Please download and run the ESET Online Scanner
Disable any antivirus/security programs.
IMPORTANT! UN-check Remove found threats
Accept any security warnings from your browser.
Check Scan archives
Click Start
ESET will then download updates, install and then start scanning your system.
When the scan is done, push list of found threats
Click on Export to text file , and save the file to your desktop using a file name, such as ESETlog. Include the contents of this report in your next reply.
If no threats are found then it won't produce a log.


I will most likely be gone for the evening and won't be home until later, will check back in then.
 
Once again, sending in two messages:



12:43:04.0989 5696 TDSS rootkit removing tool 2.8.16.0 Feb 11 2013 18:50:42
12:43:05.0907 5696 ============================================================
12:43:05.0907 5696 Current date / time: 2013/10/05 12:43:05.0907
12:43:05.0907 5696 SystemInfo:
12:43:05.0907 5696
12:43:05.0907 5696 OS Version: 6.1.7601 ServicePack: 1.0
12:43:05.0907 5696 Product type: Workstation
12:43:05.0907 5696 ComputerName: BUDESAPC
12:43:05.0907 5696 UserName: Bob
12:43:05.0907 5696 Windows directory: C:\Windows
12:43:05.0907 5696 System windows directory: C:\Windows
12:43:05.0907 5696 Running under WOW64
12:43:05.0907 5696 Processor architecture: Intel x64
12:43:05.0907 5696 Number of processors: 3
12:43:05.0907 5696 Page size: 0x1000
12:43:05.0907 5696 Boot type: Normal boot
12:43:05.0908 5696 ============================================================
12:43:07.0480 5696 Drive \Device\Harddisk0\DR0 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'K0', Flags 0x00000040
12:43:07.0486 5696 Drive \Device\Harddisk1\DR1 - Size: 0x7470C06000 (465.76 Gb), SectorSize: 0x200, Cylinders: 0xED81, SectorsPerTrack: 0x3F, TracksPerCylinder: 0xFF, Type 'W'
12:43:11.0264 5696 ============================================================
12:43:11.0264 5696 \Device\Harddisk0\DR0:
12:43:11.0284 5696 MBR partitions:
12:43:11.0284 5696 \Device\Harddisk0\DR0\Partition1: MBR, Type 0x7, StartLBA 0x800, BlocksNum 0x32000
12:43:11.0284 5696 \Device\Harddisk0\DR0\Partition2: MBR, Type 0x7, StartLBA 0x32800, BlocksNum 0x3A353000
12:43:11.0284 5696 \Device\Harddisk1\DR1:
12:43:11.0318 5696 MBR partitions:
12:43:11.0318 5696 \Device\Harddisk1\DR1\Partition1: MBR, Type 0x7, StartLBA 0x3F, BlocksNum 0x3A384C41
12:43:11.0318 5696 ============================================================
12:43:11.0339 5696 C: <-> \Device\Harddisk0\DR0\Partition2
12:43:11.0359 5696 E: <-> \Device\Harddisk1\DR1\Partition1
12:43:11.0359 5696 ============================================================
12:43:11.0359 5696 Initialize success
12:43:11.0359 5696 ============================================================
12:43:13.0258 2560 ============================================================
12:43:13.0258 2560 Scan started
12:43:13.0258 2560 Mode: Manual;
12:43:13.0258 2560 ============================================================
12:43:13.0942 2560 ================ Scan system memory ========================
12:43:13.0942 2560 System memory - ok
12:43:13.0943 2560 ================ Scan services =============================
12:43:14.0018 2560 [ ABDCD326E1DD1C62509ED94C278A7453 ] !SASCORE C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
12:43:14.0021 2560 !SASCORE - ok
12:43:14.0280 2560 [ A87D604AEA360176311474C87A63BB88 ] 1394ohci C:\Windows\system32\drivers\1394ohci.sys
12:43:14.0284 2560 1394ohci - ok
12:43:14.0304 2560 [ D81D9E70B8A6DD14D42D7B4EFA65D5F2 ] ACPI C:\Windows\system32\drivers\ACPI.sys
12:43:14.0310 2560 ACPI - ok
12:43:14.0327 2560 [ 99F8E788246D495CE3794D7E7821D2CA ] AcpiPmi C:\Windows\system32\drivers\acpipmi.sys
12:43:14.0329 2560 AcpiPmi - ok
12:43:14.0456 2560 [ ADDA5E1951B90D3D23C56D3CF0622ADC ] AdobeARMservice C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
12:43:14.0459 2560 AdobeARMservice - ok
12:43:14.0550 2560 [ 24A0876D07EF356DCBC1D7A7929354AB ] AdobeFlashPlayerUpdateSvc C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
12:43:14.0555 2560 AdobeFlashPlayerUpdateSvc - ok
12:43:14.0596 2560 [ 2F6B34B83843F0C5118B63AC634F5BF4 ] adp94xx C:\Windows\system32\DRIVERS\adp94xx.sys
12:43:14.0605 2560 adp94xx - ok
12:43:14.0661 2560 [ 597F78224EE9224EA1A13D6350CED962 ] adpahci C:\Windows\system32\DRIVERS\adpahci.sys
12:43:14.0666 2560 adpahci - ok
12:43:14.0717 2560 [ E109549C90F62FB570B9540C4B148E54 ] adpu320 C:\Windows\system32\DRIVERS\adpu320.sys
12:43:14.0721 2560 adpu320 - ok
12:43:14.0754 2560 [ 4B78B431F225FD8624C5655CB1DE7B61 ] AeLookupSvc C:\Windows\System32\aelupsvc.dll
12:43:14.0757 2560 AeLookupSvc - ok
12:43:14.0804 2560 [ 1C7857B62DE5994A75B054A9FD4C3825 ] AFD C:\Windows\system32\drivers\afd.sys
12:43:14.0812 2560 AFD - ok
12:43:14.0850 2560 [ 608C14DBA7299D8CB6ED035A68A15799 ] agp440 C:\Windows\system32\drivers\agp440.sys
12:43:14.0851 2560 agp440 - ok
12:43:14.0868 2560 [ 3290D6946B5E30E70414990574883DDB ] ALG C:\Windows\System32\alg.exe
12:43:14.0870 2560 ALG - ok
12:43:14.0913 2560 [ 5812713A477A3AD7363C7438CA2EE038 ] aliide C:\Windows\system32\drivers\aliide.sys
12:43:14.0914 2560 aliide - ok
12:43:14.0953 2560 [ D0D8877969011D1B0ED9C3C55A9A9108 ] AMD External Events Utility C:\Windows\system32\atiesrxx.exe
12:43:14.0957 2560 AMD External Events Utility - ok
12:43:14.0978 2560 [ 1FF8B4431C353CE385C875F194924C0C ] amdide C:\Windows\system32\drivers\amdide.sys
12:43:14.0979 2560 amdide - ok
12:43:15.0006 2560 [ 7024F087CFF1833A806193EF9D22CDA9 ] AmdK8 C:\Windows\system32\DRIVERS\amdk8.sys
12:43:15.0007 2560 AmdK8 - ok
12:43:15.0020 2560 [ 1E56388B3FE0D031C44144EB8C4D6217 ] AmdPPM C:\Windows\system32\DRIVERS\amdppm.sys
12:43:15.0021 2560 AmdPPM - ok
12:43:15.0032 2560 [ D4121AE6D0C0E7E13AA221AA57EF2D49 ] amdsata C:\Windows\system32\drivers\amdsata.sys
12:43:15.0034 2560 amdsata - ok
12:43:15.0052 2560 [ F67F933E79241ED32FF46A4F29B5120B ] amdsbs C:\Windows\system32\DRIVERS\amdsbs.sys
12:43:15.0054 2560 amdsbs - ok
12:43:15.0065 2560 [ 540DAF1CEA6094886D72126FD7C33048 ] amdxata C:\Windows\system32\drivers\amdxata.sys
12:43:15.0066 2560 amdxata - ok
12:43:15.0092 2560 [ 89A69C3F2F319B43379399547526D952 ] AppID C:\Windows\system32\drivers\appid.sys
12:43:15.0093 2560 AppID - ok
12:43:15.0114 2560 [ 0BC381A15355A3982216F7172F545DE1 ] AppIDSvc C:\Windows\System32\appidsvc.dll
12:43:15.0115 2560 AppIDSvc - ok
12:43:15.0140 2560 [ 9D2A2369AB4B08A4905FE72DB104498F ] Appinfo C:\Windows\System32\appinfo.dll
12:43:15.0141 2560 Appinfo - ok
12:43:15.0230 2560 [ 30E3850F303EAE5C364782EA78579CC9 ] Apple Mobile Device C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
12:43:15.0233 2560 Apple Mobile Device - ok
12:43:15.0274 2560 [ C484F8CEB1717C540242531DB7845C4E ] arc C:\Windows\system32\DRIVERS\arc.sys
12:43:15.0277 2560 arc - ok
12:43:15.0299 2560 [ 019AF6924AEFE7839F61C830227FE79C ] arcsas C:\Windows\system32\DRIVERS\arcsas.sys
12:43:15.0301 2560 arcsas - ok
12:43:15.0352 2560 [ EDAA17CE771C696655B6585F7CAD2100 ] ASInsHelp C:\Windows\SysWow64\drivers\AsInsHelp64.sys
12:43:15.0354 2560 ASInsHelp - ok
12:43:15.0370 2560 [ 8065A7659562005127673AC52898675F ] AsIO C:\Windows\syswow64\drivers\AsIO.sys
12:43:15.0372 2560 AsIO - ok
12:43:15.0400 2560 [ A83C9C15680BB9E270ACF7172068E287 ] aswFsBlk C:\Windows\system32\drivers\aswFsBlk.sys
12:43:15.0402 2560 aswFsBlk - ok
12:43:15.0439 2560 [ C9ABD6DB930C89A3BAD4D2EBD59D5652 ] aswFW C:\Windows\system32\drivers\aswFW.sys
12:43:15.0441 2560 aswFW - ok
12:43:15.0475 2560 [ D07E6D1765AEDD75E67987921BBA43AD ] aswKbd C:\Windows\system32\drivers\aswKbd.sys
12:43:15.0476 2560 aswKbd - ok
12:43:15.0514 2560 [ 5C40B8D77EBEE1DE0E7A8CDD0CD75773 ] aswMonFlt C:\Windows\system32\drivers\aswMonFlt.sys
12:43:15.0517 2560 aswMonFlt - ok
12:43:15.0549 2560 [ 518B8D447A1975AB46DA093A2E743256 ] aswNdis C:\Windows\system32\DRIVERS\aswNdis.sys
12:43:15.0550 2560 aswNdis - ok
12:43:15.0569 2560 [ A433346FFCE6C0F18DFE13946CDBAA29 ] aswNdis2 C:\Windows\system32\drivers\aswNdis2.sys
12:43:15.0574 2560 aswNdis2 - ok
12:43:15.0609 2560 [ 997F6977294B9ACB7F400431DF8E3A4A ] aswRdr C:\Windows\System32\Drivers\aswrdr2.sys
12:43:15.0611 2560 aswRdr - ok
12:43:15.0661 2560 [ 286193DC28CFB4CEB8D378E20A0850A9 ] aswRvrt C:\Windows\system32\drivers\aswRvrt.sys
12:43:15.0663 2560 aswRvrt - ok
12:43:15.0696 2560 [ 58B93BA20D4693D0800D2B0A62B8059D ] aswSnx C:\Windows\system32\drivers\aswSnx.sys
12:43:15.0704 2560 aswSnx - ok
12:43:15.0754 2560 [ EC7148DB4D126C81426A67602822E62C ] aswSP C:\Windows\system32\drivers\aswSP.sys
12:43:15.0761 2560 aswSP - ok
12:43:15.0779 2560 [ 0E422E9CB7CD9C0AA6D4DFEAFA086EAA ] aswTdi C:\Windows\system32\drivers\aswTdi.sys
12:43:15.0781 2560 aswTdi - ok
12:43:15.0794 2560 [ 9FE455C916C656144B004E3EB48507CE ] aswVmm C:\Windows\system32\drivers\aswVmm.sys
12:43:15.0796 2560 aswVmm - ok
12:43:15.0809 2560 [ 769765CE2CC62867468CEA93969B2242 ] AsyncMac C:\Windows\system32\DRIVERS\asyncmac.sys
12:43:15.0810 2560 AsyncMac - ok
12:43:15.0843 2560 [ 02062C0B390B7729EDC9E69C680A6F3C ] atapi C:\Windows\system32\drivers\atapi.sys
12:43:15.0844 2560 atapi - ok
12:43:15.0990 2560 [ C5758BF1DFD762A5B17041FF061B7750 ] atikmdag C:\Windows\system32\DRIVERS\atikmdag.sys
12:43:16.0019 2560 atikmdag - ok
12:43:16.0029 2560 [ 7C5D273E29DCC5505469B299C6F29163 ] AtiPcie C:\Windows\system32\DRIVERS\AtiPcie.sys
12:43:16.0030 2560 AtiPcie - ok
12:43:16.0069 2560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioEndpointBuilder C:\Windows\System32\Audiosrv.dll
12:43:16.0080 2560 AudioEndpointBuilder - ok
12:43:16.0094 2560 [ F23FEF6D569FCE88671949894A8BECF1 ] AudioSrv C:\Windows\System32\Audiosrv.dll
12:43:16.0099 2560 AudioSrv - ok
12:43:16.0166 2560 [ 9330941C8F6DF417F6DBBE998DB6687E ] avast! Antivirus C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
12:43:16.0168 2560 avast! Antivirus - ok
12:43:16.0209 2560 [ 68E3356BC848124F56BDAC3C70C2E54B ] avast! Firewall C:\Program Files\Alwil Software\Avast5\afwServ.exe
12:43:16.0212 2560 avast! Firewall - ok
12:43:16.0247 2560 [ A6BF31A71B409DFA8CAC83159E1E2AFF ] AxInstSV C:\Windows\System32\AxInstSV.dll
12:43:16.0250 2560 AxInstSV - ok
12:43:16.0278 2560 [ 3E5B191307609F7514148C6832BB0842 ] b06bdrv C:\Windows\system32\DRIVERS\bxvbda.sys
12:43:16.0285 2560 b06bdrv - ok
12:43:16.0306 2560 [ B5ACE6968304A3900EEB1EBFD9622DF2 ] b57nd60a C:\Windows\system32\DRIVERS\b57nd60a.sys
12:43:16.0309 2560 b57nd60a - ok
12:43:16.0352 2560 [ 0D1EA7509F394D8B705B239EE71F5118 ] BBSvc C:\Program Files (x86)\Microsoft\BingBar\BBSvc.EXE
12:43:16.0354 2560 BBSvc - ok
12:43:16.0379 2560 [ FDE360167101B4E45A96F939F388AEB0 ] BDESVC C:\Windows\System32\bdesvc.dll
12:43:16.0383 2560 BDESVC - ok
12:43:16.0391 2560 [ 16A47CE2DECC9B099349A5F840654746 ] Beep C:\Windows\system32\drivers\Beep.sys
12:43:16.0393 2560 Beep - ok
12:43:16.0525 2560 [ 82974D6A2FD19445CC5171FC378668A4 ] BFE C:\Windows\System32\bfe.dll
12:43:16.0536 2560 BFE - ok
12:43:16.0595 2560 [ 1EA7969E3271CBC59E1730697DC74682 ] BITS C:\Windows\system32\qmgr.dll
12:43:16.0614 2560 BITS - ok
12:43:16.0632 2560 [ 61583EE3C3A17003C4ACD0475646B4D3 ] blbdrive C:\Windows\system32\DRIVERS\blbdrive.sys
12:43:16.0633 2560 blbdrive - ok
12:43:16.0678 2560 [ EBBCD5DFBB1DE70E8F4AF8FA59E401FD ] Bonjour Service C:\Program Files\Bonjour\mDNSResponder.exe
12:43:16.0681 2560 Bonjour Service - ok
12:43:16.0713 2560 [ 6C02A83164F5CC0A262F4199F0871CF5 ] bowser C:\Windows\system32\DRIVERS\bowser.sys
12:43:16.0713 2560 bowser - ok
12:43:16.0740 2560 [ F09EEE9EDC320B5E1501F749FDE686C8 ] BrFiltLo C:\Windows\system32\DRIVERS\BrFiltLo.sys
12:43:16.0741 2560 BrFiltLo - ok
12:43:16.0750 2560 [ B114D3098E9BDB8BEA8B053685831BE6 ] BrFiltUp C:\Windows\system32\DRIVERS\BrFiltUp.sys
12:43:16.0752 2560 BrFiltUp - ok
12:43:16.0783 2560 [ 5C2F352A4E961D72518261257AAE204B ] BridgeMP C:\Windows\system32\DRIVERS\bridge.sys
12:43:16.0785 2560 BridgeMP - ok
12:43:16.0823 2560 [ 05F5A0D14A2EE1D8255C2AA0E9E8E694 ] Browser C:\Windows\System32\browser.dll
