mikehende Posted November 30, 2015 Posted November 30, 2015 (edited) Hey Pete, hope you're around here these days. I have been dealing with one of my win7 hp desktop machines not working as normal for about a week now. I had done the regular cleaning last week but still something's off so I ran the scans again today. I did not run Ccleaner because I currently have 20 tabs or so open in FF and don't wish to lose them until I am done with them so please tell me whether or not you can assist without running Ccleaner? SAS showed some activity on first run so I am including the 2 logs of both runs. Also, within the last week I had run JRT 3 times including today and each time it found "a bad module", help please? Edited November 30, 2015 by mikehende Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 Malwarebytes Anti-Malware www.malwarebytes.org Scan Date: 11/30/2015 Scan Time: 8:42 AM Logfile: mbam log.txt Administrator: Yes Version: 2.2.0.1024 Malware Database: v2015.11.30.02 Rootkit Database: v2015.11.26.01 License: Trial Malware Protection: Enabled Malicious Website Protection: Enabled Self-protection: Disabled OS: Windows 7 Service Pack 1 CPU: x86 File System: NTFS User: user Scan Type: Threat Scan Result: Completed Objects Scanned: 302689 Time Elapsed: 41 min, 28 sec Memory: Enabled Startup: Enabled Filesystem: Enabled Archives: Enabled Rootkits: Disabled Heuristics: Enabled PUP: Enabled PUM: Enabled Processes: 0 (No malicious items detected) Modules: 0 (No malicious items detected) Registry Keys: 0 (No malicious items detected) Registry Values: 0 (No malicious items detected) Registry Data: 0 (No malicious items detected) Folders: 0 (No malicious items detected) Files: 0 (No malicious items detected) Physical Sectors: 0 (No malicious items detected) (end) Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 11/30/2015 at 01:36 PM Application Version : 6.0.1208 Database Version : 12215 Scan type : Complete Scan Total Scan Time : 01:15:13 Operating System Information Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 844 Memory threats detected : 0 Registry items scanned : 31875 Registry threats detected : 0 File items scanned : 15757 File threats detected : 586 PUP.Spigot/Variant C:\USERS\USER\APPDATA\LOCAL\MICROSOFT\WINDOWS\TEMPORARY INTERNET FILES\CONTENT.IE5\VOV4IEFD\CNETINSTALLER[2] Adware.Tracking Cookie .abmr.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bttrack.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .iasds01.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] m.webtrends.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adgrx.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adgrx.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adgrx.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tribalfusion.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] s.opendsp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] tag.crsspxl.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .burstnet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] match.rundsp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .voicefive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.linkedin.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.linkedin.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.linkedin.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.linkedin.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .clickfuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .connexity.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .choicestream.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] www.googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .iasds01.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .aexp.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .comcast.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .emc.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ford.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pepsico.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pfizer.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .samsungelectronicsamericainc.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .vivaki.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .eloqua.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .eloqua.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .eqads.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bttrack.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .intentiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .intentiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .intentiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .intentiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .intentiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adtechus.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .swid.switchads.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mentad.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.al.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.mlive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.nola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.pennlive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.syracuse.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .nanigans.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.stickyadstv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ox-d.bim.servedbyopenx.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ox-d.cbs.servedbyopenx.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ox-d.salemwebnetworks.servedbyopenx.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .domdex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .domdex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .domdex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pubmatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gwallet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .reson8.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .reson8.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .runadtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] match.rundsp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] match.rundsp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .semasio.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .reson8.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .krxd.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .smaato.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] api.placed.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsrvr.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsrvr.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tekblue.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tekblue.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tekblue.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tapad.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tapad.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsymptotic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .voicefive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .voicefive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scanscout.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .videohub.tv [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scanscout.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .admaym.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.undertone.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] prg.undertone.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.undertone.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.undertone.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] prg.undertone.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .contextweb.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .vizu.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .vizu.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .zedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tentaculos.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tentaculos.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adrta.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adrta.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] d.adroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bluecava.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .inspectlet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .instinctiveads.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .choicestream.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .choicestream.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dpclk.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .eyeviewads.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .instinctiveads.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .go.sonobi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .go.sonobi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .go.sonobi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .deepsearch.adlucent.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .crwdcntrl.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .crwdcntrl.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .crwdcntrl.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .crwdcntrl.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .optimahub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .krxd.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .alenty.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rhythmxchange.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sitescout.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tubemogul.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tubemogul.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .afy11.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adadvisor.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adadvisor.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bluecava.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adaptv.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dmtry.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adhigh.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adadvisor.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .aexp.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dmtry.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pro-market.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adnxs.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .areyouahuman.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .voicefive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .voicefive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .voicefive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bluekai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bluekai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .s.thebrighttag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] s.thebrighttag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .s.thebrighttag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .s.thebrighttag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .2452580572.log.optimizely.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsnative.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsnative.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsnative.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsnative.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bidswitch.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pix.btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pix.btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pix.btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pix.btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pix.btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pix.btrll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .chango.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ipredictive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .basebanner.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rlcdn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .yieldoptimizer.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .yieldoptimizer.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .comcast.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .wtp101.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adtechus.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adtechus.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adtechus.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ipredictive.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sp1.convertro.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .kau.li [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dc.optimahub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .apxlv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pippio.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rlcdn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dpm.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] tap-t.rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] tap.rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sxp.smartclip.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .udmserve.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .krxd.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .emc.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .2452580572.log.optimizely.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .eyereturn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .everesttech.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .univide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .univide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bs.serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .admaym.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .flashtalking.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ford.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .everesttech.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adhigh.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .genieessp.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .genieesspv.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gssprt.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .href.asia [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .postrelease.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .hlserve.