12:43:16.0825 2560 Browser - ok
12:43:16.0833 2560 [ 43BEA8D483BF1870F018E2D02E06A5BD ] Brserid C:\Windows\System32\Drivers\Brserid.sys
12:43:16.0836 2560 Brserid - ok
12:43:16.0841 2560 [ A6ECA2151B08A09CACECA35C07F05B42 ] BrSerWdm C:\Windows\System32\Drivers\BrSerWdm.sys
12:43:16.0842 2560 BrSerWdm - ok
12:43:16.0847 2560 [ B79968002C277E869CF38BD22CD61524 ] BrUsbMdm C:\Windows\System32\Drivers\BrUsbMdm.sys
12:43:16.0848 2560 BrUsbMdm - ok
12:43:16.0853 2560 [ A87528880231C54E75EA7A44943B38BF ] BrUsbSer C:\Windows\System32\Drivers\BrUsbSer.sys
12:43:16.0854 2560 BrUsbSer - ok
12:43:16.0865 2560 [ 9DA669F11D1F894AB4EB69BF546A42E8 ] BTHMODEM C:\Windows\system32\DRIVERS\bthmodem.sys
12:43:16.0865 2560 BTHMODEM - ok
12:43:16.0891 2560 [ 95F9C2976059462CBBF227F7AAB10DE9 ] bthserv C:\Windows\system32\bthserv.dll
12:43:16.0892 2560 bthserv - ok
12:43:16.0903 2560 [ B8BD2BB284668C84865658C77574381A ] cdfs C:\Windows\system32\DRIVERS\cdfs.sys
12:43:16.0904 2560 cdfs - ok
12:43:16.0937 2560 [ F036CE71586E93D94DAB220D7BDF4416 ] cdrom C:\Windows\system32\DRIVERS\cdrom.sys
12:43:16.0939 2560 cdrom - ok
12:43:16.0988 2560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] CertPropSvc C:\Windows\System32\certprop.dll
12:43:16.0991 2560 CertPropSvc - ok
12:43:17.0025 2560 [ D7CD5C4E1B71FA62050515314CFB52CF ] circlass C:\Windows\system32\DRIVERS\circlass.sys
12:43:17.0028 2560 circlass - ok
12:43:17.0050 2560 cleanhlp - ok
12:43:17.0202 2560 [ FE1EC06F2253F691FE36217C592A0206 ] CLFS C:\Windows\system32\CLFS.sys
12:43:17.0210 2560 CLFS - ok
12:43:17.0267 2560 [ D88040F816FDA31C3B466F0FA0918F29 ] clr_optimization_v2.0.50727_32 C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe
12:43:17.0269 2560 clr_optimization_v2.0.50727_32 - ok
12:43:17.0300 2560 [ D1CEEA2B47CB998321C579651CE3E4F8 ] clr_optimization_v2.0.50727_64 C:\Windows\Microsoft.NET\Framework64\v2.0.50727\mscorsvw.exe
12:43:17.0301 2560 clr_optimization_v2.0.50727_64 - ok
12:43:17.0387 2560 [ C5A75EB48E2344ABDC162BDA79E16841 ] clr_optimization_v4.0.30319_32 C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe
12:43:17.0389 2560 clr_optimization_v4.0.30319_32 - ok
12:43:17.0434 2560 [ C6F9AF94DCD58122A4D7E89DB6BED29D ] clr_optimization_v4.0.30319_64 C:\Windows\Microsoft.NET\Framework64\v4.0.30319\mscorsvw.exe
12:43:17.0435 2560 clr_optimization_v4.0.30319_64 - ok
12:43:17.0451 2560 [ 0840155D0BDDF1190F84A663C284BD33 ] CmBatt C:\Windows\system32\DRIVERS\CmBatt.sys
12:43:17.0451 2560 CmBatt - ok
12:43:17.0488 2560 [ E19D3F095812725D88F9001985B94EDD ] cmdide C:\Windows\system32\drivers\cmdide.sys
12:43:17.0488 2560 cmdide - ok
12:43:17.0526 2560 [ 9AC4F97C2D3E93367E2148EA940CD2CD ] CNG C:\Windows\system32\Drivers\cng.sys
12:43:17.0534 2560 CNG - ok
12:43:17.0555 2560 [ 102DE219C3F61415F964C88E9085AD14 ] Compbatt C:\Windows\system32\DRIVERS\compbatt.sys
12:43:17.0556 2560 Compbatt - ok
12:43:17.0581 2560 [ 03EDB043586CCEBA243D689BDDA370A8 ] CompositeBus C:\Windows\system32\drivers\CompositeBus.sys
12:43:17.0582 2560 CompositeBus - ok
12:43:17.0586 2560 COMSysApp - ok
12:43:17.0626 2560 [ 1C827878A998C18847245FE1F34EE597 ] crcdisk C:\Windows\system32\DRIVERS\crcdisk.sys
12:43:17.0628 2560 crcdisk - ok
12:43:17.0669 2560 [ 6B400F211BEE880A37A1ED0368776BF4 ] CryptSvc C:\Windows\system32\cryptsvc.dll
12:43:17.0671 2560 CryptSvc - ok
12:43:17.0750 2560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] DcomLaunch C:\Windows\system32\rpcss.dll
12:43:17.0757 2560 DcomLaunch - ok
12:43:17.0786 2560 [ 3CEC7631A84943677AA8FA8EE5B6B43D ] defragsvc C:\Windows\System32\defragsvc.dll
12:43:17.0788 2560 defragsvc - ok
12:43:17.0825 2560 [ 9BB2EF44EAA163B29C4A4587887A0FE4 ] DfsC C:\Windows\system32\Drivers\dfsc.sys
12:43:17.0826 2560 DfsC - ok
12:43:17.0836 2560 [ 43D808F5D9E1A18E5EEB5EBC83969E4E ] Dhcp C:\Windows\system32\dhcpcore.dll
12:43:17.0838 2560 Dhcp - ok
12:43:17.0847 2560 [ 13096B05847EC78F0977F2C0F79E9AB3 ] discache C:\Windows\system32\drivers\discache.sys
12:43:17.0848 2560 discache - ok
12:43:17.0875 2560 [ 9819EEE8B5EA3784EC4AF3B137A5244C ] Disk C:\Windows\system32\DRIVERS\disk.sys
12:43:17.0876 2560 Disk - ok
12:43:17.0905 2560 [ 16835866AAA693C7D7FCEBA8FFF706E4 ] Dnscache C:\Windows\System32\dnsrslvr.dll
12:43:17.0906 2560 Dnscache - ok
12:43:17.0940 2560 [ B1FB3DDCA0FDF408750D5843591AFBC6 ] dot3svc C:\Windows\System32\dot3svc.dll
12:43:17.0942 2560 dot3svc - ok
12:43:17.0977 2560 [ B42ED0320C6E41102FDE0005154849BB ] Dot4 C:\Windows\system32\DRIVERS\Dot4.sys
12:43:17.0980 2560 Dot4 - ok
12:43:18.0015 2560 [ E9F5969233C5D89F3C35E3A66A52A361 ] Dot4Print C:\Windows\system32\drivers\Dot4Prt.sys
12:43:18.0017 2560 Dot4Print - ok
12:43:18.0026 2560 [ FD05A02B0370BC3000F402E543CA5814 ] dot4usb C:\Windows\system32\DRIVERS\dot4usb.sys
12:43:18.0028 2560 dot4usb - ok
12:43:18.0049 2560 [ B26F4F737E8F9DF4F31AF6CF31D05820 ] DPS C:\Windows\system32\dps.dll
12:43:18.0055 2560 DPS - ok
12:43:18.0082 2560 [ 9B19F34400D24DF84C858A421C205754 ] drmkaud C:\Windows\system32\drivers\drmkaud.sys
12:43:18.0084 2560 drmkaud - ok
12:43:18.0135 2560 [ AF2E16242AA723F68F461B6EAE2EAD3D ] DXGKrnl C:\Windows\System32\drivers\dxgkrnl.sys
12:43:18.0150 2560 DXGKrnl - ok
12:43:18.0172 2560 [ E2DDA8726DA9CB5B2C4000C9018A9633 ] EapHost C:\Windows\System32\eapsvc.dll
12:43:18.0174 2560 EapHost - ok
12:43:18.0251 2560 [ DC5D737F51BE844D8C82C695EB17372F ] ebdrv C:\Windows\system32\DRIVERS\evbda.sys
12:43:18.0270 2560 ebdrv - ok
12:43:18.0302 2560 [ C118A82CD78818C29AB228366EBF81C3 ] EFS C:\Windows\System32\lsass.exe
12:43:18.0304 2560 EFS - ok
12:43:18.0353 2560 [ C4002B6B41975F057D98C439030CEA07 ] ehRecvr C:\Windows\ehome\ehRecvr.exe
12:43:18.0357 2560 ehRecvr - ok
12:43:18.0377 2560 [ 4705E8EF9934482C5BB488CE28AFC681 ] ehSched C:\Windows\ehome\ehsched.exe
12:43:18.0378 2560 ehSched - ok
12:43:18.0401 2560 [ 0E5DA5369A0FCAEA12456DD852545184 ] elxstor C:\Windows\system32\DRIVERS\elxstor.sys
12:43:18.0410 2560 elxstor - ok
12:43:18.0443 2560 [ 34A3C54752046E79A126E15C51DB409B ] ErrDev C:\Windows\system32\drivers\errdev.sys
12:43:18.0443 2560 ErrDev - ok
12:43:18.0492 2560 [ 4166F82BE4D24938977DD1746BE9B8A0 ] EventSystem C:\Windows\system32\es.dll
12:43:18.0502 2560 EventSystem - ok
12:43:18.0525 2560 [ A510C654EC00C1E9BDD91EEB3A59823B ] exfat C:\Windows\system32\drivers\exfat.sys
12:43:18.0529 2560 exfat - ok
12:43:18.0546 2560 [ 0ADC83218B66A6DB380C330836F3E36D ] fastfat C:\Windows\system32\drivers\fastfat.sys
12:43:18.0550 2560 fastfat - ok
12:43:18.0620 2560 [ DBEFD454F8318A0EF691FDD2EAAB44EB ] Fax C:\Windows\system32\fxssvc.exe
12:43:18.0625 2560 Fax - ok
12:43:18.0630 2560 [ D765D19CD8EF61F650C384F62FAC00AB ] fdc C:\Windows\system32\DRIVERS\fdc.sys
12:43:18.0630 2560 fdc - ok
12:43:18.0643 2560 [ 0438CAB2E03F4FB61455A7956026FE86 ] fdPHost C:\Windows\system32\fdPHost.dll
12:43:18.0645 2560 fdPHost - ok
12:43:18.0662 2560 [ 802496CB59A30349F9A6DD22D6947644 ] FDResPub C:\Windows\system32\fdrespub.dll
12:43:18.0663 2560 FDResPub - ok
12:43:18.0671 2560 [ 655661BE46B5F5F3FD454E2C3095B930 ] FileInfo C:\Windows\system32\drivers\fileinfo.sys
12:43:18.0672 2560 FileInfo - ok
12:43:18.0676 2560 [ 5F671AB5BC87EEA04EC38A6CD5962A47 ] Filetrace C:\Windows\system32\drivers\filetrace.sys
12:43:18.0676 2560 Filetrace - ok
12:43:18.0680 2560 [ C172A0F53008EAEB8EA33FE10E177AF5 ] flpydisk C:\Windows\system32\DRIVERS\flpydisk.sys
12:43:18.0681 2560 flpydisk - ok
12:43:18.0691 2560 [ DA6B67270FD9DB3697B20FCE94950741 ] FltMgr C:\Windows\system32\drivers\fltmgr.sys
12:43:18.0693 2560 FltMgr - ok
12:43:18.0744 2560 [ C4C183E6551084039EC862DA1C945E3D ] FontCache C:\Windows\system32\FntCache.dll
12:43:18.0760 2560 FontCache - ok
12:43:18.0806 2560 [ A8B7F3818AB65695E3A0BB3279F6DCE6 ] FontCache3.0.0.0 C:\Windows\Microsoft.Net\Framework64\v3.0\WPF\PresentationFontCache.exe
12:43:18.0808 2560 FontCache3.0.0.0 - ok
12:43:18.0825 2560 [ D43703496149971890703B4B1B723EAC ] FsDepends C:\Windows\system32\drivers\FsDepends.sys
12:43:18.0826 2560 FsDepends - ok
12:43:18.0859 2560 [ 6BD9295CC032DD3077C671FCCF579A7B ] Fs_Rec C:\Windows\system32\drivers\Fs_Rec.sys
12:43:18.0860 2560 Fs_Rec - ok
12:43:18.0898 2560 [ 8F6322049018354F45F05A2FD2D4E5E0 ] fvevol C:\Windows\system32\DRIVERS\fvevol.sys
12:43:18.0900 2560 fvevol - ok
12:43:18.0914 2560 [ 8C778D335C9D272CFD3298AB02ABE3B6 ] gagp30kx C:\Windows\system32\DRIVERS\gagp30kx.sys
12:43:18.0915 2560 gagp30kx - ok
12:43:18.0943 2560 [ 8E98D21EE06192492A5671A6144D092F ] GEARAspiWDM C:\Windows\system32\DRIVERS\GEARAspiWDM.sys
12:43:18.0944 2560 GEARAspiWDM - ok
12:43:18.0987 2560 [ 277BBC7E1AA1EE957F573A10ECA7EF3A ] gpsvc C:\Windows\System32\gpsvc.dll
12:43:18.0995 2560 gpsvc - ok
12:43:19.0071 2560 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdate C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:43:19.0074 2560 gupdate - ok
12:43:19.0083 2560 [ 8F0DE4FEF8201E306F9938B0905AC96A ] gupdatem C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
12:43:19.0086 2560 gupdatem - ok
12:43:19.0129 2560 [ C1B577B2169900F4CF7190C39F085794 ] gusvc C:\Program Files (x86)\Google\Common\Google Updater\GoogleUpdaterService.exe
12:43:19.0132 2560 gusvc - ok
12:43:19.0150 2560 [ F2523EF6460FC42405B12248338AB2F0 ] hcw85cir C:\Windows\system32\drivers\hcw85cir.sys
12:43:19.0152 2560 hcw85cir - ok
12:43:19.0195 2560 [ 975761C778E33CD22498059B91E7373A ] HdAudAddService C:\Windows\system32\drivers\HdAudio.sys
12:43:19.0201 2560 HdAudAddService - ok
12:43:19.0313 2560 [ 97BFED39B6B79EB12CDDBFEED51F56BB ] HDAudBus C:\Windows\system32\drivers\HDAudBus.sys
12:43:19.0316 2560 HDAudBus - ok
12:43:19.0333 2560 [ 78E86380454A7B10A5EB255DC44A355F ] HidBatt C:\Windows\system32\DRIVERS\HidBatt.sys
12:43:19.0335 2560 HidBatt - ok
12:43:19.0341 2560 [ 7FD2A313F7AFE5C4DAB14798C48DD104 ] HidBth C:\Windows\system32\DRIVERS\hidbth.sys
12:43:19.0342 2560 HidBth - ok
12:43:19.0348 2560 [ 0A77D29F311B88CFAE3B13F9C1A73825 ] HidIr C:\Windows\system32\DRIVERS\hidir.sys
12:43:19.0349 2560 HidIr - ok
12:43:19.0363 2560 [ BD9EB3958F213F96B97B1D897DEE006D ] hidserv C:\Windows\System32\hidserv.dll
12:43:19.0365 2560 hidserv - ok
12:43:19.0371 2560 [ 9592090A7E2B61CD582B612B6DF70536 ] HidUsb C:\Windows\system32\DRIVERS\hidusb.sys
12:43:19.0371 2560 HidUsb - ok
12:43:19.0404 2560 [ 387E72E739E15E3D37907A86D9FF98E2 ] hkmsvc C:\Windows\system32\kmsvc.dll
12:43:19.0405 2560 hkmsvc - ok
12:43:19.0442 2560 [ EFDFB3DD38A4376F93E7985173813ABD ] HomeGroupListener C:\Windows\system32\ListSvc.dll
12:43:19.0450 2560 HomeGroupListener - ok
12:43:19.0472 2560 [ 908ACB1F594274965A53926B10C81E89 ] HomeGroupProvider C:\Windows\system32\provsvc.dll
12:43:19.0482 2560 HomeGroupProvider - ok
12:43:19.0597 2560 [ 0A3C6AA4A9FC38C20BA4EAC2C3351C05 ] hpqcxs08 C:\Program Files (x86)\HP\Digital Imaging\bin\hpqcxs08.dll
12:43:19.0602 2560 hpqcxs08 - ok
12:43:19.0646 2560 [ F3F72A2A86C22610BCA5439FA789DD52 ] hpqddsvc C:\Program Files (x86)\HP\Digital Imaging\bin\hpqddsvc.dll
12:43:19.0649 2560 hpqddsvc - ok
12:43:19.0683 2560 [ 39D2ABCD392F3D8A6DCE7B60AE7B8EFC ] HpSAMD C:\Windows\system32\drivers\HpSAMD.sys
12:43:19.0686 2560 HpSAMD - ok
12:43:19.0744 2560 [ F37882F128EFACEFE353E0BAE2766909 ] HPSLPSVC C:\Program Files (x86)\HP\Digital Imaging\bin\HPSLPSVC64.DLL
12:43:19.0762 2560 HPSLPSVC - ok
12:43:19.0813 2560 [ 0EA7DE1ACB728DD5A369FD742D6EEE28 ] HTTP C:\Windows\system32\drivers\HTTP.sys
12:43:19.0825 2560 HTTP - ok
12:43:19.0855 2560 [ A5462BD6884960C9DC85ED49D34FF392 ] hwpolicy C:\Windows\system32\drivers\hwpolicy.sys
12:43:19.0856 2560 hwpolicy - ok
12:43:19.0893 2560 [ FA55C73D4AFFA7EE23AC4BE53B4592D3 ] i8042prt C:\Windows\system32\drivers\i8042prt.sys
12:43:19.0896 2560 i8042prt - ok
12:43:19.0922 2560 [ AAAF44DB3BD0B9D1FB6969B23ECC8366 ] iaStorV C:\Windows\system32\drivers\iaStorV.sys
12:43:19.0929 2560 iaStorV - ok
12:43:19.0975 2560 [ 1CF03C69B49ACB70C722DF92755C0C8C ] IDriverT C:\Program Files (x86)\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
12:43:19.0978 2560 IDriverT - ok
 
part 2:

12:43:20.0027 2560 [ 5988FC40F8DB5B0739CD1E3A5D0D78BD ] idsvc C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\infocard.exe
12:43:20.0041 2560 idsvc - ok
12:43:20.0069 2560 [ 5C18831C61933628F5BB0EA2675B9D21 ] iirsp C:\Windows\system32\DRIVERS\iirsp.sys
12:43:20.0070 2560 iirsp - ok
12:43:20.0117 2560 [ FCD84C381E0140AF901E58D48882D26B ] IKEEXT C:\Windows\System32\ikeext.dll
12:43:20.0133 2560 IKEEXT - ok
12:43:20.0170 2560 [ F00F20E70C6EC3AA366910083A0518AA ] intelide C:\Windows\system32\drivers\intelide.sys
12:43:20.0170 2560 intelide - ok
12:43:20.0187 2560 [ ADA036632C664CAA754079041CF1F8C1 ] intelppm C:\Windows\system32\DRIVERS\intelppm.sys
12:43:20.0187 2560 intelppm - ok
12:43:20.0252 2560 [ 3DC635B66DD7412E1C9C3A77B8D78F25 ] IntuitUpdateService C:\Program Files (x86)\Common Files\Intuit\Update Service\IntuitUpdateService.exe
12:43:20.0254 2560 IntuitUpdateService - ok
12:43:20.0272 2560 [ 098A91C54546A3B878DAD6A7E90A455B ] IPBusEnum C:\Windows\system32\ipbusenum.dll
12:43:20.0278 2560 IPBusEnum - ok
12:43:20.0317 2560 [ C9F0E1BD74365A8771590E9008D22AB6 ] IpFilterDriver C:\Windows\system32\DRIVERS\ipfltdrv.sys
12:43:20.0320 2560 IpFilterDriver - ok
12:43:20.0363 2560 [ 08C2957BB30058E663720C5606885653 ] iphlpsvc C:\Windows\System32\iphlpsvc.dll
12:43:20.0375 2560 iphlpsvc - ok
12:43:20.0413 2560 [ 0FC1AEA580957AA8817B8F305D18CA3A ] IPMIDRV C:\Windows\system32\drivers\IPMIDrv.sys
12:43:20.0415 2560 IPMIDRV - ok
12:43:20.0440 2560 [ AF9B39A7E7B6CAA203B3862582E9F2D0 ] IPNAT C:\Windows\system32\drivers\ipnat.sys
12:43:20.0443 2560 IPNAT - ok
12:43:20.0512 2560 [ 71F993192EB04B2C4C80F2DEE9119229 ] iPod Service C:\Program Files\iPod\bin\iPodService.exe
12:43:20.0523 2560 iPod Service - ok
12:43:20.0565 2560 [ 3ABF5E7213EB28966D55D58B515D5CE9 ] IRENUM C:\Windows\system32\drivers\irenum.sys
12:43:20.0566 2560 IRENUM - ok
12:43:20.0580 2560 [ 2F7B28DC3E1183E5EB418DF55C204F38 ] isapnp C:\Windows\system32\drivers\isapnp.sys
12:43:20.0581 2560 isapnp - ok
12:43:20.0601 2560 [ D931D7309DEB2317035B07C9F9E6B0BD ] iScsiPrt C:\Windows\system32\drivers\msiscsi.sys
12:43:20.0603 2560 iScsiPrt - ok
12:43:20.0621 2560 [ BC02336F1CBA7DCC7D1213BB588A68A5 ] kbdclass C:\Windows\system32\DRIVERS\kbdclass.sys
12:43:20.0622 2560 kbdclass - ok
12:43:20.0633 2560 [ 0705EFF5B42A9DB58548EEC3B26BB484 ] kbdhid C:\Windows\system32\DRIVERS\kbdhid.sys
12:43:20.0634 2560 kbdhid - ok
12:43:20.0641 2560 [ C118A82CD78818C29AB228366EBF81C3 ] KeyIso C:\Windows\system32\lsass.exe
12:43:20.0644 2560 KeyIso - ok
12:43:20.0681 2560 [ 97A7070AEA4C058B6418519E869A63B4 ] KSecDD C:\Windows\system32\Drivers\ksecdd.sys
12:43:20.0682 2560 KSecDD - ok
12:43:20.0715 2560 [ 26C43A7C2862447EC59DEDA188D1DA07 ] KSecPkg C:\Windows\system32\Drivers\ksecpkg.sys
12:43:20.0717 2560 KSecPkg - ok
12:43:20.0734 2560 [ 6869281E78CB31A43E969F06B57347C4 ] ksthunk C:\Windows\system32\drivers\ksthunk.sys
12:43:20.0735 2560 ksthunk - ok
12:43:20.0763 2560 [ 6AB66E16AA859232F64DEB66887A8C9C ] KtmRm C:\Windows\system32\msdtckrm.dll
12:43:20.0768 2560 KtmRm - ok
12:43:20.0806 2560 [ D9F42719019740BAA6D1C6D536CBDAA6 ] LanmanServer C:\Windows\System32\srvsvc.dll
12:43:20.0812 2560 LanmanServer - ok
12:43:20.0846 2560 [ 851A1382EED3E3A7476DB004F4EE3E1A ] LanmanWorkstation C:\Windows\System32\wkssvc.dll
12:43:20.0852 2560 LanmanWorkstation - ok
12:43:20.0902 2560 [ FCBDCC6F1801E32244235608E1277752 ] LightScribeService C:\Program Files (x86)\Common Files\LightScribe\LSSrvc.exe
12:43:20.0903 2560 LightScribeService - ok
12:43:20.0916 2560 [ 1538831CF8AD2979A04C423779465827 ] lltdio C:\Windows\system32\DRIVERS\lltdio.sys
12:43:20.0917 2560 lltdio - ok
12:43:20.0930 2560 [ C1185803384AB3FEED115F79F109427F ] lltdsvc C:\Windows\System32\lltdsvc.dll
12:43:20.0935 2560 lltdsvc - ok
12:43:20.0948 2560 [ F993A32249B66C9D622EA5592A8B76B8 ] lmhosts C:\Windows\System32\lmhsvc.dll
12:43:20.0951 2560 lmhosts - ok
12:43:20.0964 2560 [ 1A93E54EB0ECE102495A51266DCDB6A6 ] LSI_FC C:\Windows\system32\DRIVERS\lsi_fc.sys
12:43:20.0966 2560 LSI_FC - ok
12:43:20.0972 2560 [ 1047184A9FDC8BDBFF857175875EE810 ] LSI_SAS C:\Windows\system32\DRIVERS\lsi_sas.sys
12:43:20.0973 2560 LSI_SAS - ok
12:43:20.0984 2560 [ 30F5C0DE1EE8B5BC9306C1F0E4A75F93 ] LSI_SAS2 C:\Windows\system32\DRIVERS\lsi_sas2.sys
12:43:20.0985 2560 LSI_SAS2 - ok
12:43:21.0002 2560 [ 0504EACAFF0D3C8AED161C4B0D369D4A ] LSI_SCSI C:\Windows\system32\DRIVERS\lsi_scsi.sys
12:43:21.0003 2560 LSI_SCSI - ok
12:43:21.0024 2560 [ 43D0F98E1D56CCDDB0D5254CFF7B356E ] luafv C:\Windows\system32\drivers\luafv.sys
12:43:21.0025 2560 luafv - ok
12:43:21.0055 2560 [ C586CC39820B6E7FE3657FED8329D300 ] lvpopf64 C:\Windows\system32\DRIVERS\lvpopf64.sys
12:43:21.0058 2560 lvpopf64 - ok
12:43:21.0095 2560 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2M64 C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:43:21.0097 2560 LVPr2M64 - ok
12:43:21.0104 2560 [ B3944D06EB4B64D57BD7E5FE89415F58 ] LVPr2Mon C:\Windows\system32\DRIVERS\LVPr2M64.sys
12:43:21.0106 2560 LVPr2Mon - ok
12:43:21.0182 2560 [ 9CD0DC863BE5D40A762F7D84F11A8471 ] LVPrcS64 C:\Program Files\Common Files\Logishrd\LVMVFM\LVPrcSrv.exe
12:43:21.0186 2560 LVPrcS64 - ok
12:43:21.0227 2560 [ 224AB3850F573A419F921C41A15D7F5B ] LVRS64 C:\Windows\system32\DRIVERS\lvrs64.sys
12:43:21.0233 2560 LVRS64 - ok
12:43:21.0383 2560 [ BFBA84B8A9C233AE42B11CF7BDFC6C01 ] LVUVC64 C:\Windows\system32\DRIVERS\lvuvc64.sys
12:43:21.0415 2560 LVUVC64 - ok
12:43:21.0509 2560 [ 0BB97D43299910CBFBA59C461B99B910 ] MBAMProtector C:\Windows\system32\drivers\mbam.sys
12:43:21.0511 2560 MBAMProtector - ok
12:43:21.0588 2560 [ 65085456FD9A74D7F1A999520C299ECB ] MBAMScheduler C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamscheduler.exe
12:43:21.0595 2560 MBAMScheduler - ok
12:43:21.0645 2560 [ E0D7732F2D2E24B2DB3F67B6750295B8 ] MBAMService C:\Program Files (x86)\Malwarebytes' Anti-Malware\mbamservice.exe
12:43:21.0657 2560 MBAMService - ok
12:43:21.0702 2560 [ 0BE09CD858ABF9DF6ED259D57A1A1663 ] Mcx2Svc C:\Windows\system32\Mcx2Svc.dll
12:43:21.0709 2560 Mcx2Svc - ok
12:43:21.0732 2560 [ A55805F747C6EDB6A9080D7C633BD0F4 ] megasas C:\Windows\system32\DRIVERS\megasas.sys
12:43:21.0734 2560 megasas - ok
12:43:21.0752 2560 [ BAF74CE0072480C3B6B7C13B2A94D6B3 ] MegaSR C:\Windows\system32\DRIVERS\MegaSR.sys
12:43:21.0757 2560 MegaSR - ok
12:43:21.0783 2560 [ E40E80D0304A73E8D269F7141D77250B ] MMCSS C:\Windows\system32\mmcss.dll
12:43:21.0789 2560 MMCSS - ok
12:43:21.0805 2560 [ 800BA92F7010378B09F9ED9270F07137 ] Modem C:\Windows\system32\drivers\modem.sys
12:43:21.0808 2560 Modem - ok
12:43:21.0848 2560 [ B03D591DC7DA45ECE20B3B467E6AADAA ] monitor C:\Windows\system32\DRIVERS\monitor.sys
12:43:21.0850 2560 monitor - ok
12:43:21.0868 2560 [ 7D27EA49F3C1F687D357E77A470AEA99 ] mouclass C:\Windows\system32\DRIVERS\mouclass.sys
12:43:21.0870 2560 mouclass - ok
12:43:21.0880 2560 [ D3BF052C40B0C4166D9FD86A4288C1E6 ] mouhid C:\Windows\system32\DRIVERS\mouhid.sys
12:43:21.0881 2560 mouhid - ok
12:43:21.0913 2560 [ 32E7A3D591D671A6DF2DB515A5CBE0FA ] mountmgr C:\Windows\system32\drivers\mountmgr.sys
12:43:21.0914 2560 mountmgr - ok
12:43:21.0951 2560 [ 0329A45C849C9D77901094B8FFE8BBB9 ] MozillaMaintenance C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
12:43:21.0954 2560 MozillaMaintenance - ok
12:43:21.0974 2560 [ A44B420D30BD56E145D6A2BC8768EC58 ] mpio C:\Windows\system32\drivers\mpio.sys
12:43:21.0977 2560 mpio - ok
12:43:21.0995 2560 [ 6C38C9E45AE0EA2FA5E551F2ED5E978F ] mpsdrv C:\Windows\system32\drivers\mpsdrv.sys
12:43:21.0998 2560 mpsdrv - ok
12:43:22.0061 2560 [ 54FFC9C8898113ACE189D4AA7199D2C1 ] MpsSvc C:\Windows\system32\mpssvc.dll
12:43:22.0078 2560 MpsSvc - ok
12:43:22.0118 2560 [ DC722758B8261E1ABAFD31A3C0A66380 ] MRxDAV C:\Windows\system32\drivers\mrxdav.sys
12:43:22.0122 2560 MRxDAV - ok
12:43:22.0160 2560 [ A5D9106A73DC88564C825D317CAC68AC ] mrxsmb C:\Windows\system32\DRIVERS\mrxsmb.sys
12:43:22.0164 2560 mrxsmb - ok
12:43:22.0208 2560 [ D711B3C1D5F42C0C2415687BE09FC163 ] mrxsmb10 C:\Windows\system32\DRIVERS\mrxsmb10.sys
12:43:22.0214 2560 mrxsmb10 - ok
12:43:22.0234 2560 [ 9423E9D355C8D303E76B8CFBD8A5C30C ] mrxsmb20 C:\Windows\system32\DRIVERS\mrxsmb20.sys