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .kau.li [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .openx.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ib.mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ib.mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adnxs.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rlcdn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bluecava.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .intentiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pool.admedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .jumptap.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .jivox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .jivox.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .xg4ken.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .lijit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .domdex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] www.wtp101.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .liverail.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .liverail.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bluecava.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .eyeota.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adingo.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .cardlytics.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .richrelevance.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mxptint.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] recs.richrelevance.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .nexac.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .nexac.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .nexac.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .nexac.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .nexac.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ninthdecimal.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .netseer.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .netseer.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .netseer.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .opendsp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .optimatic.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .config.parsely.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .spotxchange.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .contextweb.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .openx.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .univide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .univide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pepsico.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pfizer.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ml314.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .smartadserver.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sxp.smartclip.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tidaltv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] tap-secure.rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] recs.richrelevance.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pippio.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gwallet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gwallet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gwallet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ad2.cdns.turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] cdn.turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rlcdn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .pixel.rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ad2.cdns.turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] cdn.turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adbrn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .dotomi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adaptv.advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rlcdn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ad2.cdns.turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] cdn.turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .afy11.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] recs.richrelevance.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .idgenterprise.d1.sc.omtrdc.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .samsungelectronicsamericainc.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adnxs.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .reson8.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .skimresources.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .skimresources.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] c.conversionlogic.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .spongecell.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] analytics.spongecell.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] analytics.spongecell.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .owneriq.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sitescout.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sitescout.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sundaysky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .contextweb.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .reson8.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .securedvisit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .securedvisit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .wtp101.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .taboola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] trc.taboola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] trc.taboola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] trc.taboola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] trc.taboola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .taboola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .udmserve.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .tidaltv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .3lift.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] dmp.truoptik.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] dmp.truoptik.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] dmp.truoptik.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .genieessp.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .genieesspv.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gssprt.jp [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .href.asia [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ml314.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .teads.tv [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .teads.tv [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ih.adscale.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .254a.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adbrn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .bidswitch.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .company-target.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .wtp101.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ad.360yield.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] pool.admedo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .agkn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .jsrdn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .ml314.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rfihub.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] recs.richrelevance.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .exelator.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .udmserve.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .audienceiq.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .c1exchange.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .criteo.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .crsspxl.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scanscout.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .simpli.fi [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .univide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .videohub.tv [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .visiblemeasures.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ardrone.swoop.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ads.stickyadstv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .simpli.fi [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ad.360yield.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ad.360yield.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adscale.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .agkn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sxp.smartclip.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adnxs.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .videoamp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .addthis.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .viglink.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .admaym.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .rubiconproject.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .postrelease.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .vivaki.demdex.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .gumgum.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .vmweb.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .w55c.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mookie1.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .sbal4kp.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .yume.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .yashi.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .zemanta.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] Adware.ConvertAd/Variant C:\USERS\USER\DOWNLOADS\ADOBE-READER.EXE ============ End of Log ============ Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 SUPERAntiSpyware Scan Log http://www.superantispyware.com Generated 11/30/2015 at 02:58 PM Application Version : 6.0.1208 Database Version : 12218 Scan type : Complete Scan Total Scan Time : 01:02:42 Operating System Information Windows 7 Home Premium 32-bit, Service Pack 1 (Build 6.01.7601) UAC On - Limited User Memory items scanned : 791 Memory threats detected : 0 Registry items scanned : 31875 Registry threats detected : 0 File items scanned : 15734 File threats detected : 21 Adware.Tracking Cookie .googleadservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adlegend.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adlegend.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsrvr.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .adsrvr.org [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .scorecardresearch.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .agkn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .turn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .agkn.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] .mathtag.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XT2FSYGY.DEFAULT\COOKIES.SQLITE ] ============ End of Log ============ Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 Scan result of Farbar Recovery Scan Tool (FRST) (x86) Version:30-11-2015 Ran by user (administrator) on USER-PC (30-11-2015 15:34:01) Running from F:\AV Softwares Loaded Profiles: user (Available Profiles: user) Platform: Microsoft Windows 7 Home Premium Service Pack 1 (X86) Language: English (United States) Internet Explorer Version 11 (Default browser: FF) Boot Mode: Normal Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/ ==================== Processes (Whitelisted) ================= (If an entry is included in the fixlist, the process will be closed. The file will not be moved.) (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe (Intel Corporation) C:\Windows\System32\igfxtray.exe (Intel Corporation) C:\Windows\System32\hkcmd.exe (Intel Corporation) C:\Windows\System32\igfxpers.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe (Logitech Inc.) C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiWatchDog.exe (SEIKO EPSON CORPORATION) C:\Program Files\Common Files\EPSON\EBAPI\eEBSvc.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\AMSP\coreFrameworkHost.exe (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore.exe (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtWatchDog.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Copyright 2013 SAMSUNG) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe (Malwarebytes) C:\Program Files\Malwarebytes Anti-Malware\mbam.exe (DEVGURU Co., LTD.) C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\UniClient\UiFrmwrk\uiSeAgnt.exe (TeamViewer GmbH) C:\Program Files\TeamViewer\TeamViewer_Service.exe (Greenshot) C:\Program Files\Greenshot\Greenshot.exe (SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\Event Manager\EEventManager.exe () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe (SEIKO EPSON CORPORATION) C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe (Trend Micro Inc.) C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe (Brainasoft) C:\Program Files\Braina\Braina.exe (SEIKO EPSON CORPORATION) C:\Windows\System32\spool\drivers\w32x86\3\E_FATIGMA.EXE (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe (EventGhost Project) C:\Program Files\EventGhost\EventGhost.exe (Brainasoft) C:\Program Files\Braina\bhp.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe (Samsung) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe (Brainasoft) C:\Program Files\Braina\fcmd.exe (Skype Technologies S.A.) C:\Program Files\Skype\Phone\Skype.exe (Adobe Systems Incorporated) C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe ==================== Registry (Whitelisted) =========================== (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.) HKLM\...\Run: [samsung Link] => C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe [575328 2015-03-18] (Copyright 2013 SAMSUNG) HKLM\...\Run: [LWS] => C:\Program Files\Logitech\LWS\Webcam Software\LWS.exe [204136 2012-09-12] (Logitech Inc.) HKLM\...\Run: [APSDaemon] => C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-09-13] (Apple Inc.) HKLM\...\Run: [QuickTime Task] => C:\Program Files\QuickTime\QTTask.exe [421888 2014-01-17] (Apple Inc.) HKLM\...\Run: [bCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [91520 2010-03-13] (Microsoft Corporation) HKLM\...\Run: [Greenshot] => C:\Program Files\Greenshot\Greenshot.exe [495616 2014-05-12] (Greenshot) HKLM\...