12:43:22.0237 2560 mrxsmb20 - ok
12:43:22.0268 2560 [ C25F0BAFA182CBCA2DD3C851C2E75796 ] msahci C:\Windows\system32\drivers\msahci.sys
12:43:22.0270 2560 msahci - ok
12:43:22.0311 2560 [ DB801A638D011B9633829EB6F663C900 ] msdsm C:\Windows\system32\drivers\msdsm.sys
12:43:22.0314 2560 msdsm - ok
12:43:22.0335 2560 [ DE0ECE52236CFA3ED2DBFC03F28253A8 ] MSDTC C:\Windows\System32\msdtc.exe
12:43:22.0343 2560 MSDTC - ok
12:43:22.0372 2560 [ AA3FB40E17CE1388FA1BEDAB50EA8F96 ] Msfs C:\Windows\system32\drivers\Msfs.sys
12:43:22.0373 2560 Msfs - ok
12:43:22.0382 2560 [ F9D215A46A8B9753F61767FA72A20326 ] mshidkmdf C:\Windows\System32\drivers\mshidkmdf.sys
12:43:22.0383 2560 mshidkmdf - ok
12:43:22.0396 2560 [ D916874BBD4F8B07BFB7FA9B3CCAE29D ] msisadrv C:\Windows\system32\drivers\msisadrv.sys
12:43:22.0397 2560 msisadrv - ok
12:43:22.0420 2560 [ 808E98FF49B155C522E6400953177B08 ] MSiSCSI C:\Windows\system32\iscsiexe.dll
12:43:22.0423 2560 MSiSCSI - ok
12:43:22.0428 2560 msiserver - ok
12:43:22.0441 2560 [ 49CCF2C4FEA34FFAD8B1B59D49439366 ] MSKSSRV C:\Windows\system32\drivers\MSKSSRV.sys
12:43:22.0442 2560 MSKSSRV - ok
12:43:22.0455 2560 [ BDD71ACE35A232104DDD349EE70E1AB3 ] MSPCLOCK C:\Windows\system32\drivers\MSPCLOCK.sys
12:43:22.0456 2560 MSPCLOCK - ok
12:43:22.0490 2560 [ 4ED981241DB27C3383D72092B618A1D0 ] MSPQM C:\Windows\system32\drivers\MSPQM.sys
12:43:22.0491 2560 MSPQM - ok
12:43:22.0530 2560 [ 759A9EEB0FA9ED79DA1FB7D4EF78866D ] MsRPC C:\Windows\system32\drivers\MsRPC.sys
12:43:22.0536 2560 MsRPC - ok
12:43:22.0575 2560 [ 0EED230E37515A0EAEE3C2E1BC97B288 ] mssmbios C:\Windows\system32\drivers\mssmbios.sys
12:43:22.0577 2560 mssmbios - ok
12:43:22.0653 2560 MSSQL$XMAP7 - ok
12:43:22.0725 2560 [ F1761C8FB2B25A32C6D63E36BB88C3AE ] MSSQLServerADHelper100 c:\Program Files (x86)\Microsoft SQL Server\100\Shared\SQLADHLP.EXE
12:43:22.0727 2560 MSSQLServerADHelper100 - ok
12:43:22.0746 2560 [ 2E66F9ECB30B4221A318C92AC2250779 ] MSTEE C:\Windows\system32\drivers\MSTEE.sys
12:43:22.0748 2560 MSTEE - ok
12:43:22.0756 2560 [ 7EA404308934E675BFFDE8EDF0757BCD ] MTConfig C:\Windows\system32\DRIVERS\MTConfig.sys
12:43:22.0758 2560 MTConfig - ok
12:43:22.0796 2560 [ 2219A3D695405E7BA2186BA6B9EDE14A ] MTsensor C:\Windows\system32\DRIVERS\ASACPI.sys
12:43:22.0797 2560 MTsensor - ok
12:43:22.0806 2560 [ F9A18612FD3526FE473C1BDA678D61C8 ] Mup C:\Windows\system32\Drivers\mup.sys
12:43:22.0808 2560 Mup - ok
12:43:22.0847 2560 [ 582AC6D9873E31DFA28A4547270862DD ] napagent C:\Windows\system32\qagentRT.dll
12:43:22.0854 2560 napagent - ok
12:43:22.0872 2560 [ 1EA3749C4114DB3E3161156FFFFA6B33 ] NativeWifiP C:\Windows\system32\DRIVERS\nwifi.sys
12:43:22.0875 2560 NativeWifiP - ok
12:43:22.0918 2560 [ 760E38053BF56E501D562B70AD796B88 ] NDIS C:\Windows\system32\drivers\ndis.sys
12:43:22.0926 2560 NDIS - ok
12:43:22.0936 2560 [ 9F9A1F53AAD7DA4D6FEF5BB73AB811AC ] NdisCap C:\Windows\system32\DRIVERS\ndiscap.sys
12:43:22.0937 2560 NdisCap - ok
12:43:22.0948 2560 [ 30639C932D9FEF22B31268FE25A1B6E5 ] NdisTapi C:\Windows\system32\DRIVERS\ndistapi.sys
12:43:22.0949 2560 NdisTapi - ok
12:43:22.0981 2560 [ 136185F9FB2CC61E573E676AA5402356 ] Ndisuio C:\Windows\system32\DRIVERS\ndisuio.sys
12:43:22.0982 2560 Ndisuio - ok
12:43:23.0020 2560 [ 53F7305169863F0A2BDDC49E116C2E11 ] NdisWan C:\Windows\system32\DRIVERS\ndiswan.sys
12:43:23.0023 2560 NdisWan - ok
12:43:23.0040 2560 [ 015C0D8E0E0421B4CFD48CFFE2825879 ] NDProxy C:\Windows\system32\drivers\NDProxy.sys
12:43:23.0042 2560 NDProxy - ok
12:43:23.0102 2560 [ 0FF3C6AA3E0FE0EB316DF5449B569463 ] Nero BackItUp Scheduler 4.0 C:\Program Files (x86)\Common Files\Nero\Nero BackItUp 4\NBService.exe
12:43:23.0110 2560 Nero BackItUp Scheduler 4.0 - ok
12:43:23.0147 2560 [ D5AC41AE382738483FAFFBD7E373D49A ] Net Driver HPZ12 C:\Windows\system32\HPZinw12.dll
12:43:23.0150 2560 Net Driver HPZ12 - ok
12:43:23.0166 2560 [ 86743D9F5D2B1048062B14B1D84501C4 ] NetBIOS C:\Windows\system32\DRIVERS\netbios.sys
12:43:23.0168 2560 NetBIOS - ok
12:43:23.0200 2560 [ 09594D1089C523423B32A4229263F068 ] NetBT C:\Windows\system32\DRIVERS\netbt.sys
12:43:23.0203 2560 NetBT - ok
12:43:23.0214 2560 [ C118A82CD78818C29AB228366EBF81C3 ] Netlogon C:\Windows\system32\lsass.exe
12:43:23.0217 2560 Netlogon - ok
12:43:23.0233 2560 [ 847D3AE376C0817161A14A82C8922A9E ] Netman C:\Windows\System32\netman.dll
12:43:23.0239 2560 Netman - ok
12:43:23.0260 2560 [ 5F28111C648F1E24F7DBC87CDEB091B8 ] netprofm C:\Windows\System32\netprofm.dll
12:43:23.0266 2560 netprofm - ok
12:43:23.0290 2560 [ 3E5A36127E201DDF663176B66828FAFE ] NetTcpPortSharing C:\Windows\Microsoft.NET\Framework64\v3.0\Windows Communication Foundation\SMSvcHost.exe
12:43:23.0292 2560 NetTcpPortSharing - ok
12:43:23.0320 2560 [ 77889813BE4D166CDAB78DDBA990DA92 ] nfrd960 C:\Windows\system32\DRIVERS\nfrd960.sys
12:43:23.0321 2560 nfrd960 - ok
12:43:23.0357 2560 [ 8AD77806D336673F270DB31645267293 ] NlaSvc C:\Windows\System32\nlasvc.dll
12:43:23.0363 2560 NlaSvc - ok
12:43:23.0371 2560 [ 1E4C4AB5C9B8DD13179BBDC75A2A01F7 ] Npfs C:\Windows\system32\drivers\Npfs.sys
12:43:23.0372 2560 Npfs - ok
12:43:23.0389 2560 [ D54BFDF3E0C953F823B3D0BFE4732528 ] nsi C:\Windows\system32\nsisvc.dll
12:43:23.0392 2560 nsi - ok
12:43:23.0402 2560 [ E7F5AE18AF4168178A642A9247C63001 ] nsiproxy C:\Windows\system32\drivers\nsiproxy.sys
12:43:23.0404 2560 nsiproxy - ok
12:43:23.0455 2560 [ B98F8C6E31CD07B2E6F71F7F648E38C0 ] Ntfs C:\Windows\system32\drivers\Ntfs.sys
12:43:23.0467 2560 Ntfs - ok
12:43:23.0503 2560 [ 9899284589F75FA8724FF3D16AED75C1 ] Null C:\Windows\system32\drivers\Null.sys
12:43:23.0505 2560 Null - ok
12:43:23.0541 2560 [ 0A92CB65770442ED0DC44834632F66AD ] nvraid C:\Windows\system32\drivers\nvraid.sys
12:43:23.0544 2560 nvraid - ok
12:43:23.0566 2560 [ DAB0E87525C10052BF65F06152F37E4A ] nvstor C:\Windows\system32\drivers\nvstor.sys
12:43:23.0570 2560 nvstor - ok
12:43:23.0589 2560 [ 270D7CD42D6E3979F6DD0146650F0E05 ] nv_agp C:\Windows\system32\drivers\nv_agp.sys
12:43:23.0592 2560 nv_agp - ok
12:43:23.0679 2560 [ 785F487A64950F3CB8E9F16253BA3B7B ] odserv C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE
12:43:23.0686 2560 odserv - ok
12:43:23.0725 2560 [ 3589478E4B22CE21B41FA1BFC0B8B8A0 ] ohci1394 C:\Windows\system32\drivers\ohci1394.sys
12:43:23.0728 2560 ohci1394 - ok
12:43:23.0759 2560 [ 5A432A042DAE460ABE7199B758E8606C ] ose C:\Program Files (x86)\Common Files\Microsoft Shared\Source Engine\OSE.EXE
12:43:23.0762 2560 ose - ok
12:43:23.0799 2560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] p2pimsvc C:\Windows\system32\pnrpsvc.dll
12:43:23.0811 2560 p2pimsvc - ok
12:43:23.0844 2560 [ 927463ECB02179F88E4B9A17568C63C3 ] p2psvc C:\Windows\system32\p2psvc.dll
12:43:23.0850 2560 p2psvc - ok
12:43:23.0876 2560 [ 0086431C29C35BE1DBC43F52CC273887 ] Parport C:\Windows\system32\DRIVERS\parport.sys
12:43:23.0878 2560 Parport - ok
12:43:23.0913 2560 [ E9766131EEADE40A27DC27D2D68FBA9C ] partmgr C:\Windows\system32\drivers\partmgr.sys
12:43:23.0914 2560 partmgr - ok
12:43:23.0936 2560 [ 3AEAA8B561E63452C655DC0584922257 ] PcaSvc C:\Windows\System32\pcasvc.dll
12:43:23.0945 2560 PcaSvc - ok
12:43:23.0989 2560 [ 94575C0571D1462A0F70BDE6BD6EE6B3 ] pci C:\Windows\system32\drivers\pci.sys
12:43:23.0994 2560 pci - ok
12:43:24.0036 2560 [ B5B8B5EF2E5CB34DF8DCF8831E3534FA ] pciide C:\Windows\system32\drivers\pciide.sys
12:43:24.0038 2560 pciide - ok
12:43:24.0065 2560 [ B2E81D4E87CE48589F98CB8C05B01F2F ] pcmcia C:\Windows\system32\DRIVERS\pcmcia.sys
12:43:24.0070 2560 pcmcia - ok
12:43:24.0086 2560 [ D6B9C2E1A11A3A4B26A182FFEF18F603 ] pcw C:\Windows\system32\drivers\pcw.sys
12:43:24.0089 2560 pcw - ok
12:43:24.0117 2560 [ 68769C3356B3BE5D1C732C97B9A80D6E ] PEAUTH C:\Windows\system32\drivers\peauth.sys
12:43:24.0127 2560 PEAUTH - ok
12:43:24.0172 2560 [ E495E408C93141E8FC72DC0C6046DDFA ] PerfHost C:\Windows\SysWow64\perfhost.exe
12:43:24.0175 2560 PerfHost - ok
12:43:24.0238 2560 [ C7CF6A6E137463219E1259E3F0F0DD6C ] pla C:\Windows\system32\pla.dll
12:43:24.0255 2560 pla - ok
12:43:24.0298 2560 [ 25FBDEF06C4D92815B353F6E792C8129 ] PlugPlay C:\Windows\system32\umpnpmgr.dll