\Run: [EEventManager] => C:\Program Files\Epson Software\Event Manager\EEventManager.exe [976832 2009-12-17] (SEIKO EPSON CORPORATION) HKLM\...\Run: [FUFAXSTM] => C:\Program Files\Epson Software\FAX Utility\FUFAXSTM.exe [847872 2009-12-03] (SEIKO EPSON CORPORATION) HKLM\...\Run: [Platinum] => C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSessionAgent.exe [1078784 2015-05-04] (Trend Micro Inc.) HKLM\...\Run: [PwmConsole.exe] => C:\Program Files\Trend Micro\TMIDS\PwmConsole.exe [2047216 2015-06-29] (Trend Micro Inc.) HKLM\...\Run: [Trend Micro Client Framework] => C:\Program Files\Trend Micro\UniClient\UiFrmWrk\UIWatchDog.exe [165976 2014-07-20] (Trend Micro Inc.) HKLM\...\Run: [braina] => C:\Program Files\Braina\Braina.exe [1366608 2015-10-07] (Brainasoft) HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\...\Run: [WorkForce 840(Network)] => C:\Windows\system32\spool\DRIVERS\W32X86\3\E_FATIGMA.EXE [201216 2010-01-12] (SEIKO EPSON CORPORATION) HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\...\Run: [sUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6819232 2015-10-23] (SUPERAntiSpyware) HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\...\MountPoints2: {4225b781-c823-11e4-b7b2-0024818fd89b} - G:\HPLauncher.exe HKU\S-1-5-18\...\RunOnce: [sPReview] => C:\Windows\System32\SPReview\SPReview.exe [280576 2014-04-22] (Microsoft Corporation) ShellIconOverlayIdentifiers: [ GoogleDriveBlacklisted] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D42} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSynced] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D40} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google) ShellIconOverlayIdentifiers: [ GoogleDriveSyncing] -> {81539FE6-33C7-4CE7-90C7-1C7B8F2F2D41} => C:\Program Files\Google\Drive\googledrivesync32.dll [2015-11-04] (Google) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\EventGhost.lnk [2015-03-13] ShortcutTarget: EventGhost.lnk -> C:\Program Files\EventGhost\EventGhost.exe (EventGhost Project) Startup: C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk [2014-10-29] ShortcutTarget: MagicDisc.lnk -> C:\Program Files\MagicDisc\MagicDisc.exe (MagicISO, Inc.) GroupPolicy: Restriction - Chrome <======= ATTENTION ==================== Internet (Whitelisted) ==================== (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.) Winsock: Catalog5 07 C:\Program Files\Bonjour\mdnsNSP.dll [121704 2011-08-30] (Apple Inc.) Tcpip\Parameters: [DhcpNameServer] 192.168.1.1 Tcpip\..\Interfaces\{989F70D2-DED8-43A2-8774-471050C14E37}: [DhcpNameServer] 192.168.1.1 Internet Explorer: ================== HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\Software\Microsoft\Internet Explorer\Main,Start Page = about:blank SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = BHO: Trend Micro Password Manager BHO -> {3F019D1C-7EAA-4F25-A765-FBA635BD0AFF} -> C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro Inc.) BHO: Trend Micro Security Toolbar Helper -> {43C6D902-A1C5-45c9-91F6-FD9E90337E18} -> C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.) BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL [2010-03-25] (Microsoft Corporation) BHO: TmIEPlugInBHO Class -> {959A5673-7971-48e6-AF54-58F745AC4ABC} -> C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1255\2.0.1039\TmopIEPlg.dll [2014-06-30] (Trend Micro Inc.) BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL [2010-02-28] (Microsoft Corporation) BHO: Trend Micro IE Protection -> {BBACBAFD-FA5E-4079-8B33-00EB9F13D4AC} -> C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-16] (Trend Micro Inc.) Toolbar: HKLM - Trend Micro Password Manager ToolBar - {9B4B91FC-EC4D-4018-9575-96FA5A3C03C5} - C:\Program Files\Trend Micro\TMIDS\PwmIEBHO32.dll [2015-06-29] (Trend Micro Inc.) Toolbar: HKLM - Trend Micro Security Toolbar - {CCAC5586-44D7-4c43-B64A-F042461A97D2} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.) DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} hxxp://fpdownload2.macromedia.com/get/shockwave/cabs/flash/swflash.cab Handler: tmbp - {1A77E7DC-C9A0-4110-8A37-2F36BAE71ECF} - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\TmBpIe32.dll [2015-08-16] (Trend Micro Inc.) Handler: tmop - {69FD7CE3-4604-4fe6-967C-49B9735CEE70} - C:\Program Files\Trend Micro\AMSP\module\20013\3.5.1255\2.0.1039\TmopIEPlg.dll [2014-06-30] (Trend Micro Inc.) Handler: tmtb - {04EAF3FB-4BAC-4B5A-A37D-A1CF210A5A42} - C:\Program Files\Trend Micro\Titanium\UIFramework\ToolbarIE.dll [2014-07-20] (Trend Micro Inc.) Handler: tmtbim - {0B37915C-8B98-4B9E-80D4-464D2C830D10} - C:\Program Files\Trend Micro\Titanium\UIFramework\ProToolbarIMRatingActiveX.dll [2014-07-20] (Trend Micro Inc.) FireFox: ======== FF ProfilePath: C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\xt2fsygy.default FF Homepage: hxxps://my.yahoo.com/ FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF32_19_0_0_245.dll [2015-11-11] () FF Plugin: @microsoft.com/GENUINE -> disabled [No File] FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL [2010-01-09] (Microsoft Corporation) FF Plugin: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~1\MICROS~2\Office14\NPSPWRAP.DLL [2010-03-24] (Microsoft Corporation) FF Plugin: @tools.google.com/Google Update;version=3 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: @tools.google.com/Google Update;version=9 -> C:\Program Files\Google\Update\1.3.28.15\npGoogleUpdate3.dll [2015-09-17] (Google Inc.) FF Plugin: Adobe Reader -> C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll [2015-09-26] (Adobe Systems Inc.) FF Extension: YesScript - C:\Users\user\AppData\Roaming\Mozilla\Firefox\Profiles\xt2fsygy.default\extensions\yesscript@userstyles.org.xpi [2015-10-26] FF HKLM\...\Firefox\Extensions: [tmbepff@trendmicro.com] - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension FF Extension: Trend Micro BEP Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20002\9.1.1035\9.1.1035\firefoxextension [2015-11-11] FF HKLM\...\Firefox\Extensions: [{22181a4d-af90-4ca3-a569-faed9118d6bc}] - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension FF Extension: Trend Micro Toolbar - C:\Program Files\Trend Micro\Titanium\UIFramework\Toolbar\firefoxextension [2015-11-11] FF HKLM\...\Firefox\Extensions: [{8197dd50-b252-4b08-a1be-1277f22357bb}] - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt FF Extension: Trend Micro Password Manager Firefox Extension - C:\Program Files\Trend Micro\TMIDS\PwmFirefoxExt [2015-08-13] [not signed] FF HKLM\...\Firefox\Extensions: [{BBB77B49-9FF4-4d5c-8FE2-92B1D6CD696C}] - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension FF Extension: Trend Micro Osprey Firefox Extension - C:\Program Files\Trend Micro\AMSP\module\20013\FxExt\firefoxextension [2015-11-11] Chrome: ======= CHR HomePage: Default -> hxxp://www.google.com/ CHR StartupUrls: Default -> "hxxp://www.google.com/" CHR Profile: C:\Users\user\AppData\Local\Google\Chrome\User Data\Default CHR Extension: (Google Docs) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\aohghmighlieiainnegkcijnfilokake [2015-05-12] CHR Extension: (Google Drive) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf [2015-05-12] CHR Extension: (YouTube) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo [2015-05-12] CHR Extension: (Google Search) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf [2015-05-12] CHR Extension: (Chrome Hotword Shared Module) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\lccekmodgklaepjeofjdjpbminllajkg [2015-05-12] CHR Extension: (Google Wallet) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda [2015-05-12] CHR Extension: (Trend Micro Toolbar) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\ohhcpmplhhiiaoiddkfboafbhiknefdf [2015-07-09] CHR Extension: (Gmail) - C:\Users\user\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia [2015-05-12] CHR HKLM\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - <no Path\update_url> CHR HKLM\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path\update_url> CHR HKLM\...\Chrome\Extension: [ohhcpmplhhiiaoiddkfboafbhiknefdf] - hxxps://clients2.google.com/service/update2/crx CHR HKLM\...\Chrome\Extension: [olmajmomenlhgihenlbjcfbopoghpckg] - hxxps://clients2.google.com/service/update2/crx ==================== Services (Whitelisted) ======================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE.EXE [142648 2014-07-22] (SUPERAntiSpyware.com) R2 AllShare Framework DMS; C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkManagerDMS.exe [401800 2013-12-21] (Samsung) [File not signed] R2 EpsonBidirectionalService; C:\Program Files\Common Files\EPSON\EBAPI\eEBSVC.exe [94208 2006-12-19] (SEIKO EPSON CORPORATION) [File not signed] R2 MBAMScheduler; C:\Program Files\Malwarebytes Anti-Malware\mbamscheduler.exe [1513784 2015-10-05] (Malwarebytes) R2 MBAMService; C:\Program Files\Malwarebytes Anti-Malware\mbamservice.exe [1135416 2015-10-05] (Malwarebytes) R2 Platinum Host Service; C:\Program Files\Trend Micro\Titanium\plugin\Pt\PtSvcHost.exe [963584 2015-05-04] (Trend Micro Inc.) R2 PwmSvc; C:\Program Files\Trend Micro\TMIDS\PwmSvc.exe [273544 2015-06-29] (Trend Micro Inc.) R2 Samsung Link Service; C:\Program Files\Samsung\Samsung Link\Samsung Link.exe [581984 2015-03-18] (Copyright 2013 SAMSUNG) R2 ss_conn_service; C:\Program Files\Samsung\USB Drivers\25_escape\conn\ss_conn_service.exe [743688 2014-10-13] (DEVGURU Co., LTD.) R2 TeamViewer; C:\Program Files\TeamViewer\TeamViewer_Service.exe [5495056 2015-06-18] (TeamViewer GmbH) S3 WatAdminSvc; C:\Windows\system32\Wat\WatAdminSvc.exe [1343400 2014-04-21] () [File not signed] R2 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [680960 2013-05-26] (Microsoft Corporation) R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] ===================== Drivers (Whitelisted) ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) R3 e1kexpress; C:\Windows\System32\DRIVERS\e1k6032.sys [164864 2009-07-13] (Intel Corporation) S3 kbfilter; C:\Windows\System32\DRIVERS\kbfilter.sys [61728 2015-01-29] (Trend Micro Inc.) R3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [23256 2015-10-05] (Malwarebytes) R3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [170200 2015-11-30] (Malwarebytes) R3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [51928 2015-10-05] (Malwarebytes Corporation) R3 mcdbus; C:\Windows\System32\DRIVERS\mcdbus.sys [116736 2009-02-24] (MagicISO, Inc.) [File not signed] R3 netr28u; C:\Windows\System32\DRIVERS\netr28u.sys [657408 2009-07-13] (Ralink Technology Corp.) R2 NPF; C:\Windows\System32\drivers\npf.sys [35088 2010-06-25] (CACE Technologies, Inc.) S3 NUMARK_NC06; C:\Windows\System32\Drivers\nc06_usb.sys [398912 2009-10-30] (Ploytec GmbH) S3 NUMARK_NC06_MIDI; C:\Windows\System32\drivers\nc06midi.sys [26688 2009-10-30] (Numark) S3 NUMARK_NC06_WDM; C:\Windows\System32\drivers\nc06_wdm.sys [39488 2009-10-30] (Numark) R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV.SYS [12880 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com) R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL.SYS [67664 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com) S3 ssudserd; C:\Windows\System32\DRIVERS\ssudserd.sys [184192 2014-01-22] (DEVGURU Co., LTD.(www.devguru.co.kr)) S3 tbhsd; C:\Windows\System32\drivers\tbhsd.sys [40104 2015-07-09] (RapidSolution Software AG) R1 tmactmon; C:\Windows\System32\DRIVERS\tmactmon.sys [108032 2015-07-20] (Trend Micro Inc.) R0 tmcomm; C:\Windows\System32\DRIVERS\tmcomm.sys [303744 2015-07-20] (Trend Micro Inc.) R0 TMEBC; C:\Windows\System32\DRIVERS\TMEBC32.sys [40736 2013-07-01] (Trend Micro Inc.) R3 tmeevw; C:\Windows\System32\DRIVERS\tmeevw.sys [90936 2014-05-29] (Trend Micro Inc.) R1 tmevtmgr; C:\Windows\System32\DRIVERS\tmevtmgr.sys [88992 2015-07-20] (Trend Micro Inc.) R3 tmnciesc; C:\Windows\System32\DRIVERS\tmnciesc.sys [306232 2014-04-07] (Trend Micro Inc.) R2 tmusa; C:\Windows\System32\DRIVERS\tmusa.sys [86840 2014-06-30] (Trend Micro Inc.) U2 TMAgent; no ImagePath ==================== NetSvcs (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) ==================== One Month Created files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-30 15:29 - 2015-11-30 15:34 - 00000000 ____D C:\FRST 2015-11-25 13:33 - 2015-11-25 13:33 - 00000000 ____D C:\Windows\ERUNT 2015-11-25 13:24 - 2015-11-30 15:13 - 00000000 ____D C:\AdwCleaner 2015-11-25 13:16 - 2015-11-30 13:16 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 68c3271c-d1e1-4225-b5a1-a4db9aa8becf.job 2015-11-25 13:16 - 2015-11-29 02:00 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f1b2b47b-d78a-4146-929c-492191188413.job 2015-11-25 13:15 - 2015-11-25 13:15 - 00001965 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk 2015-11-25 13:15 - 2015-11-25 13:15 - 00000000 ____D C:\Users\user\AppData\Roaming\SUPERAntiSpyware.com 2015-11-25 13:15 - 2015-11-25 13:15 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com 2015-11-25 13:15 - 2015-11-25 13:15 - 00000000 ____D C:\Program Files\SUPERAntiSpyware 2015-11-25 13:14 - 2015-11-25 13:14 - 24040912 _____ (SUPERAntiSpyware) C:\Users\user\Downloads\SUPERAntiSpyware.exe 2015-11-25 06:26 - 2015-11-25 06:26 - 00151776 _____ C:\Users\user\Desktop\Post-Secondary Options Night 2015[3][2].pdf 2015-11-19 08:41 - 2015-11-19 08:42 - 00439356 _____ C:\Users\user\Desktop\Top-8-Tools-Resources-Guide.pdf 2015-11-17 16:01 - 2015-11-17 16:03 - 00000000 ____D C:\Users\user\Desktop\Charles 2015-11-12 15:29 - 2015-11-12 15:29 - 00000114 _____ C:\Users\user\Desktop\Types.url 2015-11-12 15:29 - 2015-11-12 15:29 - 00000114 _____ C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Types.url 2015-11-12 15:29 - 2015-11-12 15:29 - 00000000 ____D C:\Program Files\Types 2015-11-12 15:28 - 2015-11-12 15:28 - 00204800 _____ (E. Strunnikov) C:\Users\user\Downloads\Types.Setup.exe 2015-11-12 11:41 - 2015-11-12 11:41 - 00000587 _____ C:\Users\Public\Desktop\OtsAV DJ Demonstration.lnk 2015-11-12 11:41 - 2015-11-12 11:41 - 00000575 _____ C:\Users\Public\Desktop\OtsAV DJ Trial.lnk 2015-11-12 11:41 - 2015-11-12 11:41 - 00000568 _____ C:\Users\Public\Desktop\Ots Studio.lnk 2015-11-12 11:41 - 2015-11-12 11:41 - 00000556 _____ C:\Users\Public\Desktop\Ots Playlist Templates.lnk 2015-11-12 11:41 - 2015-11-12 11:41 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Ots Labs 2015-11-12 11:41 - 2015-11-12 11:41 - 00000000 ____D C:\OtsLabs 2015-11-12 11:40 - 2015-11-12 11:40 - 29788384 _____ (Ots Corporation) C:\Users\user\Downloads\OtsAVDJTrialSetup.exe 2015-11-12 06:54 - 2015-11-12 06:54 - 00000941 _____ C:\Users\user\Desktop\Braina.lnk 2015-11-12 06:54 - 2015-11-12 06:54 - 00000000 ____D C:\Users\user\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Braina 2015-11-12 06:54 - 2015-11-12 06:54 - 00000000 ____D C:\Users\user\AppData\Roaming\Brainasoft 2015-11-12 06:54 - 2015-11-12 06:54 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Braina 2015-11-12 06:54 - 2015-11-12 06:54 - 00000000 ____D C:\Program Files\Braina 2015-11-12 06:53 - 2015-11-12 06:53 - 28023296 _____ C:\Users\user\Desktop\Braina_1.3_Setup.exe 2015-11-12 06:16 - 2015-11-03 12:46 - 02386944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys 2015-11-11 13:59 - 2015-11-11 13:59 - 05286088 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerInstaller.exe 2015-11-11 07:37 - 2015-10-19 19:52 - 03991488 _____ (Microsoft Corporation) C:\Windows\system32\ntkrnlpa.exe 2015-11-11 07:37 - 2015-10-19 19:52 - 03935680 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe 2015-11-11 07:37 - 2015-10-19 19:52 - 00138176 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys 2015-11-11 07:37 - 2015-10-19 19:52 - 00067520 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys 2015-11-11 07:37 - 2015-10-19 19:48 - 01308160 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 01061376 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00655360 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00552960 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00400896 _____ (Microsoft Corporation) C:\Windows\system32\srcore.