12:43:24.0305 2560 PlugPlay - ok
12:43:24.0396 2560 [ 37F6046CDC630442D7DC087501FF6FC6 ] Pml Driver HPZ12 C:\Windows\system32\HPZipm12.dll
12:43:24.0401 2560 Pml Driver HPZ12 - ok
12:43:24.0446 2560 [ 7195581CEC9BB7D12ABE54036ACC2E38 ] PNRPAutoReg C:\Windows\system32\pnrpauto.dll
12:43:24.0453 2560 PNRPAutoReg - ok
12:43:24.0491 2560 [ 3EAC4455472CC2C97107B5291E0DCAFE ] PNRPsvc C:\Windows\system32\pnrpsvc.dll
12:43:24.0502 2560 PNRPsvc - ok
12:43:24.0582 2560 [ 4F15D75ADF6156BF56ECED6D4A55C389 ] PolicyAgent C:\Windows\System32\ipsecsvc.dll
12:43:24.0593 2560 PolicyAgent - ok
12:43:24.0628 2560 [ 6BA9D927DDED70BD1A9CADED45F8B184 ] Power C:\Windows\system32\umpo.dll
12:43:24.0633 2560 Power - ok
12:43:24.0672 2560 [ F92A2C41117A11A00BE01CA01A7FCDE9 ] PptpMiniport C:\Windows\system32\DRIVERS\raspptp.sys
12:43:24.0674 2560 PptpMiniport - ok
12:43:24.0765 2560 [ 9D59831262CAD44E709D695FC9D5E7AB ] PrintNotify C:\Windows\system32\spool\DRIVERS\x64\3\PrintConfig.dll
12:43:24.0786 2560 PrintNotify - ok
12:43:24.0802 2560 [ 0D922E23C041EFB1C3FAC2A6F943C9BF ] Processor C:\Windows\system32\DRIVERS\processr.sys
12:43:24.0803 2560 Processor - ok
12:43:24.0831 2560 [ 53E83F1F6CF9D62F32801CF66D8352A8 ] ProfSvc C:\Windows\system32\profsvc.dll
12:43:24.0834 2560 ProfSvc - ok
12:43:24.0845 2560 [ C118A82CD78818C29AB228366EBF81C3 ] ProtectedStorage C:\Windows\system32\lsass.exe
12:43:24.0848 2560 ProtectedStorage - ok
12:43:24.0887 2560 [ 0557CF5A2556BD58E26384169D72438D ] Psched C:\Windows\system32\DRIVERS\pacer.sys
12:43:24.0888 2560 Psched - ok
12:43:24.0932 2560 [ A53A15A11EBFD21077463EE2C7AFEEF0 ] ql2300 C:\Windows\system32\DRIVERS\ql2300.sys
12:43:24.0945 2560 ql2300 - ok
12:43:24.0974 2560 [ 4F6D12B51DE1AAEFF7DC58C4D75423C8 ] ql40xx C:\Windows\system32\DRIVERS\ql40xx.sys
12:43:24.0976 2560 ql40xx - ok
12:43:24.0996 2560 [ 906191634E99AEA92C4816150BDA3732 ] QWAVE C:\Windows\system32\qwave.dll
12:43:25.0001 2560 QWAVE - ok
12:43:25.0013 2560 [ 76707BB36430888D9CE9D705398ADB6C ] QWAVEdrv C:\Windows\system32\drivers\qwavedrv.sys
12:43:25.0014 2560 QWAVEdrv - ok
12:43:25.0027 2560 [ 5A0DA8AD5762FA2D91678A8A01311704 ] RasAcd C:\Windows\system32\DRIVERS\rasacd.sys
12:43:25.0028 2560 RasAcd - ok
12:43:25.0031 2560 [ 7ECFF9B22276B73F43A99A15A6094E90 ] RasAgileVpn C:\Windows\system32\DRIVERS\AgileVpn.sys
12:43:25.0032 2560 RasAgileVpn - ok
12:43:25.0046 2560 [ 8F26510C5383B8DBE976DE1CD00FC8C7 ] RasAuto C:\Windows\System32\rasauto.dll
12:43:25.0048 2560 RasAuto - ok
12:43:25.0075 2560 [ 471815800AE33E6F1C32FB1B97C490CA ] Rasl2tp C:\Windows\system32\DRIVERS\rasl2tp.sys
12:43:25.0076 2560 Rasl2tp - ok
12:43:25.0114 2560 [ EE867A0870FC9E4972BA9EAAD35651E2 ] RasMan C:\Windows\System32\rasmans.dll
12:43:25.0127 2560 RasMan - ok
12:43:25.0165 2560 [ 855C9B1CD4756C5E9A2AA58A15F58C25 ] RasPppoe C:\Windows\system32\DRIVERS\raspppoe.sys
12:43:25.0167 2560 RasPppoe - ok
12:43:25.0183 2560 [ E8B1E447B008D07FF47D016C2B0EEECB ] RasSstp C:\Windows\system32\DRIVERS\rassstp.sys
12:43:25.0186 2560 RasSstp - ok
12:43:25.0229 2560 [ 77F665941019A1594D887A74F301FA2F ] rdbss C:\Windows\system32\DRIVERS\rdbss.sys
12:43:25.0235 2560 rdbss - ok
12:43:25.0254 2560 [ 302DA2A0539F2CF54D7C6CC30C1F2D8D ] rdpbus C:\Windows\system32\DRIVERS\rdpbus.sys
12:43:25.0256 2560 rdpbus - ok
12:43:25.0273 2560 [ CEA6CC257FC9B7715F1C2B4849286D24 ] RDPCDD C:\Windows\system32\DRIVERS\RDPCDD.sys
12:43:25.0274 2560 RDPCDD - ok
12:43:25.0283 2560 [ BB5971A4F00659529A5C44831AF22365 ] RDPENCDD C:\Windows\system32\drivers\rdpencdd.sys
12:43:25.0284 2560 RDPENCDD - ok
12:43:25.0290 2560 [ 216F3FA57533D98E1F74DED70113177A ] RDPREFMP C:\Windows\system32\drivers\rdprefmp.sys
12:43:25.0291 2560 RDPREFMP - ok
12:43:25.0333 2560 [ E61608AA35E98999AF9AAEEEA6114B0A ] RDPWD C:\Windows\system32\drivers\RDPWD.sys
12:43:25.0338 2560 RDPWD - ok
12:43:25.0376 2560 [ 34ED295FA0121C241BFEF24764FC4520 ] rdyboost C:\Windows\system32\drivers\rdyboost.sys
12:43:25.0380 2560 rdyboost - ok
12:43:25.0419 2560 [ 254FB7A22D74E5511C73A3F6D802F192 ] RemoteAccess C:\Windows\System32\mprdim.dll
12:43:25.0425 2560 RemoteAccess - ok
12:43:25.0456 2560 [ E4D94F24081440B5FC5AA556C7C62702 ] RemoteRegistry C:\Windows\system32\regsvc.dll
12:43:25.0466 2560 RemoteRegistry - ok
12:43:25.0483 2560 [ E4DC58CF7B3EA515AE917FF0D402A7BB ] RpcEptMapper C:\Windows\System32\RpcEpMap.dll
12:43:25.0491 2560 RpcEptMapper - ok
12:43:25.0506 2560 [ D5BA242D4CF8E384DB90E6A8ED850B8C ] RpcLocator C:\Windows\system32\locator.exe
12:43:25.0508 2560 RpcLocator - ok
12:43:25.0550 2560 [ 5C627D1B1138676C0A7AB2C2C190D123 ] RpcSs C:\Windows\System32\rpcss.dll
12:43:25.0557 2560 RpcSs - ok
12:43:25.0579 2560 [ DDC86E4F8E7456261E637E3552E804FF ] rspndr C:\Windows\system32\DRIVERS\rspndr.sys
12:43:25.0581 2560 rspndr - ok
12:43:25.0615 2560 [ EE082E06A82FF630351D1E0EBBD3D8D0 ] RTL8167 C:\Windows\system32\DRIVERS\Rt64win7.sys
12:43:25.0620 2560 RTL8167 - ok
12:43:25.0628 2560 [ C118A82CD78818C29AB228366EBF81C3 ] SamSs C:\Windows\system32\lsass.exe
12:43:25.0631 2560 SamSs - ok
12:43:25.0699 2560 [ 3289766038DB2CB14D07DC84392138D5 ] SASDIFSV C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS
12:43:25.0701 2560 SASDIFSV - ok
12:43:25.0712 2560 [ 58A38E75F3316A83C23DF6173D41F2B5 ] SASKUTIL C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS
12:43:25.0714 2560 SASKUTIL - ok
12:43:25.0753 2560 [ AC03AF3329579FFFB455AA2DAABBE22B ] sbp2port C:\Windows\system32\drivers\sbp2port.sys
12:43:25.0756 2560 sbp2port - ok
12:43:25.0781 2560 [ 9B7395789E3791A3B6D000FE6F8B131E ] SCardSvr C:\Windows\System32\SCardSvr.dll
12:43:25.0791 2560 SCardSvr - ok
12:43:25.0822 2560 [ 253F38D0D7074C02FF8DEB9836C97D2B ] scfilter C:\Windows\system32\DRIVERS\scfilter.sys
12:43:25.0824 2560 scfilter - ok
12:43:25.0878 2560 [ 262F6592C3299C005FD6BEC90FC4463A ] Schedule C:\Windows\system32\schedsvc.dll
12:43:25.0898 2560 Schedule - ok
12:43:25.0927 2560 [ F17D1D393BBC69C5322FBFAFACA28C7F ] SCPolicySvc C:\Windows\System32\certprop.dll
12:43:25.0929 2560 SCPolicySvc - ok
12:43:25.0971 2560 [ 6EA4234DC55346E0709560FE7C2C1972 ] SDRSVC C:\Windows\System32\SDRSVC.dll
12:43:25.0981 2560 SDRSVC - ok
12:43:26.0045 2560 [ 78779EE07231C658B483B1F38B5088DF ] SeaPort C:\Program Files (x86)\Microsoft\BingBar\SeaPort.EXE
12:43:26.0050 2560 SeaPort - ok
12:43:26.0074 2560 [ 3EA8A16169C26AFBEB544E0E48421186 ] secdrv C:\Windows\system32\drivers\secdrv.sys
12:43:26.0076 2560 secdrv - ok
12:43:26.0085 2560 [ BC617A4E1B4FA8DF523A061739A0BD87 ] seclogon C:\Windows\system32\seclogon.dll
12:43:26.0094 2560 seclogon - ok
12:43:26.0123 2560 [ C32AB8FA018EF34C0F113BD501436D21 ] SENS C:\Windows\system32\sens.dll
12:43:26.0128 2560 SENS - ok
12:43:26.0138 2560 [ 0336CFFAFAAB87A11541F1CF1594B2B2 ] SensrSvc C:\Windows\system32\sensrsvc.dll
12:43:26.0142 2560 SensrSvc - ok
12:43:26.0155 2560 [ CB624C0035412AF0DEBEC78C41F5CA1B ] Serenum C:\Windows\system32\DRIVERS\serenum.sys
12:43:26.0156 2560 Serenum - ok
12:43:26.0167 2560 [ C1D8E28B2C2ADFAEC4BA89E9FDA69BD6 ] Serial C:\Windows\system32\DRIVERS\serial.sys
12:43:26.0168 2560 Serial - ok
12:43:26.0207 2560 [ 1C545A7D0691CC4A027396535691C3E3 ] sermouse C:\Windows\system32\DRIVERS\sermouse.sys
12:43:26.0208 2560 sermouse - ok
12:43:26.0244 2560 [ 0B6231BF38174A1628C4AC812CC75804 ] SessionEnv C:\Windows\system32\sessenv.dll
12:43:26.0249 2560 SessionEnv - ok
12:43:26.0258 2560 [ A554811BCD09279536440C964AE35BBF ] sffdisk C:\Windows\system32\drivers\sffdisk.sys
12:43:26.0259 2560 sffdisk - ok
12:43:26.0266 2560 [ FF414F0BAEFEBA59BC6C04B3DB0B87BF ] sffp_mmc C:\Windows\system32\drivers\sffp_mmc.sys
12:43:26.0267 2560 sffp_mmc - ok
12:43:26.0278 2560 [ DD85B78243A19B59F0637DCF284DA63C ] sffp_sd C:\Windows\system32\drivers\sffp_sd.sys
12:43:26.0279 2560 sffp_sd - ok
12:43:26.0292 2560 [ A9D601643A1647211A1EE2EC4E433FF4 ] sfloppy C:\Windows\system32\DRIVERS\sfloppy.sys
12:43:26.0293 2560 sfloppy - ok
12:43:26.0319 2560 [ B95F6501A2F8B2E78C697FEC401970CE ] SharedAccess C:\Windows\System32\ipnathlp.dll
12:43:26.0324 2560 SharedAccess - ok
12:43:26.0342 2560 [ AAF932B4011D14052955D4B212A4DA8D ] ShellHWDetection C:\Windows\System32\shsvcs.dll
12:43:26.0348 2560 ShellHWDetection - ok
12:43:26.0364 2560 [ 843CAF1E5FDE1FFD5FF768F23A51E2E1 ] SiSRaid2 C:\Windows\system32\DRIVERS\SiSRaid2.sys
12:43:26.0366 2560 SiSRaid2 - ok
12:43:26.0376 2560 [ 6A6C106D42E9FFFF8B9FCB4F754F6DA4 ] SiSRaid4 C:\Windows\system32\DRIVERS\sisraid4.sys
12:43:26.0377 2560 SiSRaid4 - ok
12:43:26.0410 2560 [ A37740568718F245E818D0C5575B9AA9 ] SkypeUpdate C:\Program Files (x86)\Skype\Updater\Updater.exe
12:43:26.0412 2560 SkypeUpdate - ok
12:43:26.0430 2560 [ 548260A7B8654E024DC30BF8A7C5BAA4 ] Smb C:\Windows\system32\DRIVERS\smb.sys
12:43:26.0431 2560 Smb - ok
12:43:26.0453 2560 [ 6313F223E817CC09AA41811DAA7F541D ] SNMPTRAP C:\Windows\System32\snmptrap.exe
12:43:26.0457 2560 SNMPTRAP - ok
12:43:26.0468 2560 [ B9E31E5CACDFE584F34F730A677803F9 ] spldr C:\Windows\system32\drivers\spldr.sys
12:43:26.0468 2560 spldr - ok
12:43:26.0506 2560 [ 85DAA09A98C9286D4EA2BA8D0E644377 ] Spooler C:\Windows\System32\spoolsv.exe
12:43:26.0522 2560 Spooler - ok
12:43:26.0621 2560 [ E17E0188BB90FAE42D83E98707EFA59C ] sppsvc C:\Windows\system32\sppsvc.exe
12:43:26.0644 2560 sppsvc - ok
12:43:26.0713 2560 [ 93D7D61317F3D4BC4F4E9F8A96A7DE45 ] sppuinotify C:\Windows\system32\sppuinotify.dll
12:43:26.0722 2560 sppuinotify - ok
12:43:26.0754 2560 [ A687B5B326AFCFCF182C4931D1FF9771 ] SQLAgent$XMAP7 c:\Program Files (x86)\Microsoft SQL Server\MSSQL10.XMAP7\MSSQL\Binn\SQLAGENT.EXE
12:43:26.0761 2560 SQLAgent$XMAP7 - ok
12:43:26.0833 2560 [ B54B48F6D92423440C264E91225C5FF1 ] SQLBrowser c:\Program Files (x86)\Microsoft SQL Server\90\Shared\sqlbrowser.exe
12:43:26.0838 2560 SQLBrowser - ok
12:43:26.0861 2560 [ 6D65985945B03CA59B67D0B73702FC7B ] SQLWriter c:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
12:43:26.0863 2560 SQLWriter - ok
12:43:26.0902 2560 [ 441FBA48BFF01FDB9D5969EBC1838F0B ] srv C:\Windows\system32\DRIVERS\srv.sys
12:43:26.0906 2560 srv - ok
12:43:26.0927 2560 [ B4ADEBBF5E3677CCE9651E0F01F7CC28 ] srv2 C:\Windows\system32\DRIVERS\srv2.sys
12:43:26.0930 2560 srv2 - ok
12:43:26.0943 2560 [ 27E461F0BE5BFF5FC737328F749538C3 ] srvnet C:\Windows\system32\DRIVERS\srvnet.sys
12:43:26.0945 2560 srvnet - ok
12:43:26.0980 2560 [ 51B52FBD583CDE8AA9BA62B8B4298F33 ] SSDPSRV C:\Windows\System32\ssdpsrv.dll
12:43:26.0986 2560 SSDPSRV - ok
12:43:27.0001 2560 [ AB7AEBF58DAD8DAAB7A6C45E6A8885CB ] SstpSvc C:\Windows\system32\sstpsvc.dll
12:43:27.0006 2560 SstpSvc - ok
12:43:27.0029 2560 [ F3817967ED533D08327DC73BC4D5542A ] stexstor C:\Windows\system32\DRIVERS\stexstor.sys
12:43:27.0030 2560 stexstor - ok
12:43:27.0076 2560 [ 8DD52E8E6128F4B2DA92CE27402871C1 ] stisvc C:\Windows\System32\wiaservc.dll
12:43:27.0094 2560 stisvc - ok
12:43:27.0157 2560 [ D01EC09B6711A5F8E7E6564A4D0FBC90 ] swenum C:\Windows\system32\drivers\swenum.sys
12:43:27.0159 2560 swenum - ok
12:43:27.0184 2560 [ E08E46FDD841B7184194011CA1955A0B ] swprv C:\Windows\System32\swprv.dll
12:43:27.0200 2560 swprv - ok
12:43:27.0276 2560 [ BF9CCC0BF39B418C8D0AE8B05CF95B7D ] SysMain C:\Windows\system32\sysmain.dll
12:43:27.0293 2560 SysMain - ok
12:43:27.0321 2560 [ E3C61FD7B7C2557E1F1B0B4CEC713585 ] TabletInputService C:\Windows\System32\TabSvc.dll
12:43:27.0324 2560 TabletInputService - ok
12:43:27.0361 2560 [ 40F0849F65D13EE87B9A9AE3C1DD6823 ] TapiSrv C:\Windows\System32\tapisrv.dll
12:43:27.0365 2560 TapiSrv - ok
12:43:27.0384 2560 [ 1BE03AC720F4D302EA01D40F588162F6 ] TBS C:\Windows\System32\tbssvc.dll
12:43:27.0387 2560 TBS - ok
12:43:27.0449 2560 [ DB74544B75566C974815E79A62433F29 ] Tcpip C:\Windows\system32\drivers\tcpip.sys
12:43:27.0466 2560 Tcpip - ok
12:43:27.0504 2560 [ DB74544B75566C974815E79A62433F29 ] TCPIP6 C:\Windows\system32\DRIVERS\tcpip.sys
12:43:27.0517 2560 TCPIP6 - ok
12:43:27.0549 2560 [ 1B16D0BD9841794A6E0CDE0CEF744ABC ] tcpipreg C:\Windows\system32\drivers\tcpipreg.sys
12:43:27.0549 2560 tcpipreg - ok
12:43:27.0573 2560 [ 3371D21011695B16333A3934340C4E7C ] TDPIPE C:\Windows\system32\drivers\tdpipe.sys
12:43:27.0573 2560 TDPIPE - ok
12:43:27.0611 2560 [ 51C5ECEB1CDEE2468A1748BE550CFBC8 ] TDTCP C:\Windows\system32\drivers\tdtcp.sys
12:43:27.0613 2560 TDTCP - ok
12:43:27.0651 2560 [ DDAD5A7AB24D8B65F8D724F5C20FD806 ] tdx C:\Windows\system32\DRIVERS\tdx.sys
12:43:27.0655 2560 tdx - ok
12:43:27.0679 2560 [ 561E7E1F06895D78DE991E01DD0FB6E5 ] TermDD C:\Windows\system32\drivers\termdd.sys
12:43:27.0682 2560 TermDD - ok
12:43:27.0713 2560 [ 2E648163254233755035B46DD7B89123 ] TermService C:\Windows\System32\termsrv.dll
12:43:27.0731 2560 TermService - ok
12:43:27.0758 2560 [ F0344071948D1A1FA732231785A0664C ] Themes C:\Windows\system32\themeservice.dll
12:43:27.0768 2560 Themes - ok
12:43:27.0792 2560 [ E40E80D0304A73E8D269F7141D77250B ] THREADORDER C:\Windows\system32\mmcss.dll
12:43:27.0796 2560 THREADORDER - ok
12:43:27.0806 2560 [ 7E7AFD841694F6AC397E99D75CEAD49D ] TrkWks C:\Windows\System32\trkwks.dll
12:43:27.0812 2560 TrkWks - ok
12:43:27.0858 2560 [ 773212B2AAA24C1E31F10246B15B276C ] TrustedInstaller C:\Windows\servicing\TrustedInstaller.exe
12:43:27.0862 2560 TrustedInstaller - ok
12:43:27.0907 2560 [ 4CE278FC9671BA81A138D70823FCAA09 ] tssecsrv C:\Windows\system32\DRIVERS\tssecsrv.sys
12:43:27.0910 2560 tssecsrv - ok
12:43:27.0945 2560 [ D11C783E3EF9A3C52C0EBE83CC5000E9 ] TsUsbFlt C:\Windows\system32\drivers\tsusbflt.sys
12:43:27.0947 2560 TsUsbFlt - ok
12:43:28.0000 2560 [ 3566A8DAAFA27AF944F5D705EAA64894 ] tunnel C:\Windows\system32\DRIVERS\tunnel.sys
12:43:28.0003 2560 tunnel - ok
12:43:28.0038 2560 [ B4DD609BD7E282BFC683CEC7EAAAAD67 ] uagp35 C:\Windows\system32\DRIVERS\uagp35.sys
12:43:28.0040 2560 uagp35 - ok
12:43:28.0078 2560 [ FF4232A1A64012BAA1FD97C7B67DF593 ] udfs C:\Windows\system32\DRIVERS\udfs.sys
12:43:28.0081 2560 udfs - ok
12:43:28.0110 2560 [ 3CBDEC8D06B9968ABA702EBA076364A1 ] UI0Detect C:\Windows\system32\UI0Detect.exe
12:43:28.0115 2560 UI0Detect - ok
12:43:28.0154 2560 [ 4BFE1BC28391222894CBF1E7D0E42320 ] uliagpkx C:\Windows\system32\drivers\uliagpkx.sys
12:43:28.0156 2560 uliagpkx - ok
12:43:28.0193 2560 [ DC54A574663A895C8763AF0FA1FF7561 ] umbus C:\Windows\system32\drivers\umbus.sys
12:43:28.0196 2560 umbus - ok
12:43:28.0219 2560 [ B2E8E8CB557B156DA5493BBDDCC1474D ] UmPass C:\Windows\system32\DRIVERS\umpass.sys
12:43:28.0221 2560 UmPass - ok
12:43:28.0244 2560 [ D47EC6A8E81633DD18D2436B19BAF6DE ] upnphost C:\Windows\System32\upnphost.dll
12:43:28.0258 2560 upnphost - ok
12:43:28.0294 2560 [ C9E9D59C0099A9FF51697E9306A44240 ] USBAAPL64 C:\Windows\system32\Drivers\usbaapl64.sys
12:43:28.0297 2560 USBAAPL64 - ok
12:43:28.0316 2560 [ 82E8F44688E6FAC57B5B7C6FC7ADBC2A ] usbaudio C:\Windows\system32\drivers\usbaudio.sys
12:43:28.0319 2560 usbaudio - ok
12:43:28.0339 2560 [ 6F1A3157A1C89435352CEB543CDB359C ] usbccgp C:\Windows\system32\DRIVERS\usbccgp.sys
12:43:28.0342 2560 usbccgp - ok
12:43:28.0375 2560 [ AF0892A803FDDA7492F595368E3B68E7 ] usbcir C:\Windows\system32\drivers\usbcir.sys
12:43:28.0378 2560 usbcir - ok
12:43:28.0398 2560 [ C025055FE7B87701EB042095DF1A2D7B ] usbehci C:\Windows\system32\DRIVERS\usbehci.sys
12:43:28.0401 2560 usbehci - ok
12:43:28.0419 2560 [ 287C6C9410B111B68B52CA298F7B8C24 ] usbhub C:\Windows\system32\DRIVERS\usbhub.sys
12:43:28.0425 2560 usbhub - ok
12:43:28.0444 2560 [ 9840FC418B4CBD632D3D0A667A725C31 ] usbohci C:\Windows\system32\DRIVERS\usbohci.sys
12:43:28.0446 2560 usbohci - ok
12:43:28.0471 2560 [ 73188F58FB384E75C4063D29413CEE3D ] usbprint C:\Windows\system32\DRIVERS\usbprint.sys
12:43:28.0473 2560 usbprint - ok
12:43:28.0508 2560 [ AAA2513C8AED8B54B189FD0C6B1634C0 ] usbscan C:\Windows\system32\DRIVERS\usbscan.sys
12:43:28.0510 2560 usbscan - ok
12:43:28.0527 2560 [ FED648B01349A3C8395A5169DB5FB7D6 ] USBSTOR C:\Windows\system32\DRIVERS\USBSTOR.SYS
12:43:28.0530 2560 USBSTOR - ok
12:43:28.0552 2560 [ 62069A34518BCF9C1FD9E74B3F6DB7CD ] usbuhci C:\Windows\system32\drivers\usbuhci.sys
12:43:28.0555 2560 usbuhci - ok
12:43:28.0621 2560 [ EDBB23CBCF2CDF727D64FF9B51A6070E ] UxSms C:\Windows\System32\uxsms.dll
12:43:28.0631 2560 UxSms - ok
12:43:28.0658 2560 [ C118A82CD78818C29AB228366EBF81C3 ] VaultSvc C:\Windows\system32\lsass.exe
12:43:28.0665 2560 VaultSvc - ok
12:43:28.0698 2560 [ C5C876CCFC083FF3B128F933823E87BD ] vdrvroot C:\Windows\system32\drivers\vdrvroot.sys