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00262656 _____ (Microsoft Corporation) C:\Windows\system32\rstrui.exe 2015-11-11 07:37 - 2015-10-19 19:45 - 00259584 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00251392 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00223232 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00172032 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00100352 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00069632 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe 2015-11-11 07:37 - 2015-10-19 19:45 - 00065536 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00043008 _____ (Microsoft Corporation) C:\Windows\system32\srclient.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00038912 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00036864 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00017408 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll 2015-11-11 07:37 - 2015-10-19 19:45 - 00015872 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll 2015-11-11 07:37 - 2015-10-19 19:44 - 00050176 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe 2015-11-11 07:37 - 2015-10-19 19:44 - 00022528 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe 2015-11-11 07:37 - 2015-10-19 19:39 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll 2015-11-11 07:37 - 2015-10-19 19:39 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll 2015-11-11 07:37 - 2015-10-19 19:35 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll 2015-11-11 07:37 - 2015-10-19 19:35 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll 2015-11-11 07:37 - 2015-10-19 18:29 - 00225792 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys 2015-11-11 07:37 - 2015-10-19 18:28 - 00124416 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys 2015-11-11 07:37 - 2015-10-19 18:28 - 00098304 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys 2015-11-11 07:37 - 2015-10-13 11:31 - 00338944 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\afd.sys 2015-11-11 07:37 - 2015-10-13 11:31 - 00074752 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\tdx.sys 2015-11-11 07:37 - 2015-10-12 23:50 - 00712640 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ndis.sys 2015-11-11 07:36 - 2015-11-03 16:51 - 00342728 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll 2015-11-11 07:36 - 2015-10-30 17:58 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb 2015-11-11 07:36 - 2015-10-30 17:58 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll 2015-11-11 07:36 - 2015-10-30 17:52 - 20331520 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll 2015-11-11 07:36 - 2015-10-30 17:47 - 00504832 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll 2015-11-11 07:36 - 2015-10-30 17:46 - 00062464 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll 2015-11-11 07:36 - 2015-10-30 17:45 - 00341504 _____ (Microsoft Corporation) C:\Windows\system32\html.iec 2015-11-11 07:36 - 2015-10-30 17:45 - 00047616 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll 2015-11-11 07:36 - 2015-10-30 17:44 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll 2015-11-11 07:36 - 2015-10-30 17:42 - 02279936 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll 2015-11-11 07:36 - 2015-10-30 17:39 - 00047104 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll 2015-11-11 07:36 - 2015-10-30 17:39 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll 2015-11-11 07:36 - 2015-10-30 17:37 - 00480256 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll 2015-11-11 07:36 - 2015-10-30 17:36 - 00663552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll 2015-11-11 07:36 - 2015-10-30 17:36 - 00620032 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll 2015-11-11 07:36 - 2015-10-30 17:36 - 00115712 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe 2015-11-11 07:36 - 2015-10-30 17:36 - 00102912 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe 2015-11-11 07:36 - 2015-10-30 17:31 - 00667648 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe 2015-11-11 07:36 - 2015-10-30 17:28 - 00416256 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll 2015-11-11 07:36 - 2015-10-30 17:23 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll 2015-11-11 07:36 - 2015-10-30 17:21 - 00168960 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll 2015-11-11 07:36 - 2015-10-30 17:19 - 00076288 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll 2015-11-11 07:36 - 2015-10-30 17:18 - 00279040 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll 2015-11-11 07:36 - 2015-10-30 17:17 - 00130048 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll 2015-11-11 07:36 - 2015-10-30 17:16 - 04527616 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll 2015-11-11 07:36 - 2015-10-30 17:11 - 00230400 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll 2015-11-11 07:36 - 2015-10-30 17:10 - 00689152 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll 2015-11-11 07:36 - 2015-10-30 17:09 - 12854272 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll 2015-11-11 07:36 - 2015-10-30 17:09 - 02052608 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl 2015-11-11 07:36 - 2015-10-30 17:09 - 01155072 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll 2015-11-11 07:36 - 2015-10-30 17:09 - 00686080 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe 2015-11-11 07:36 - 2015-10-30 16:51 - 02011136 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll 2015-11-11 07:36 - 2015-10-30 16:48 - 01311744 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll 2015-11-11 07:36 - 2015-10-30 16:46 - 00710144 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 02955776 _____ (Microsoft Corporation) C:\Windows\system32\wucltux.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 02061824 _____ (Microsoft Corporation) C:\Windows\system32\wuaueng.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 00566784 _____ (Microsoft Corporation) C:\Windows\system32\wuapi.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 00174080 _____ (Microsoft Corporation) C:\Windows\system32\wuwebv.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 00093696 _____ (Microsoft Corporation) C:\Windows\system32\wudriver.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 00035840 _____ (Microsoft Corporation) C:\Windows\system32\wups2.dll 2015-11-11 07:36 - 2015-10-20 12:46 - 00030208 _____ (Microsoft Corporation) C:\Windows\system32\wups.dll 2015-11-11 07:36 - 2015-10-20 12:45 - 00136192 _____ (Microsoft Corporation) C:\Windows\system32\wuauclt.exe 2015-11-11 07:36 - 2015-10-20 12:45 - 00073728 _____ (Microsoft Corporation) C:\Windows\system32\WinSetupUI.dll 2015-11-11 07:36 - 2015-10-20 12:45 - 00035328 _____ (Microsoft Corporation) C:\Windows\system32\wuapp.exe 2015-11-11 07:36 - 2015-10-20 12:45 - 00011776 _____ (Microsoft Corporation) C:\Windows\system32\wu.upgrade.ps.dll 2015-11-11 07:36 - 2015-09-23 08:09 - 00371920 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\cng.sys 2015-11-11 07:36 - 2015-09-23 08:09 - 00251000 _____ (Microsoft Corporation) C:\Windows\system32\bcryptprimitives.dll 2015-11-11 07:35 - 2015-10-01 12:50 - 00216064 _____ (Microsoft Corporation) C:\Windows\system32\InkEd.dll 2015-11-11 07:35 - 2015-10-01 12:50 - 00019968 _____ (Microsoft Corporation) C:\Windows\system32\jnwmon.dll 2015-11-06 19:04 - 2015-11-08 07:57 - 00000000 ____D C:\Program Files\Mozilla Firefox ==================== One Month Modified files and folders ======== (If an entry is included in the fixlist, the file/folder will be moved.) 2015-11-30 15:31 - 2015-09-15 17:27 - 00170200 _____ (Malwarebytes) C:\Windows\system32\Drivers\MBAMSwissArmy.sys 2015-11-30 15:29 - 2009-07-13 21:37 - 00000000 ____D C:\Windows 2015-11-30 15:24 - 2014-04-21 14:22 - 00730320 _____ C:\Windows\system32\PerfStringBackup.INI 2015-11-30 15:24 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\inf 2015-11-30 15:17 - 2014-08-19 13:16 - 00000882 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job 2015-11-30 15:17 - 2009-07-13 23:53 - 00000006 ____H C:\Windows\Tasks\SA.DAT 2015-11-30 14:59 - 2014-04-21 14:48 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job 2015-11-30 14:54 - 2014-08-19 13:16 - 00000886 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job 2015-11-30 13:28 - 2009-07-13 23:34 - 00010128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0 2015-11-30 13:28 - 2009-07-13 23:34 - 00010128 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0 2015-11-30 12:21 - 2014-07-07 12:43 - 00000000 ____D C:\Users\user\Desktop\JOBS 2015-11-30 08:41 - 2015-01-27 14:08 - 00000000 ____D C:\Test 2015-11-28 11:56 - 2014-10-13 12:10 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Google Drive 2015-11-27 18:09 - 2014-05-09 11:51 - 00000000 ____D C:\Program Files\MP3Gain 2015-11-27 11:41 - 2014-10-14 07:02 - 00000000 ____D C:\Users\user\AppData\Roaming\MediaMonkey 2015-11-27 09:48 - 2014-06-25 11:55 - 00000000 ____D C:\goldwave 2015-11-26 06:39 - 2014-04-22 05:57 - 00000000 ____D C:\Program Files\CDBurnerXP 2015-11-25 14:24 - 2014-04-22 05:57 - 00001891 _____ C:\Users\Public\Desktop\CDBurnerXP.lnk 2015-11-25 14:24 - 2014-04-22 05:57 - 00001849 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CDBurnerXP.lnk 2015-11-25 13:15 - 2014-08-08 11:51 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware 2015-11-25 09:48 - 2015-09-15 17:27 - 00001064 _____ C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk 2015-11-25 09:48 - 2015-09-15 17:27 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware 2015-11-25 09:48 - 2015-09-15 17:27 - 00000000 ____D C:\Program Files\Malwarebytes Anti-Malware 2015-11-25 07:46 - 2015-01-19 10:09 - 00000000 ____D C:\Users\user\Desktop\Ameer 2015-11-23 15:10 - 2014-12-15 19:53 - 00000000 ____D C:\Screenshots 2015-11-20 09:45 - 2015-04-22 05:44 - 00000000 ____D C:\Users\user\Desktop\Bible 2015-11-20 05:52 - 2014-12-15 19:51 - 00000000 ____D C:\Users\user\AppData\Local\Greenshot 2015-11-18 11:27 - 2014-09-15 14:37 - 00000000 ____D C:\Users\user\Desktop\Test 2015-11-18 11:23 - 2014-07-22 15:52 - 00000000 ____D C:\Users\user\Desktop\Speakers 2015-11-17 11:54 - 2014-12-14 09:06 - 00000000 ____D C:\Users\user\Desktop\cl ads 2015-11-17 11:54 - 2014-08-28 06:10 - 00000000 ____D C:\Users\user\Desktop\New CL ADS 2015-11-13 07:10 - 2014-08-26 08:48 - 00000000 ____D C:\Users\user\AppData\Roaming\Skype 2015-11-13 05:52 - 2009-07-13 23:33 - 00427672 _____ C:\Windows\system32\FNTCACHE.DAT 2015-11-12 15:36 - 2015-10-22 08:19 - 00000000 ____D C:\Users\user\Desktop\Insurance 2015-11-12 15:35 - 2014-04-21 16:50 - 00000000 ____D C:\Users\user\Desktop\pics 2015-11-12 09:05 - 2009-07-13 21:37 - 00000000 ____D C:\Windows\rescache 2015-11-12 05:44 - 2009-07-14 02:49 - 00000000 ____D C:\Program Files\Windows Journal 2015-11-11 18:00 - 2014-08-19 13:17 - 00002129 _____ C:\Users\Public\Desktop\Google Chrome.lnk 2015-11-11 13:59 - 2014-04-21 14:48 - 00780488 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerApp.exe 2015-11-11 13:59 - 2014-04-21 14:48 - 00142536 _____ (Adobe Systems Incorporated) C:\Windows\system32\FlashPlayerCPLApp.cpl 2015-11-08 07:57 - 2014-04-21 14:27 - 00000000 ____D C:\Program Files\Mozilla Maintenance Service ==================== Files in the root of some directories ======= 2015-06-04 18:27 - 2015-06-04 18:27 - 0000127 _____ () C:\Users\user\AppData\Roaming\bibstats 2014-05-20 16:23 - 2014-05-20 16:23 - 0003584 _____ () C:\Users\user\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini 2014-05-06 16:38 - 2014-05-06 16:38 - 0000036 _____ () C:\Users\user\AppData\Local\housecall.guid.cache 2015-05-20 06:20 - 2015-09-25 06:41 - 0000010 _____ () C:\Users\user\AppData\Local\sponge.last.runtime.cache Some files in TEMP: ==================== C:\Users\user\AppData\Local\Temp\CertificatesDLL.dll C:\Users\user\AppData\Local\Temp\i4jdel0.exe C:\Users\user\AppData\Local\Temp\SamsungAPInstaller_1429531037792.exe C:\Users\user\AppData\Local\Temp\SamsungAPInstaller_1432029816872.exe C:\Users\user\AppData\Local\Temp\SkypeSetup.exe C:\Users\user\AppData\Local\Temp\tmp4433.exe ==================== Bamital & volsnap ================= (There is no automatic fix for files that do not pass verification.) C:\Windows\explorer.exe => File is digitally signed C:\Windows\system32\winlogon.exe => File is digitally signed C:\Windows\system32\wininit.exe => File is digitally signed C:\Windows\system32\svchost.exe => File is digitally signed C:\Windows\system32\services.exe => File is digitally signed C:\Windows\system32\User32.dll => MD5 is legit C:\Windows\system32\userinit.exe => File is digitally signed C:\Windows\system32\rpcss.dll => File is digitally signed C:\Windows\system32\dnsapi.dll => File is digitally signed C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed LastRegBack: 2015-11-20 07:40 ==================== End of FRST.txt ============================ Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 Additional scan result of Farbar Recovery Scan Tool (x86) Version:30-11-2015 Ran by user (2015-11-30 15:35:20) Running from F:\AV Softwares Microsoft Windows 7 Home Premium Service Pack 1 (X86) (2014-04-21 19:19:45) Boot Mode: Normal ========================================================== ==================== Accounts: ============================= Administrator (S-1-5-21-3001920249-2789374724-3985487498-500 - Administrator - Disabled) Guest (S-1-5-21-3001920249-2789374724-3985487498-501 - Limited - Disabled) user (S-1-5-21-3001920249-2789374724-3985487498-1000 - Administrator - Enabled) => C:\Users\user ==================== Security Center ======================== (If an entry is included in the fixlist, it will be removed.) AV: Trend Micro Maximum Security (Enabled - Up to date) {8242D66F-41BD-4049-C2E6-E578E73B62A0} AS: Trend Micro Maximum Security (Enabled - Up to date) {3923378B-6787-4FC7-F856-DE0A9CBC281D} AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} ==================== Installed Programs ====================== (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.) 95742 (HKLM\...\{d1e17d14-cabc-4f6f-9f46-c7ecf813645e}.sdb) (Version: - ) Adobe Flash Player 19 ActiveX (HKLM\...\Adobe Flash Player ActiveX) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Flash Player 19 NPAPI (HKLM\...\Adobe Flash Player NPAPI) (Version: 19.0.0.245 - Adobe Systems Incorporated) Adobe Reader XI (11.0.13) (HKLM\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.13 - Adobe Systems Incorporated) AlbumPlayer V6.0 beta 8 (HKLM\...\AlbumPlayer_is1) (Version: - Floresara) AllShare Framework DMS (HKLM\...\{1C2A409B-3D00-4EE7-B13C-3C70AB8704B0}) (Version: 1.3.23 - Samsung) Apple Application Support (HKLM\...\{46F044A5-CE8B-4196-984E-5BD6525E361D}) (Version: 2.3.6 - Apple Inc.) Apple Software Update (HKLM\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.) ASIO4ALL (HKLM\...\ASIO4ALL) (Version: 2.12 - Michael Tippach) Audacity 2.0.6 (HKLM\...\Audacity_is1) (Version: 2.0.6 - Audacity Team) Bonjour (HKLM\...\{79155F2B-9895-49D7-8612-D92580E0DE5B}) (Version: 3.0.0.10 - Apple Inc.) BPM Counter 1.6.0.0 (HKLM\...\BPM Counter_is1) (Version: 1.6.0.0 - AbyssMedia.com) Braina 1.32 (HKLM\...\Braina) (Version: 1.32 - Brainasoft) Briz MP3 Splitter (HKLM\...\Briz MP3 Splitter_is1) (Version: - ) CameraHelperMsi (Version: 13.51.815.0 - Logitech) Hidden CDBurnerXP (HKLM\...\{7E265513-8CDA-4631-B696-F40D983F3B07}_is1) (Version: 4.5.6.5844 - CDBurnerXP) ChrisPC YTD Downloader MP3 Converter 1.70 (HKLM\...\{6006089C-9ABC-4F18-ABCD-123456789801}_is1) (Version: - Chris P.C. srl) Cross DJ Free 3.2.2 (HKLM\...\MixVibes Cross DJ Free 3.2.2) (Version: 3.2.2 - MixVibes) Dell System Detect (HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\...\73f463568823ebbe) (Version: 6.3.0.6 - Dell) DJ Intro version 1.2.3 (HKLM\...\{36625871-9D4B-4046-A837-677974F51CAC}_is1) (Version: 1.2.3 - Serato Audio Research) Epson Event Manager (HKLM\...\{089EC7B5-6480-4478-ACF0-DEFD4047343C}) (Version: 2.40.0004 - SEIKO EPSON CORPORATION) Epson FAX Utility (HKLM\...\{0CBE6C93-CB2E-4378-91EE-12BE6D4E2E4A}) (Version: 1.10.00 - SEIKO EPSON CORPORATION) Epson PC-FAX Driver (HKLM\...\EPSON PC-FAX Driver 2) (Version: - ) EPSON Scan (HKLM\...\EPSON Scanner) (Version: - Seiko Epson Corporation) EPSON WorkForce 840 Series Printer Uninstall (HKLM\...\EPSON WorkForce 840 Series) (Version: - SEIKO EPSON Corporation) EpsonNet Print (HKLM\...\{3E31400D-274E-4647-916C-2CACC3741799}) (Version: 2.4j - SEIKO EPSON CORPORATION) EpsonNet Setup 3.3 (HKLM\...\{C9D8A041-2963-4B31-8FFC-1500F3DB9293}) (Version: 3.3b - SEIKO EPSON CORPORATION) erLT (Version: 1.20.138.34 - Logitech, Inc.) Hidden E-Touch Jukebox (HKLM\...\E-Touch Jukebox) (Version: - ) E-Touch Jukebox V9 (HKLM\...\E-Touch Jukebox V9) (Version: - ) EventGhost 0.4.1.r1700 (HKLM\...\EventGhost_is1) (Version: 0.4.1.r1700 - EventGhost Project) FFMPEG Addon (HKLM\...\{111124AF-1ED4-44EF-B674-111111985342}_is1) (Version: 1.00 - FFMPEG) GoldWave v5.70 (HKLM\...\GoldWave v5.70) (Version: 5.70 - GoldWave Inc.) Google Chrome (HKLM\...\Google Chrome) (Version: 46.0.2490.86 - Google Inc.) Google Drive (HKLM\...\{1C3D2F92-D25E-4D98-B810-3F3B0857BF26}) (Version: 1.26.0707.2863 - Google, Inc.) Google Update Helper (Version: 1.3.25.11 - Google Inc.) Hidden Google Update Helper (Version: 1.3.28.15 - Google Inc.) Hidden Greenshot 1.1.9.13 (HKLM\...\Greenshot_is1) (Version: 1.1.9.13 - Greenshot) HP Softpaq SP45813 (HKLM\...\SP45813) (Version: - ) ImgBurn (HKLM\...\ImgBurn) (Version: 2.4.4.0 - LIGHTNING UK!) Intel® Graphics Media Accelerator Driver (HKLM\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 8.15.10.2413 - Intel Corporation) Intel® Management Engine Interface (HKLM\...\HECI) (Version: - Intel Corporation) IrfanView (remove only) (HKLM\...\IrfanView) (Version: 4.37 - Irfan Skiljan) Logitech Webcam Software (HKLM\...\{D40EB009-0499-459c-A8AF-C9C110766215}) (Version: 2.51 - Logitech Inc.) Magic ISO Maker v5.5 (build 0281) (HKLM\...\Magic ISO Maker v5.5 (build 0281)) (Version: - ) MagicDisc 2.7.106 (HKLM\...\MagicDisc 2.7.106) (Version: - ) Malwarebytes Anti-Malware version 2.2.0.1024 (HKLM\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.0.1024 - Malwarebytes) MediaMonkey 4.1 (HKLM\...\MediaMonkey_is1) (Version: 4.1 - Ventis Media Inc.) Microsoft .NET Framework 4 Client Profile (HKLM\...\Microsoft .NET Framework 4 Client Profile) (Version: 4.0.30319 - Microsoft Corporation) Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUS) (Version: 14.0.4763.1000 - Microsoft Corporation) Microsoft Visual C++ 2005 Redistributable (HKLM\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation) Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation) MixDeck USB Audio driver (HKLM\...\USB_AUDIO_DEusb-audio.deNumarkNC06) (Version: - ) Mozilla Firefox 42.0 (x86 en-US) (HKLM\...\Mozilla Firefox 42.0 (x86 en-US)) (Version: 42.0 - Mozilla) Mozilla Maintenance Service (HKLM\...\MozillaMaintenanceService) (Version: 42.0.0.5780 - Mozilla) MP3 Splitter 5.5.1.a (HKLM\...\F87A61F2-76B1-4D8B-BBE5-C23086BF8E95_is1) (Version: - Accmeware Corporation) Mp3tag v2.65a (HKLM\...\Mp3tag) (Version: v2.65a - Florian Heidenreich) MPC-HC 1.7.8 (HKLM\...\{2624B969-7135-4EB1-B0F6-2D8C397B45F7}_is1) (Version: 1.7.8 - MPC-HC Team) MSXML 4.0 SP2 (KB954430) (HKLM\...\{86493ADD-824D-4B8E-BD72-8C5DCDC52A71}) (Version: 4.20.9870.0 - Microsoft Corporation) MSXML 4.0 SP2 (KB973688) (HKLM\...\{F662A8E6-F4DC-41A2-901E-8C11F044BDEC}) (Version: 4.20.9876.0 - Microsoft Corporation) OpenOffice 4.1.1 (HKLM\...\{9395F41D-0F80-432E-9A59-B8E477E7E163}) (Version: 4.11.9775 - Apache Software Foundation) OtsAV DJ Trial 1.90.044 (HKLM\...\OtsAV DJ Trial) (Version: - ) PowerLine Utility (HKLM\...\{A0384ECE-2017-4EA8-86C7-513ACB936BDF}) (Version: 1.1.830 - TP-LINK) QuickTime 7 (HKLM\...\{111EE7DF-FC45-40C7-98A7-753AC46B12FB}) (Version: 7.75.80.95 - Apple Inc.) Recuva (HKLM\...\Recuva) (Version: 1.52 - Piriform) Revo Uninstaller 1.95 (HKLM\...\Revo Uninstaller) (Version: 1.95 - VS Revo Group) Samsung Link 2.0.0.1503181422 (HKLM\...\8474-7877-9059-0204) (Version: 2.0.0.1503181422 - Copyright 2013 SAMSUNG) SAMSUNG USB Driver for Mobile Phones (HKLM\...\{D0795B21-0CDA-4a92-AB9E-6E92D8111E44}) (Version: 1.5.49.0 - SAMSUNG Electronics Co., Ltd.) Skype™ 7.4 (HKLM\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 7.4.102 - Skype Technologies S.A.) Speccy (HKLM\...\Speccy) (Version: 1.28 - Piriform) SQLite ODBC Driver (remove only) (HKLM\...\SQLite ODBC Driver) (Version: - ) Stamp ID3 Tag Editor (HKLM\...\Stamp) (Version: 2.39 - NCH Software) SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1208 - SUPERAntiSpyware.com) Tag&Rename 3.8.6 (HKLM\...\Tag&Rename_is1) (Version: 3.8.6 - Softpointer Inc) TeamViewer 10 (HKLM\...\TeamViewer) (Version: 10.0.43879 - TeamViewer) TeleTech WB ISA (HKLM\...\TeleTech ISA) (Version: 1.2.2.0 - TeleTech) Trend Micro DirectPass (Version: 1.9.0.1094 - Trend Micro Inc.) Hidden Trend Micro Maximum Security (HKLM\...\{ABBD4BA8-6703-40D2-AB1E-5BB1F7DB49A4}) (Version: 8.0 - Trend Micro Inc.) Trend Micro Password Manager (HKLM\...\{3075404F-5657-4f31-A064-FEF98661BDD4}) (Version: 1.9.1189 - Trend Micro Inc.) Trend Micro Titanium (Version: 8.0 - Trend Micro Inc.) Hidden Types (HKLM\...\Types) (Version: 2.1.6 - E. Strunnikov) VCRT for DirectPass x86 (Version: 1.0.0.1000 - Trend Micro, Inc.) Hidden VidCoder 1.5.31 (x86) (HKLM\...\VidCoder_is1) (Version: 1.5.31 - RandomEngy) VirtualDJ (HKLM\...\VirtualDJ) (Version: - ) WinPcap 4.1.2 (HKLM\...\WinPcapInst) (Version: 4.1.0.2001 - CACE Technologies) WinRAR 5.10 (32-bit) (HKLM\...\WinRAR archiver) (Version: 5.10.0 - win.rar GmbH) Yahoo! Software Update (HKLM\...\Yahoo! Software Update) (Version: - ) ==================== Custom CLSID (Whitelisted): ========================== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) CustomCLSID: HKU\S-1-5-21-3001920249-2789374724-3985487498-1000_Classes\CLSID\{FBC48F05-1A1E-4536-AB4B-75C7EEA56CD6}\InprocServer32 -> no filepath ==================== Restore Points ========================= 03-11-2015 05:56:22 Windows Update 10-11-2015 06:00:17 Windows Update 11-11-2015 21:37:26 Windows Update 12-11-2015 20:43:45 Windows Update 17-11-2015 13:45:28 Windows Update 24-11-2015 11:01:08 Windows Update ==================== Hosts content: =============================== (If needed Hosts: directive could be included in the fixlist to reset Hosts.) 2009-07-13 21:04 - 2014-10-22 16:53 - 00000035 ____A C:\Windows\system32\Drivers\etc\hosts ==================== Scheduled Tasks (Whitelisted) ============= (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) Task: {0567F193-1656-4B9D-8764-C30D9CAF6A80} - System32\Tasks\SUPERAntiSpyware Scheduled Task f1b2b47b-d78a-4146-929c-492191188413 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) Task: {3A76AEF8-22FE-46F0-80BB-C1D37E5E7931} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {74ACBA14-C5DF-4DA7-9BA9-0A879D844E7A} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2015-10-28] (Adobe Systems Incorporated) Task: {854B572C-F8D7-4D76-8753-CD9E1C8A90DA} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.) Task: {93AF4437-BB52-46F0-979A-AF35A95F3B4E} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files\Google\Update\GoogleUpdate.exe [2015-08-28] (Google Inc.) Task: {96EEC2D1-88A0-4324-8291-0F79E4AF8F60} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2014-04-21] () Task: {A2F352EE-0ABF-422D-8B97-4EDDE3E8E228} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2015-11-11] (Adobe Systems Incorporated) Task: {AA8E9F39-E8BB-40C8-A385-D9408552627A} - System32\Tasks\Trend Micro Inspect of Platinum => C:\Program Files\Trend Micro\Titanium\plugin\Pt\Inspect\Inspect.exe [2015-05-04] (Trend Micro Inc.) Task: {AD1E6730-DF90-4643-9968-A562A9BAC258} - System32\Tasks\SUPERAntiSpyware Scheduled Task 68c3271c-d1e1-4225-b5a1-a4db9aa8becf => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com) (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.) Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\system32\Macromed\Flash\FlashPlayerUpdateService.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files\Google\Update\GoogleUpdate.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 68c3271c-d1e1-4225-b5a1-a4db9aa8becf.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task f1b2b47b-d78a-4146-929c-492191188413.job => C:\Program Files\SUPERAntiSpyware\SASTask.exedC:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe ==================== Shortcuts ============================= (The entries could be listed to be restored or removed.) ==================== Loaded Modules (Whitelisted) ============== 2015-05-20 04:54 - 2013-01-15 20:50 - 00039424 _____ () C:\Program Files\Trend Micro\AMSP\boost_date_time-vc110-mt-1_49.dll 2015-05-20 04:54 - 2014-07-01 05:19 - 00542720 _____ () C:\Program Files\Trend Micro\AMSP\sqlite3.dll 2015-05-20 04:54 - 2013-01-15 20:55 - 00049152 _____ () C:\Program Files\Trend Micro\AMSP\boost_thread-vc110-mt-1_49.dll 2015-05-20 04:54 - 2012-12-18 15:04 - 01098240 _____ () C:\Program Files\Trend Micro\AMSP\libprotobuf.dll 2015-05-20 04:54 - 2013-01-15 20:50 - 00016896 _____ () C:\Program Files\Trend Micro\AMSP\boost_system-vc110-mt-1_49.dll 2015-05-18 08:30 - 2014-07-20 14:04 - 00181432 _____ () C:\Program Files\Trend Micro\UniClient\plugins\LUADLL.dll 2010-01-30 01:41 - 2010-01-30 01:41 - 04254560 _____ () C:\Program Files\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF 2010-03-24 20:17 - 2010-03-24 20:17 - 08794464 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll 2014-04-22 12:34 - 2015-03-18 13:22 - 00022016 _____ () C:\Program Files\Samsung\Samsung Link\JniSys.dll 2014-04-22 12:34 - 2015-03-18 13:22 - 00041472 _____ () C:\Program Files\Samsung\Samsung Link\JniIO.dll 2013-12-21 10:15 - 2013-12-21 10:15 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\JNIInterface.dll 2013-12-21 10:15 - 2013-12-21 10:15 - 00119296 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ASFAPI.dll 2013-12-21 10:17 - 2013-12-21 10:17 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB_Manager.dll 2013-10-01 08:46 - 2013-10-01 08:46 - 00025600 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MediaDB.dll 2013-10-22 08:48 - 2013-10-22 08:48 - 00707072 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ContentDirectoryPresenter.dll 2013-12-21 10:17 - 2013-12-21 10:17 - 00589824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMS_Manager.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Windows\system32\boost_date_time-vc90-mt-1_47.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Windows\system32\boost_system-vc90-mt-1_47.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Windows\system32\boost_thread-vc90-mt-1_47.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Windows\system32\boost_serialization-vc90-mt-1_47.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 02144104 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtCore4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 07955304 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtGui4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00341352 _____ () C:\Program Files\Logitech\LWS\Webcam Software\QtXml4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00028008 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QGif4.