12:43:28.0701 2560 vdrvroot - ok
12:43:28.0749 2560 [ 8D6B481601D01A456E75C3210F1830BE ] vds C:\Windows\System32\vds.exe
12:43:28.0766 2560 vds - ok
12:43:28.0786 2560 [ DA4DA3F5E02943C2DC8C6ED875DE68DD ] vga C:\Windows\system32\DRIVERS\vgapnp.sys
12:43:28.0787 2560 vga - ok
12:43:28.0795 2560 [ 53E92A310193CB3C03BEA963DE7D9CFC ] VgaSave C:\Windows\System32\drivers\vga.sys
12:43:28.0796 2560 VgaSave - ok
12:43:28.0813 2560 [ 2CE2DF28C83AEAF30084E1B1EB253CBB ] vhdmp C:\Windows\system32\drivers\vhdmp.sys
12:43:28.0815 2560 vhdmp - ok
12:43:28.0864 2560 [ EB8E24360CAF3492E129B9E485CDCA9C ] VIAHdAudAddService C:\Windows\system32\drivers\viahduaa.sys
12:43:28.0871 2560 VIAHdAudAddService - ok
12:43:28.0902 2560 [ E5689D93FFE4E5D66C0178761240DD54 ] viaide C:\Windows\system32\drivers\viaide.sys
12:43:28.0903 2560 viaide - ok
12:43:28.0919 2560 [ D2AAFD421940F640B407AEFAAEBD91B0 ] volmgr C:\Windows\system32\drivers\volmgr.sys
12:43:28.0920 2560 volmgr - ok
12:43:28.0960 2560 [ A255814907C89BE58B79EF2F189B843B ] volmgrx C:\Windows\system32\drivers\volmgrx.sys
12:43:28.0967 2560 volmgrx - ok
12:43:29.0002 2560 [ 0D08D2F3B3FF84E433346669B5E0F639 ] volsnap C:\Windows\system32\drivers\volsnap.sys
12:43:29.0008 2560 volsnap - ok
12:43:29.0039 2560 [ 5E2016EA6EBACA03C04FEAC5F330D997 ] vsmraid C:\Windows\system32\DRIVERS\vsmraid.sys
12:43:29.0043 2560 vsmraid - ok
12:43:29.0112 2560 [ B60BA0BC31B0CB414593E169F6F21CC2 ] VSS C:\Windows\system32\vssvc.exe
12:43:29.0138 2560 VSS - ok
12:43:29.0147 2560 [ 36D4720B72B5C5D9CB2B9C29E9DF67A1 ] vwifibus C:\Windows\System32\drivers\vwifibus.sys
12:43:29.0148 2560 vwifibus - ok
12:43:29.0172 2560 [ 1C9D80CC3849B3788048078C26486E1A ] W32Time C:\Windows\system32\w32time.dll
12:43:29.0177 2560 W32Time - ok
12:43:29.0198 2560 [ 4E9440F4F152A7B944CB1663D3935A3E ] WacomPen C:\Windows\system32\DRIVERS\wacompen.sys
12:43:29.0199 2560 WacomPen - ok
12:43:29.0223 2560 [ 356AFD78A6ED4457169241AC3965230C ] WANARP C:\Windows\system32\DRIVERS\wanarp.sys
12:43:29.0224 2560 WANARP - ok
12:43:29.0228 2560 [ 356AFD78A6ED4457169241AC3965230C ] Wanarpv6 C:\Windows\system32\DRIVERS\wanarp.sys
12:43:29.0229 2560 Wanarpv6 - ok
12:43:29.0300 2560 [ 3CEC96DE223E49EAAE3651FCF8FAEA6C ] WatAdminSvc C:\Windows\system32\Wat\WatAdminSvc.exe
12:43:29.0317 2560 WatAdminSvc - ok
12:43:29.0360 2560 [ 78F4E7F5C56CB9716238EB57DA4B6A75 ] wbengine C:\Windows\system32\wbengine.exe
12:43:29.0372 2560 wbengine - ok
12:43:29.0398 2560 [ 3AA101E8EDAB2DB4131333F4325C76A3 ] WbioSrvc C:\Windows\System32\wbiosrvc.dll
12:43:29.0402 2560 WbioSrvc - ok
12:43:29.0429 2560 [ 7368A2AFD46E5A4481D1DE9D14848EDD ] wcncsvc C:\Windows\System32\wcncsvc.dll
12:43:29.0433 2560 wcncsvc - ok
12:43:29.0438 2560 [ 20F7441334B18CEE52027661DF4A6129 ] WcsPlugInService C:\Windows\System32\WcsPlugInService.dll
12:43:29.0441 2560 WcsPlugInService - ok
12:43:29.0456 2560 [ 72889E16FF12BA0F235467D6091B17DC ] Wd C:\Windows\system32\DRIVERS\wd.sys
12:43:29.0457 2560 Wd - ok
12:43:29.0496 2560 [ 442783E2CB0DA19873B7A63833FF4CB4 ] Wdf01000 C:\Windows\system32\drivers\Wdf01000.sys
12:43:29.0508 2560 Wdf01000 - ok
12:43:29.0528 2560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiServiceHost C:\Windows\system32\wdi.dll
12:43:29.0533 2560 WdiServiceHost - ok
12:43:29.0537 2560 [ BF1FC3F79B863C914687A737C2F3D681 ] WdiSystemHost C:\Windows\system32\wdi.dll
12:43:29.0543 2560 WdiSystemHost - ok
12:43:29.0695 2560 [ 3DB6D04E1C64272F8B14EB8BC4616280 ] WebClient C:\Windows\System32\webclnt.dll
12:43:29.0708 2560 WebClient - ok
12:43:29.0738 2560 [ C749025A679C5103E575E3B48E092C43 ] Wecsvc C:\Windows\system32\wecsvc.dll
12:43:29.0751 2560 Wecsvc - ok
12:43:29.0769 2560 [ 7E591867422DC788B9E5BD337A669A08 ] wercplsupport C:\Windows\System32\wercplsupport.dll
12:43:29.0773 2560 wercplsupport - ok
12:43:29.0781 2560 [ 6D137963730144698CBD10F202E9F251 ] WerSvc C:\Windows\System32\WerSvc.dll
12:43:29.0785 2560 WerSvc - ok
12:43:29.0798 2560 [ 611B23304BF067451A9FDEE01FBDD725 ] WfpLwf C:\Windows\system32\DRIVERS\wfplwf.sys
12:43:29.0799 2560 WfpLwf - ok
12:43:29.0812 2560 [ 05ECAEC3E4529A7153B3136CEB49F0EC ] WIMMount C:\Windows\system32\drivers\wimmount.sys
12:43:29.0813 2560 WIMMount - ok
12:43:29.0831 2560 WinDefend - ok
12:43:29.0841 2560 WinHttpAutoProxySvc - ok
12:43:29.0869 2560 [ 19B07E7E8915D701225DA41CB3877306 ] Winmgmt C:\Windows\system32\wbem\WMIsvc.dll
12:43:29.0871 2560 Winmgmt - ok
12:43:29.0939 2560 [ BCB1310604AA415C4508708975B3931E ] WinRM C:\Windows\system32\WsmSvc.dll
12:43:29.0958 2560 WinRM - ok
12:43:30.0022 2560 [ FE88B288356E7B47B74B13372ADD906D ] WinUsb C:\Windows\system32\DRIVERS\WinUsb.sys
12:43:30.0025 2560 WinUsb - ok
12:43:30.0065 2560 [ 4FADA86E62F18A1B2F42BA18AE24E6AA ] Wlansvc C:\Windows\System32\wlansvc.dll
12:43:30.0087 2560 Wlansvc - ok
12:43:30.0184 2560 [ 2BACD71123F42CEA603F4E205E1AE337 ] wlidsvc C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
12:43:30.0198 2560 wlidsvc - ok
12:43:30.0211 2560 [ F6FF8944478594D0E414D3F048F0D778 ] WmiAcpi C:\Windows\system32\drivers\wmiacpi.sys
12:43:30.0212 2560 WmiAcpi - ok
12:43:30.0242 2560 [ 38B84C94C5A8AF291ADFEA478AE54F93 ] wmiApSrv C:\Windows\system32\wbem\WmiApSrv.exe
12:43:30.0243 2560 wmiApSrv - ok
12:43:30.0257 2560 WMPNetworkSvc - ok
12:43:30.0277 2560 [ 96C6E7100D724C69FCF9E7BF590D1DCA ] WPCSvc C:\Windows\System32\wpcsvc.dll
12:43:30.0287 2560 WPCSvc - ok
12:43:30.0320 2560 [ 93221146D4EBBF314C29B23CD6CC391D ] WPDBusEnum C:\Windows\system32\wpdbusenum.dll
12:43:30.0331 2560 WPDBusEnum - ok
12:43:30.0351 2560 [ 6BCC1D7D2FD2453957C5479A32364E52 ] ws2ifsl C:\Windows\system32\drivers\ws2ifsl.sys
12:43:30.0353 2560 ws2ifsl - ok
12:43:30.0370 2560 [ E8B1FE6669397D1772D8196DF0E57A9E ] wscsvc C:\Windows\system32\wscsvc.dll
12:43:30.0376 2560 wscsvc - ok
12:43:30.0380 2560 WSearch - ok
12:43:30.0469 2560 [ D9EF901DCA379CFE914E9FA13B73B4C4 ] wuauserv C:\Windows\system32\wuaueng.dll
12:43:30.0496 2560 wuauserv - ok
12:43:30.0562 2560 [ AB886378EEB55C6C75B4F2D14B6C869F ] WudfPf C:\Windows\system32\drivers\WudfPf.sys
12:43:30.0565 2560 WudfPf - ok
12:43:30.0582 2560 [ DDA4CAF29D8C0A297F886BFE561E6659 ] WUDFRd C:\Windows\system32\DRIVERS\WUDFRd.sys
12:43:30.0585 2560 WUDFRd - ok
12:43:30.0601 2560 [ B20F051B03A966392364C83F009F7D17 ] wudfsvc C:\Windows\System32\WUDFSvc.dll
12:43:30.0607 2560 wudfsvc - ok
12:43:30.0643 2560 [ FE90B750AB808FB9DD8FBB428B5FF83B ] WwanSvc C:\Windows\System32\wwansvc.dll
12:43:30.0650 2560 WwanSvc - ok
12:43:30.0658 2560 ================ Scan global ===============================
12:43:30.0694 2560 [ BA0CD8C393E8C9F83354106093832C7B ] C:\Windows\system32\basesrv.dll
12:43:30.0729 2560 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
12:43:30.0750 2560 [ 88EDD0B34EED542745931E581AD21A32 ] C:\Windows\system32\winsrv.dll
12:43:30.0774 2560 [ D6160F9D869BA3AF0B787F971DB56368 ] C:\Windows\system32\sxssrv.dll
12:43:30.0792 2560 [ 24ACB7E5BE595468E3B9AA488B9B4FCB ] C:\Windows\system32\services.exe
12:43:30.0797 2560 [Global] - ok
12:43:30.0798 2560 ================ Scan MBR ==================================
12:43:30.0805 2560 [ A36C5E4F47E84449FF07ED3517B43A31 ] \Device\Harddisk0\DR0
12:43:30.0998 2560 \Device\Harddisk0\DR0 - ok
12:43:31.0002 2560 [ 739B36F7A373FC81121D831231B6D311 ] \Device\Harddisk1\DR1
12:43:31.0219 2560 \Device\Harddisk1\DR1 - ok
12:43:31.0219 2560 ================ Scan VBR ==================================
12:43:31.0221 2560 [ 6DC1B7CC6B15A1BA57938527F31318A9 ] \Device\Harddisk0\DR0\Partition1
12:43:31.0223 2560 \Device\Harddisk0\DR0\Partition1 - ok
12:43:31.0231 2560 [ DC814D3644824EFC894DD74BEB9CA6BA ] \Device\Harddisk0\DR0\Partition2
12:43:31.0232 2560 \Device\Harddisk0\DR0\Partition2 - ok
12:43:31.0236 2560 [ 8F65FA7E286D8B9F1E7C6BF92F3629E7 ] \Device\Harddisk1\DR1\Partition1
12:43:31.0238 2560 \Device\Harddisk1\DR1\Partition1 - ok
12:43:31.0239 2560 ============================================================
12:43:31.0239 2560 Scan finished
12:43:31.0239 2560 ============================================================
12:43:31.0246 4832 Detected object count: 0
12:43:31.0246 4832 Actual detected object count: 0
 