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00127336 _____ () C:\Program Files\Logitech\LWS\Webcam Software\imageformats\QJpeg4.dll 2015-06-08 04:48 - 2015-05-04 01:23 - 00072192 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_thread-vc110-mt-1_52.dll 2015-06-08 04:48 - 2015-05-04 01:23 - 00016896 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_system-vc110-mt-1_52.dll 2015-06-08 04:48 - 2015-05-04 01:23 - 00040960 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_date_time-vc110-mt-1_52.dll 2015-06-08 04:48 - 2015-05-04 01:23 - 00631808 _____ () C:\Program Files\Trend Micro\Titanium\plugin\Pt\boost_regex-vc110-mt-1_52.dll 2014-04-22 12:34 - 2015-03-18 13:22 - 01893888 _____ () C:\Program Files\Samsung\Samsung Link\scone_proxy.dll 2014-04-22 12:34 - 2015-03-18 13:22 - 01840128 _____ () C:\Program Files\Samsung\Samsung Link\scone_stub.dll 2014-07-31 13:07 - 2014-07-31 13:07 - 00640512 _____ () C:\Windows\Temp\sqlite-3.7.151-x86-sqlitejdbc.dll 2015-05-18 08:30 - 2014-07-20 14:04 - 00055784 _____ () C:\Program Files\Trend Micro\Titanium\plugin\fcMsgDispatcher.dll 2012-09-12 23:38 - 2012-09-12 23:38 - 00264040 _____ () C:\Program Files\Logitech\LWS\Webcam Software\CameraHelperShell.exe 2012-09-12 23:39 - 2012-09-12 23:39 - 00336232 _____ () C:\Program Files\Common Files\logishrd\LWSPlugins\LWS\Applets\CameraHelper\DevManagerCore.dll 2009-07-13 16:03 - 2009-07-13 20:15 - 00364544 _____ () C:\Windows\system32\msjetoledb40.dll 2015-09-23 06:48 - 2015-09-23 06:48 - 00179712 _____ () C:\Program Files\Braina\pocketsphinx.dll 2015-09-23 06:05 - 2015-09-23 06:05 - 00203776 _____ () C:\Program Files\Braina\sphinxbase.dll 2011-03-30 04:40 - 2011-03-30 04:40 - 03222016 _____ () C:\Program Files\Braina\QtWebKit4.dll 2014-01-21 07:29 - 2014-01-21 07:29 - 00698880 _____ () C:\Program Files\Braina\tag.dll 2014-01-21 07:07 - 2014-01-21 07:07 - 00066560 _____ () C:\Program Files\Braina\zlib.dll 2015-03-13 14:45 - 2010-03-20 14:32 - 00027648 _____ () C:\Program Files\EventGhost\lib26\_multiprocessing.pyd 2015-03-13 14:45 - 2012-02-07 16:09 - 00110080 _____ () C:\Program Files\EventGhost\lib26\pywintypes26.dll 2015-03-13 14:45 - 2012-02-07 16:13 - 00358912 _____ () C:\Program Files\EventGhost\lib26\pythoncom26.dll 2015-03-13 14:45 - 2012-02-07 16:11 - 00098816 _____ () C:\Program Files\EventGhost\lib26\win32api.pyd 2015-03-13 14:45 - 2010-03-20 14:30 - 00093184 _____ () C:\Program Files\EventGhost\lib26\_ctypes.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00980480 _____ () C:\Program Files\EventGhost\lib26\wx._core_.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00745984 _____ () C:\Program Files\EventGhost\lib26\wx._gdi_.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00670208 _____ () C:\Program Files\EventGhost\lib26\wx._windows_.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00965632 _____ () C:\Program Files\EventGhost\lib26\wx._controls_.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00675328 _____ () C:\Program Files\EventGhost\lib26\wx._misc_.pyd 2015-03-13 14:45 - 2010-03-20 14:28 - 00584192 _____ () C:\Program Files\EventGhost\lib26\unicodedata.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00324096 _____ () C:\Program Files\EventGhost\lib26\_imaging.pyd 2015-03-13 14:45 - 2010-03-20 14:32 - 00010240 _____ () C:\Program Files\EventGhost\lib26\select.pyd 2015-03-13 14:45 - 2010-03-20 14:27 - 00043008 _____ () C:\Program Files\EventGhost\lib26\_socket.pyd 2015-03-13 14:45 - 2010-03-20 14:29 - 00805888 _____ () C:\Program Files\EventGhost\lib26\_ssl.pyd 2015-03-13 14:45 - 2013-08-09 10:03 - 00068608 _____ () C:\Program Files\EventGhost\lib26\site-packages\cFunctions.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00324096 _____ () C:\Program Files\EventGhost\lib26\PIL._imaging.pyd 2015-03-13 14:45 - 2010-03-20 14:29 - 00125952 _____ () C:\Program Files\EventGhost\lib26\_elementtree.pyd 2015-03-13 14:45 - 2010-03-20 14:31 - 00127488 _____ () C:\Program Files\EventGhost\lib26\pyexpat.pyd 2015-03-13 14:45 - 2012-02-07 16:11 - 00167424 _____ () C:\Program Files\EventGhost\lib26\win32gui.pyd 2015-03-13 14:45 - 2012-02-07 16:10 - 00035840 _____ () C:\Program Files\EventGhost\lib26\win32process.pyd 2015-03-13 14:45 - 2010-03-20 14:31 - 00357376 _____ () C:\Program Files\EventGhost\lib26\_hashlib.pyd 2015-03-13 14:45 - 2012-02-07 16:11 - 00015872 _____ () C:\Program Files\EventGhost\lib26\win32trace.pyd 2015-03-13 14:45 - 2012-02-07 16:10 - 00111616 _____ () C:\Program Files\EventGhost\lib26\win32file.pyd 2015-03-13 14:45 - 2014-06-08 07:30 - 00082432 _____ () C:\Program Files\EventGhost\plugins\System\VistaVolEvents.pyd 2015-03-13 14:45 - 2015-03-04 16:54 - 00031232 _____ () C:\Program Files\EventGhost\lib26\Crypto.Cipher.AES.pyd 2013-12-11 15:46 - 2013-12-11 15:46 - 01114624 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DMSManager.dll 2013-10-24 15:53 - 2013-10-24 15:53 - 00107008 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMCDP.dll 2013-12-11 15:46 - 2013-12-11 15:46 - 00102400 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\FolderCDP.dll 2013-12-11 15:46 - 2013-12-11 15:46 - 00077312 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MetadataFramework.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00520234 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\sqlite3.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00450560 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\MoodExtractor.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 05717504 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\DCMImgExtractor.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00028672 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AutoChaptering.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00147456 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexpat.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoThumb.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 04671488 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avcodec-52.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00070656 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avutil-50.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00686080 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\avformat-52.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00152064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\swscale-0.dll 2013-10-25 18:49 - 2013-10-25 18:49 - 00028160 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AudioExtractor.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00064000 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ID3Driver.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00366592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\tag.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00289792 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libThumbnail.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00023040 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RichInfoDriver.dll 2013-12-11 15:45 - 2013-12-11 15:45 - 00017920 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoExtractor.dll 2013-10-25 18:53 - 2013-10-25 18:53 - 00117248 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ThumbnailMaker.dll 2013-10-25 18:53 - 2013-10-25 18:53 - 01033728 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageMagickWrapper.dll 2013-12-11 15:45 - 2013-12-11 15:45 - 00134144 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\VideoMetadataDriver.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00290816 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libKeyFrame.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\SECMetaDriver.dll 2013-10-25 18:53 - 2013-10-25 18:53 - 00012288 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\ImageExtractor.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00024064 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\photoDriver.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00399826 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\libexif-12.dll.dll 2013-10-25 18:48 - 2013-10-25 18:48 - 00013824 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\TextExtractor.dll 2013-10-24 15:53 - 2013-10-24 15:53 - 00032768 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\Autobackup.dll 2013-04-19 15:38 - 2013-04-19 15:38 - 00055808 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\RosettaAllShare.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00227840 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_serialization-vc90-mt-1_47.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00038912 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_date_time-vc90-mt-1_47.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00012800 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_system-vc90-mt-1_47.dll 2013-07-23 18:18 - 2013-07-23 18:18 - 00046592 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\boost_thread-vc90-mt-1_47.dll 2013-02-14 18:42 - 2013-02-14 18:42 - 00044032 _____ () C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\us.dll ==================== Alternate Data Streams (Whitelisted) ========= (If an entry is included in the fixlist, only the ADS will be removed.) ==================== Safe Mode (Whitelisted) =================== (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" value will be restored.) ==================== EXE Association (Whitelisted) =============== (If an entry is included in the fixlist, the registry item will be restored to default or removed.) ==================== Internet Explorer trusted/restricted =============== (If an entry is included in the fixlist, it will be removed from the registry.) IE trusted site: HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\...\dell.com -> dell.com ==================== Other Areas ============================ (Currently there is no automatic fix for this section.) HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\user\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg DNS Servers: 192.168.1.1 HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 1) (EnableLUA: 1) Windows Firewall is disabled. ==================== MSCONFIG/TASK MANAGER disabled items == (Currently there is no automatic fix for this section.) ==================== FirewallRules (Whitelisted) =============== (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.) FirewallRules: [{AABD4DFF-C1B5-425B-A452-51A7EC571A29}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{5B916304-A470-4749-B244-96F4F55D8F78}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{8EDCCF3C-8143-4D3B-B981-AAE94A528374}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{71CAA0C2-3FA0-417A-AF3F-91676EB7C9CE}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{50704A75-5DDC-41C8-8FBF-A1B73505C8C2}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{A3A4192C-EC64-46F6-8D7D-5B46F62B8C9F}] => (Allow) C:\Program Files\Samsung\AllShare Framework DMS\1.3.23\AllShareFrameworkDMS.exe FirewallRules: [{07A91A10-1E51-4CF4-B9DA-F4B4C9A569EA}] => (Allow) LPort=8743 FirewallRules: [{0F6461EE-BA85-4080-BCF7-28B3BEAEC358}] => (Allow) LPort=8643 FirewallRules: [{0737F8E4-10BF-4B2B-A3C8-E7545FE9A852}] => (Allow) LPort=7676 FirewallRules: [{C26BFD84-5A25-4D48-AB49-07D9F9A4F059}] => (Allow) LPort=7679 FirewallRules: [{D5631584-494E-4B4C-9416-0F0907B78443}] => (Allow) LPort=24234 FirewallRules: [{6A0A39BD-1D7E-4716-B610-63CE26CE9921}] => (Allow) LPort=7900 FirewallRules: [{31462502-825E-4D71-AB02-1436AE6F38C0}] => (Allow) LPort=1900 FirewallRules: [TCP Query User{8C5C027E-E235-4C62-85E3-8D2D184359AB}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [uDP Query User{F8C6F293-C57B-498B-9015-7673B2F1FC40}C:\program files\internet explorer\iexplore.exe] => (Block) C:\program files\internet explorer\iexplore.exe FirewallRules: [{D58900A0-D6A2-4BFE-B7EE-12A184B7A2B2}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{9D3F0E73-E97D-4095-805C-364A6775D6CB}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{2002EAF4-2D78-49A2-A9EF-FEF4271C1B5D}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{D35F076B-8D32-4FB4-A4D2-DBC15FCCB2DF}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{D445D6AB-C8A0-4FC6-A477-129378851BA3}] => (Allow) C:\Program Files\Skype\Phone\Skype.exe FirewallRules: [{174AA37C-CCE3-4165-9E3B-F7E89964DFA1}] => (Allow) C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe FirewallRules: [TCP Query User{5492C147-4FFA-494A-9AC1-BEE6021096D0}C:\program files\mediamonkey\mediamonkey.exe] => (Allow) C:\program files\mediamonkey\mediamonkey.exe FirewallRules: [uDP Query User{05264AA1-8BDC-483C-B70E-80B88EE3CB09}C:\program files\mediamonkey\mediamonkey.exe] => (Allow) C:\program files\mediamonkey\mediamonkey.exe FirewallRules: [{35969657-AD42-40A9-93EF-72930B43B25C}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{FA5028F2-9904-4E8A-81EB-86CC6A4F488C}] => (Allow) C:\Program Files\Epson Software\Event Manager\EEventManager.exe FirewallRules: [{C984E19F-685B-44F2-A1AD-53D33A0D7A93}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe FirewallRules: [{24D87BE9-5BFE-4071-B582-F087EF8E0067}] => (Allow) C:\Program Files\EpsonNet\EpsonNet Setup\tool10\ENEasyApp.exe FirewallRules: [TCP Query User{F3A4FF84-69ED-4A6A-A5E5-3A13A6E863F5}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [uDP Query User{D14EB69C-6060-4D4B-8F96-DE5A18A39ED8}C:\program files\epson software\event manager\eeventmanager.exe] => (Allow) C:\program files\epson software\event manager\eeventmanager.exe FirewallRules: [{3C211A48-9AAE-4970-B96B-2F7B58022F37}] => (Allow) C:\Users\user\AppData\Local\Temp\nsz846D.tmp\CnetInstaller-10068658.exe FirewallRules: [{E5A9F9CE-180D-4BB7-AE6D-DD707B117FAF}] => (Allow) C:\Users\user\AppData\Local\Temp\nsz846D.tmp\CnetInstaller-10068658.exe FirewallRules: [{A797ACAA-B2DC-47D1-995B-50AEC5372C95}] => (Allow) C:\Users\user\AppData\Local\Temp\nsg7B2A.tmp\CnetInstaller-10068658.exe FirewallRules: [{0ADFF978-07D2-4BAE-A28F-FF14E5F88A4D}] => (Allow) C:\Users\user\AppData\Local\Temp\nsg7B2A.tmp\CnetInstaller-10068658.exe FirewallRules: [{5A9F31F3-69E0-460D-A7E5-DC29C60C4174}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{642F6922-F1D8-491E-B765-37F8AFC45672}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{4CB5F075-3C94-4588-972E-8A39911F914E}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{7768DFFB-516C-4EC0-8FEF-D2DD7B21954F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{85F0FF84-E354-4498-82CF-E8FE707B1B5D}] => (Allow) LPort=3689 FirewallRules: [{D89B57B9-9E87-4E2E-B8FB-2B61BE17823A}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{DDC5DC52-472E-4360-8324-86CD5F9B0A9F}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{10F5F564-228F-4A04-ADB4-E6F572591C8A}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{669DE6F8-C6AF-43A9-8678-316184DF8BE3}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{065FD040-0716-4C89-B1AA-FA4A336DB904}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{CA84A4FF-1616-4BE1-AAA5-593AE1D008C8}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer.exe FirewallRules: [{561BE0DF-C883-493F-A000-09ECCF5CE5C0}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [{E7114D5C-50C9-463C-991E-A86031E44C91}] => (Allow) C:\Program Files\TeamViewer\Version9\TeamViewer_Service.exe FirewallRules: [TCP Query User{149DF7A2-2FDA-46CD-9881-57232719AE45}C:\program files\mediamonkey\mediamonkey.exe] => (Allow) C:\program files\mediamonkey\mediamonkey.exe FirewallRules: [uDP Query User{035772D8-D1FD-4D69-B0A4-DC449709637B}C:\program files\mediamonkey\mediamonkey.exe] => (Allow) C:\program files\mediamonkey\mediamonkey.exe FirewallRules: [TCP Query User{F2AE6655-E18D-4205-94C2-310A4A1ABFE2}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [uDP Query User{DC10DCCB-8F3B-4933-A93D-9CC96D94FEA6}C:\program files\mozilla firefox\firefox.exe] => (Allow) C:\program files\mozilla firefox\firefox.exe FirewallRules: [{1BE871FA-ED3B-4917-9583-9A4B2481E8F5}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{32CB4758-DD75-4736-ACF5-6CBAF5B8279D}] => (Allow) C:\Program Files\Yahoo!