I missed a keystroke in ESET, tried to run again, and it wouldn't let me. Tried to uninstall, re-install, and the process is cumbersome.

Hope to have .txt soon.

ugh!

finally got ESET running again, but in my haste, I forgot to have it scan the Archives only. So, it's running the whole system.

I fear it will take a while, although it's about 1/3 done with nothing found.

:)

ESET scan complete.

No threats, no objects cleaned.
 
Last edited by a moderator:
Ok, then. Please do the following.

Upload this file to www.virustotal.com

c:\windows\system32\dmwu.exe

Once you get the results, copy and paste the url address into your reply.

Also go here and let me know if there are any files inside this folder.

c:\windows\system32\ljkb
 
ran Rkill (some of this stuff certainly looks suspicious, but I'm not sure what to do with it):

Rkill 2.6.1 by Lawrence Abrams (Grinler)
http://www.bleepingcomputer.com/
Copyright 2008-2013 BleepingComputer.com
More Information about Rkill can be found at this link:
http://www.bleepingcomputer.com/forums/topic308364.html

Program started at: 10/06/2013 10:37:27 AM in x64 mode.
Windows Version: Windows 7 Home Premium Service Pack 1

Checking for Windows services to stop:

* No malware services found to stop.

Checking for processes to terminate:

* No malware processes found to kill.

Checking Registry for malware related settings:

* No issues found in the Registry.

Resetting .EXE, .COM, & .BAT associations in the Windows Registry.

Performing miscellaneous checks:

* No issues found.

Checking Windows Service Integrity:

* No issues found.

Searching for Missing Digital Signatures:

* No issues found.

Checking HOSTS File:

* HOSTS file entries found:

127.0.0.1 08sr.combineads.info # hosts anti-adware / pups
127.0.0.1 08srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 12srvr.combineads.info # hosts anti-adware / pups
127.0.0.1 2010-fr.com # hosts anti-adware / pups
127.0.0.1 2012-new.biz # hosts anti-adware / pups
127.0.0.1 2319825.ourtoolbar.com # hosts anti-adware / pups
127.0.0.1 24h00business.com # hosts anti-adware / pups
127.0.0.1 a.daasafterdusk.com # hosts anti-adware / pups
127.0.0.1 ad.adn360.com # hosts anti-adware / pups
127.0.0.1 adeartss.eu # hosts anti-adware / pups
127.0.0.1 adesoeasy.eu # hosts anti-adware / pups
127.0.0.1 adf.girldatesforfree.net # hosts anti-adware / pups
127.0.0.1 adm.soft365.com # hosts anti-adware / pups
127.0.0.1 adomicileavail.googlepages.com # hosts anti-adware / pups
127.0.0.1 ads7.complexadveising.com # hosts anti-adware / pups
127.0.0.1 ads.aff.co # hosts anti-adware / pups
127.0.0.1 ads.alpha00001.com # hosts anti-adware / pups
127.0.0.1 ads.cloud4ads.com # hosts anti-adware / pups
127.0.0.1 ads.eorezo.com # hosts anti-adware / pups
127.0.0.1 ads.hooqy.com # hosts anti-adware / pups

20 out of 623 HOSTS entries shown.
Please review HOSTS file for further entries.

Program finished at: 10/06/2013 10:37:37 AM
 
You must log in or register to reply here.
Back
Top