\Messenger\YahooMessenger.exe FirewallRules: [{9EAA5CBF-82FF-4E6A-BA35-45E5BB4CF4E1}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{5C5DFDC0-9EE5-4D6F-A297-ECF7AB170D4C}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{D3950077-B118-4083-A2C3-06CA414FF785}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link.exe FirewallRules: [{7752CA44-9E68-4817-A33B-934142B17E3F}] => (Allow) C:\Program Files\Samsung\Samsung Link\Samsung Link Tray Agent.exe FirewallRules: [{09C937CC-6CBB-4189-84DF-91FDF7A61FAB}] => (Allow) LPort=3689 FirewallRules: [{672E68A2-2B37-44FC-BD41-94D18CB17436}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{20C0DA68-0A2B-428F-B284-C35FCBE58685}] => (Allow) C:\Program Files\Bonjour\mDNSResponder.exe FirewallRules: [{692F2D20-3AD1-4A41-A2A1-BFFB75F3508B}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{CD2B2F53-E527-4D1D-AC2D-A2EB6DA3A203}] => (Allow) C:\Program Files\TeamViewer\TeamViewer.exe FirewallRules: [{B7260A17-DFC1-42A2-9803-B35A960CB765}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{EB0C5A9D-17F0-45BF-BAC5-BB8ED77DD5A0}] => (Allow) C:\Program Files\TeamViewer\TeamViewer_Service.exe FirewallRules: [{35D8441D-242E-4599-B182-396682B9DB66}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{B45941F2-EC53-4022-80A5-14B04CA65799}] => (Allow) C:\Program Files\Mozilla Firefox\firefox.exe FirewallRules: [{936926F8-AB43-4CCF-8295-3ADC70549C56}] => (Allow) C:\Program Files\Google\Chrome\Application\chrome.exe FirewallRules: [{BB4C246C-D233-4CF9-8465-75C6C9AF5F8E}] => (Allow) C:\Program Files\Braina\Braina.exe FirewallRules: [{03F22547-AF7D-4AFA-AF66-B119325EDAF9}] => (Allow) C:\Program Files\Braina\Braina.exe FirewallRules: [{BCCCBC21-BB11-4044-B868-F29862C9F025}] => (Allow) C:\Program Files\Braina\Braina.exe FirewallRules: [{763C4BCD-75EF-41E0-B2DA-C504F001FDCF}] => (Allow) C:\Program Files\Braina\bhp.exe FirewallRules: [{12DF6AE9-80BC-4F97-94D0-EADCB93DA432}] => (Allow) C:\Program Files\Braina\bhp.exe FirewallRules: [{349FDBE6-BB08-4B5E-82C3-AFB91BC2B28E}] => (Allow) C:\Program Files\Braina\bhp.exe ==================== Faulty Device Manager Devices ============= Name: PS/2 Compatible Mouse Description: PS/2 Compatible Mouse Class Guid: {4d36e96f-e325-11ce-bfc1-08002be10318} Manufacturer: Microsoft Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. Name: Standard PS/2 Keyboard Description: Standard PS/2 Keyboard Class Guid: {4d36e96b-e325-11ce-bfc1-08002be10318} Manufacturer: (Standard keyboards) Service: i8042prt Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24) Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed. Devices stay in this state if they have been prepared for removal. After you remove the device, this error disappears.Remove the device, and this error should be resolved. ==================== Event log errors: ========================= Application errors: ================== Error: (11/30/2015 03:17:42 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/30/2015 03:09:33 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 42.0.0.5780, time stamp: 0x5632d0a4 Faulting module name: mozglue.dll, version: 42.0.0.5780, time stamp: 0x5632ba58 Exception code: 0x80000003 Fault offset: 0x0000ed50 Faulting process id: 0x1990 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (11/30/2015 01:49:03 PM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/30/2015 01:43:29 PM) (Source: Application Error) (EventID: 1000) (User: ) Description: Faulting application name: plugin-container.exe, version: 42.0.0.5780, time stamp: 0x5632d0a4 Faulting module name: mozglue.dll, version: 42.0.0.5780, time stamp: 0x5632ba58 Exception code: 0x80000003 Fault offset: 0x0000ed50 Faulting process id: 0x2348 Faulting application start time: 0xplugin-container.exe0 Faulting application path: plugin-container.exe1 Faulting module path: plugin-container.exe2 Report Id: plugin-container.exe3 Error: (11/30/2015 05:50:43 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. Error: (11/29/2015 00:36:52 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (11/29/2015 00:36:02 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (11/28/2015 08:16:04 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (11/28/2015 08:15:49 AM) (Source: SideBySide) (EventID: 33) (User: ) Description: Activation context generation failed for "Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8"1". Dependent Assembly Microsoft.VC90.CRT,processorArchitecture="amd64",publicKeyToken="1fc8b3b9a1e18e3b",type="win32",version="9.0.21022.8" could not be found. Please use sxstrace.exe for detailed diagnosis. Error: (11/28/2015 06:43:21 AM) (Source: Winlogon) (EventID: 4103) (User: ) Description: Windows license activation failed. Error 0x80070005. System errors: ============= Error: (11/30/2015 03:18:44 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/30/2015 02:50:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Platinum Host Service service terminated unexpectedly. It has done this 2 time(s). Error: (11/30/2015 02:24:19 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (11/30/2015 02:20:21 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Platinum Host Service service terminated unexpectedly. It has done this 1 time(s). Error: (11/30/2015 01:50:09 PM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY) Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC) Error: (11/30/2015 01:31:54 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Platinum Host Service service terminated unexpectedly. It has done this 15 time(s). Error: (11/30/2015 01:28:24 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 Error: (11/30/2015 01:01:09 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Platinum Host Service service terminated unexpectedly. It has done this 14 time(s). Error: (11/30/2015 00:30:27 PM) (Source: Service Control Manager) (EventID: 7034) (User: ) Description: The Platinum Host Service service terminated unexpectedly. It has done this 13 time(s). Error: (11/30/2015 00:28:32 PM) (Source: Service Control Manager) (EventID: 7023) (User: ) Description: The SPP Notification Service service terminated with the following error: %%5 ==================== Memory info =========================== Processor: Intel® Core2 Duo CPU E8400 @ 3.00GHz Percentage of memory in use: 73% Total physical RAM: 1977.25 MB Available physical RAM: 529.68 MB Total Virtual: 3954.49 MB Available Virtual: 2192.81 MB ==================== Drives ================================ Drive c: () (Fixed) (Total:465.76 GB) (Free:86.17 GB) NTFS ==>[drive with boot components (obtained from BCD)] Drive f: (2G-3) (Removable) (Total:1.91 GB) (Free:1.69 GB) FAT ==================== MBR & Partition Table ================== ======================================================== Disk: 0 (MBR Code: Windows 7 or 8) (Size: 465.8 GB) (Disk ID: 07F2837E) Partition 1: (Active) - (Size=465.8 GB) - (Type=07 NTFS) ======================================================== Disk: 1 (MBR Code: Windows XP) (Size: 1.9 GB) (Disk ID: C3072E18) Partition 1: (Active) - (Size=1.9 GB) - (Type=06) ==================== End of Addition.txt ============================ Quote
starbuck Posted November 30, 2015 Posted November 30, 2015 Hi Mike, tell me whether or not you can assist without running Ccleaner? I personally don't have a lot of confidence in CCleaner.... so you not running it is fine. How long has Trend Micro been installed? .... it seems to be having a few problems. Any chance you can reinstall it after running the FRST fix? Let's get rid of any possible conflicts.... Step 1 AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46} Windows Defender shouldn't be running, it will probably conflict with Trend Micro. Click Start >> Control Panel >> Windows Defender or launch from the system tray icon. Click on Tools & Settings >> Options. Under Real-time protection options, uncheck the "Real-time protection" check box. Click Save. Go to Start >> Control Panel >> Security >> Windows Defender, at the bottom of the Window Defenders page uncheck under Administrator Options "use Windows Defender" and then Save. Version: 2.2.0.1024 Malware Database: v2015.11.30.02 Rootkit Database: v2015.11.26.01 License: Trial If only loading MBAM to help clean a system, there's no advantage in running the trial version. The free version will do the job just as well...... without adding any extra realtime scanning. You can switch to the free version very easily: Start MBAM and then from the main page click on End Free Trial. Step 2 Let's clean up a few things.... Please download the attached fixlist.txt file (bottom of this post) and save it to F:\AV Softwares. NOTE. It's important that both files, FRST and fixlist.txt are in the same location or the fix will not work. NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system Re-run FRST/FRST64 (which ever is installed ) and press the Fix button just once and wait. The tool will make a log in the AV Software folder (Fixlog.txt). Please post this in your next reply. Step 3 Running Scannow may help to sort out a few of the errors in the error logs. Click Start >> All Programs >> Accessories, Now right-click Command Prompt, and select Run as administrator. If you are prompted for an administrator password or for a confirmation, type the password, or click Allow. Type the following command, and then press the ENTER key on the keyboard: (the space is meant to be there between the c and the / ) sfc /scannow The sfc /scannow command scans all protected system files and replaces incorrect versions with correct Microsoft versions. Running scannow once doesn't always seem to work...... run it a couple of times to make sure. In your next reply, please submit: Fixlog.txt Thanks.fixlist.txt Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 Thanks Pete, no problem reinstalling the Trend micro, hardest part will be to find the email with the license key for it. We had purchased TM as a package deal for our pc's here more than a year ago so this is our 2nd year. I got this part done: Click Start >> Control Panel >> Windows Defender or launch from the system tray icon. Click on Tools & Settings >> Options. Under Real-time protection options, uncheck the "Real-time protection" check box. but not seeing "Go to Start >> Control Panel >> Security >> Windows Defender" in my view as the attached screenshot shows, please advise on this so I can run the fix afterwards? Quote
starbuck Posted November 30, 2015 Posted November 30, 2015 Hi Mike, Sorry about that, I keep meaning to change my canned speech to reflect the change in instructions. This is now the correct second part. Click Start >> Programs >> Windows Defender or launch from the system tray icon. Click on Tools & Settings >> Options. In the left pane, click on Administrator. Uncheck the Use this program box. Click on the Save button. My apologies. Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 No worries at all.: Fix result of Farbar Recovery Scan Tool (x86) Version:30-11-2015 Ran by user (2015-11-30 18:20:25) Run:1 Running from F:\AV Softwares Loaded Profiles: user (Available Profiles: user) Boot Mode: Normal ============================================== fixlist content: ***************** HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\...\MountPoints2: {4225b781-c823-11e4-b7b2-0024818fd89b} - G:\HPLauncher.exe GroupPolicy: Restriction - Chrome <======= ATTENTION SearchScopes: HKU\.DEFAULT -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-19 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = SearchScopes: HKU\S-1-5-20 -> DefaultScope {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = CHR HKLM\...\Chrome\Extension: [dflinnddekagfkncpgojoppgnppfkbkj] - <no Path\update_url> CHR HKLM\...\Chrome\Extension: [idkknaphebegndgimgdpfnconcickdfn] - <no Path\update_url> R2 Amsp; "C:\Program Files\Trend Micro\AMSP\coreServiceShell.exe" coreFrameworkHost.exe -m=rb -dt=60000 -ad -bt=0 [X] S3 rpcapd; "%ProgramFiles%\WinPcap\rpcapd.exe" -d -f "%ProgramFiles%\WinPcap\rpcapd.ini" [X] U2 TMAgent; no ImagePath C:\Users\user\AppData\Local\Temp\CertificatesDLL.dll C:\Users\user\AppData\Local\Temp\i4jdel0.exe C:\Users\user\AppData\Local\Temp\SamsungAPInstaller_1429531037792.exe C:\Users\user\AppData\Local\Temp\SamsungAPInstaller_1432029816872.exe C:\Users\user\AppData\Local\Temp\SkypeSetup.exe C:\Users\user\AppData\Local\Temp\tmp4433.exe CustomCLSID: HKU\S-1-5-21-3001920249-2789374724-3985487498-1000_Classes\CLSID\{FBC48F05-1A1E-4536-AB4B-75C7EEA56CD6}\InprocServer32 -> no filepath FirewallRules: [{3C211A48-9AAE-4970-B96B-2F7B58022F37}] => (Allow) C:\Users\user\AppData\Local\Temp\nsz846D.tmp\CnetInstaller-10068658.exe FirewallRules: [{E5A9F9CE-180D-4BB7-AE6D-DD707B117FAF}] => (Allow) C:\Users\user\AppData\Local\Temp\nsz846D.tmp\CnetInstaller-10068658.exe FirewallRules: [{A797ACAA-B2DC-47D1-995B-50AEC5372C95}] => (Allow) C:\Users\user\AppData\Local\Temp\nsg7B2A.tmp\CnetInstaller-10068658.exe FirewallRules: [{0ADFF978-07D2-4BAE-A28F-FF14E5F88A4D}] => (Allow) C:\Users\user\AppData\Local\Temp\nsg7B2A.tmp\CnetInstaller-10068658.exe CMD: ipconfig /flushdns Hosts: EmptyTemp: ***************** "HKU\S-1-5-21-3001920249-2789374724-3985487498-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\MountPoints2\{4225b781-c823-11e4-b7b2-0024818fd89b}" => key removed successfully. HKCR\CLSID\{4225b781-c823-11e4-b7b2-0024818fd89b} => key not found. C:\Windows\system32\GroupPolicy\Machine => moved successfully C:\Windows\system32\GroupPolicy\GPT.ini => moved successfully HKU\.DEFAULT\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. HKU\S-1-5-19\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. HKU\S-1-5-20\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\\DefaultScope => value removed successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\dflinnddekagfkncpgojoppgnppfkbkj" => key removed successfully. "HKLM\SOFTWARE\Google\Chrome\Extensions\idkknaphebegndgimgdpfnconcickdfn" => key removed successfully. Amsp => Unable to stop service. Amsp => service could not remove rpcapd => service removed successfully. TMAgent => service removed successfully. C:\Users\user\AppData\Local\Temp\CertificatesDLL.dll => moved successfully C:\Users\user\AppData\Local\Temp\i4jdel0.exe => moved successfully C:\Users\user\AppData\Local\Temp\SamsungAPInstaller_1429531037792.exe => moved successfully C:\Users\user\AppData\Local\Temp\SamsungAPInstaller_1432029816872.exe => moved successfully C:\Users\user\AppData\Local\Temp\SkypeSetup.exe => moved successfully C:\Users\user\AppData\Local\Temp\tmp4433.exe => moved successfully "HKU\S-1-5-21-3001920249-2789374724-3985487498-1000_Classes\CLSID\{FBC48F05-1A1E-4536-AB4B-75C7EEA56CD6}" => key removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{3C211A48-9AAE-4970-B96B-2F7B58022F37} => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{E5A9F9CE-180D-4BB7-AE6D-DD707B117FAF} => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{A797ACAA-B2DC-47D1-995B-50AEC5372C95} => value removed successfully. HKLM\SYSTEM\CurrentControlSet\services\SharedAccess\Parameters\FirewallPolicy\FirewallRules\\{0ADFF978-07D2-4BAE-A28F-FF14E5F88A4D} => value removed successfully. ========= ipconfig /flushdns ========= Windows IP Configuration Successfully flushed the DNS Resolver Cache. ========= End of CMD: ========= C:\Windows\System32\Drivers\etc\hosts => moved successfully Quote
mikehende Posted November 30, 2015 Author Posted November 30, 2015 SFC/scannow showed that it repaired some files. I will let you know tomorrow if all is back to normal, till then thanks and have a good night! Quote
starbuck Posted December 1, 2015 Posted December 1, 2015 Ok, thanks for letting me know Mike. Speak again tomorrow. Quote
mikehende Posted December 1, 2015 Author Posted December 1, 2015 Still not working as it should Pete, getting glitches every now and then. Quote
starbuck Posted December 1, 2015 Posted December 1, 2015 (edited) Hi Mike, Let's run an online scan just to make sure.... but I doubt this is related to malware. It seems more like a conflict somewhere. Step 1 I'd like you to do an ESET OnlineScan You may find it beneficial to close your resident AV program before running the scan. It's been found that on some systems the Eset's Online Scan fails during the database download ( around 20% ) To prevent this happening: When the Computer scan settings display shows, click the Advanced option, the place a check next to the following (if it is not already checked): Enable Anti-Stealth technology Hold down Control and click on the following link to open ESET OnlineScan in a new window. ESET OnlineScan Click the Online scanner button. If asked, allow the activex control to install For alternate browsers only: (Microsoft Internet Explorer users can skip these steps) Click on SmartInstall to download the ESET Smart Installer. Save it to your desktop. Double click on the SmartInstall Desktop Icon on your desktop. [*]Check AcceptTerms [*]Click the Start button. [*]Accept any security warnings from your browser. [*]Check ScanArchives [*]Make sure that the option Remove found threats is ticked, and the option Scan unwanted applications is checked [*]Click the Start button. [*]ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time. [*]When the scan completes, push ListThreats [*]Click Export and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply. [*]Click the Back button. [*]Click Finish A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt Step 2 Let's try a clean boot and see if you still get any glitches... Hold down the Windows key on your keyboard and press the R key. With the Run dialogue window open, type in msconfig and click the OK button. You should now be looking at the System Configuration window. Click on the Services tab. On the Services tab, youll notice a long list of services available on your PC First, check the box labeled Hide All Microsoft Services. <<<<<<<<<<< Important Next, click the Disable All button By performing these two steps, you have effectively turned off all services from third-party software developers. All Microsoft services remain intact and will be ready to load when you reboot Windows. Finally, click the OK button and reboot the system When you reboot, you may get messages that certain hardware and software are not unavailable. This is normal. Just be sure to hide all Microsoft services before you use the Disable All button. Otherwise, you may encounter boot up errors when you reboot your PC. Remember, running Windows like this is just temporary. To restore Windows to a normal start up functionality: Start the System Configuration Utility again (MSCONFIG) On the "General" tab: Click to select "Normal Startup" Click "OK" Choose the "Exit with Restart" option to restart your computer. In your next reply, please submit: Eset scan report if anything is found. Let me know if things run better with a clean boot. Thanks. Edited December 1, 2015 by starbuck Quote
mikehende Posted December 1, 2015 Author Posted December 1, 2015 Man, that eset scan took over 5 hours but nothing was found and yes now with clean boot, working fast again, so far. Quote
starbuck Posted December 1, 2015 Posted December 1, 2015 Hi Mike, Yes, the eset scan can take awhile.... but it is very thorougher. So we now know it's not malware related. That leaves us with a conflict. This seems to be bared out by things running much better when a clean boot is in operation. There must be a third party program that is causing this. Now it's just trial and error to find out which one. All you can do is to enable the settings in MsConfig one at a time ( trying the PC in between) When it starts to play up...... you have found the culprit. Or you could work backwards by removing the last program that was installed and keep removing them until you find the one that causes this. Btw: Recommendation. SuperAntiSpyware doesn't need to start when Windows starts. You can start it manually when you need to do a scan. To change this: Restart SuperAntiSpyware... Then from the main page, Click on the Preferences button....then untick... 'Start SuperAntiSpyware when Windows starts'. Then click Close. and then Close on the next screen to exit the program. Quote
starbuck Posted December 2, 2015 Posted December 2, 2015 This may help a bit: Braina No conclusive information on this, final rating for this file is Unknown If you don't really need it, remove it. Samsung Link Greenshot These are valid entries but is classified as 'not required'. Typically, these entries are infrequently used tasks that can be started manually, if necessary. MagicDisc APSDaemon EventGhost These are valid entries, but is classified as 'user's choice'. They may not be needed, but that depends on whether the user deems it necessary. Quote
mikehende Posted December 2, 2015 Author Posted December 2, 2015 Hey Pete, seems the system is working as normal now [thanks!]. All of those softwares have been there for a while so Braina could be the culprit as that was the last one installed, will go through the list. I never have both SAS and Mbam on my pc's, I only installed them for virus cleaning so will remove them. I am confused by this: "I personally don't have a lot of confidence in CCleaner" I had always thought that cleaning browser history was the very last and essential thing to do after any virus cleaning? Quote
starbuck Posted December 2, 2015 Posted December 2, 2015 Hi Mike, I am confused by this: "I personally don't have a lot of confidence in CCleaner" Simply because I don't think it's a good enough program to use.... there are much better ways to clean out the temp files. Most users will just run CCleaner and don't know what it's actually doing. If the settings are not altered..... CCleaner will delete the Index data (from Windows Indexing, which helps in faster search) and as such corrupts the index. As a result the index will need to be rebuilt and Windows will run those services to achieve this. This can be seen in some FRST reports... Error: (05/11/2015 09:41:14 AM) (Source: Windows Search Service) (EventID: 3058) (User: ) Description: The application cannot be initialized. Context: Windows Application Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/11/2015 09:41:14 AM) (Source: Windows Search Service) (EventID: 3028) (User: ) Description: The gatherer object cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: The content index catalog is corrupt. (HRESULT : 0xc0041801) (0xc0041801) Error: (05/11/2015 09:41:14 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.TripoliIndexer> cannot be initialized. Context: Windows Application, SystemIndex Catalog Details: Element not found. (HRESULT : 0x80070490) (0x80070490) Error: (05/11/2015 09:41:05 AM) (Source: Windows Search Service) (EventID: 3029) (User: ) Description: The plug-in in <Search.JetPropStore> cannot be initialized. Context: Windows Application, SystemIndex Catalog Also, The 'Free' version of CCleaner affects only global temporary files (created by Windows itself) and those of the currently logged-on user. If you have multiple user accounts on your PC and you need to gain maximum disk and registry optimization, you must either run CCleaner from each account separately or use the Run as different user command. ---------------- These are what I use: TFC (only for WinXP, Vista, Win7 and Win8) Download TFC by OldTimer to your desktop Please double-click TFC.exe to run it. (Note: If you are running on Vista/Win7/Win8, right-click on the file and choose Run As Administrator). It will close all programs when run, so make sure you have saved all your work before you begin. Click the Start button to begin the process. Depending on how often you clean temp files, execution time should be anywhere from a few seconds to a minute or two. Let it run uninterrupted to completion. Once it's finished it should reboot your machine. If it does not, please manually reboot the machine yourself to ensure a complete clean. When run, the application will clear out: all temp folders for all user accounts (temp, IE temp, java, FF, Opera), including Administrator, All Users, LocalService, NetworkService, and any other accounts in the user folder. It also cleans out the %systemroot%\temp folder and checks for .tmp files in the %systemdrive% root folder, %systemroot%, and the system32 folder (both 32bit and 64bit on 64bit OSs). It shows the amount removed for each location found (in bytes) and the total removed (in MB). Before running it will stop Explorer and all other running apps. When finished, a reboot is required to complete the cleaning. or Use the EmptyTemp: directive with FRST. (can be used on any Windows platform inc Win10 ) The following directories are emptied when using the EmptyTemp: directive.... Windows Temp. Users Temp folders Edge, IE, FF, Chrome and Opera cache, HTML5 Local Storage, Cookies and History (Note: FF history is not removed) . Recently opened files cache. Flash Player cache. Java cache. Explorer thumbnail cache and network qmgr?.dat files. Recycle Bin. When EmptyTemp: directive is used the system will be rebooted after the fix. ------------ I had always thought that cleaning browser history was the very last and essential thing to do after any virus cleaning? Clearing the browsing history won't actually effect much. At the end of the day it's only a record of the sites that you have visited. 1 Quote
mikehende Posted December 2, 2015 Author Posted December 2, 2015 Ok so TFC will not clear the browser history as Ccleaner does? Quote
starbuck Posted December 2, 2015 Posted December 2, 2015 No TFC doesn't clean the browser history. If the browsers are set up correctly, you wouldn't need to worry about this anyway. I set my browsers to clear the History each time the browser is closed: Firefox: Internet Explorer: so there's never any History to worry about. Quote
mikehende Posted December 2, 2015 Author Posted December 2, 2015 With auto-complete I type only the first letter of ebay or amazon or this site or any site I visit frequently and the full address is there but when you clear the browser history each time then won't it be a pain for you every time you visit the same sites to have to type the url address? Also, if eset online scanner is "more thorough" as you've stated why isn't that a better option than MBAM, is it because the very long time eset takes? Quote
starbuck Posted December 2, 2015 Posted December 2, 2015 Yes. if you clear the browsing History then it does make it harder to go to a site using auto complete. This is why I always Firefox ( I like my addons/extensions ) This addon is set as my Home Page...... Speed Dial 0.9.6.18 On this system I have set 16 speed dials. ( I can set it for basically any number ) On other systems I use 2 pages of 16. All main sites are there ready to be opened in a new tab.... but the Main Speed Dial tab is always there to access more sites if I want. Then any odd page I want to save... I just Bookmark. This system works great for me. Also, if eset online scanner is "more thorough" as you've stated why isn't that a better option than MBAM, is it because the very long time eset takes? That's right. MBAM will search for the main malware items.... Eset will scan for a lot more, but the offset is the time factor. Quote
mikehende Posted December 2, 2015 Author Posted December 2, 2015 Whoa nice info, thanks! Ok, I will consider the addons. BTW Pete, I had wanted to save this until I had tried it myself to inform you of it but since "braina" was mentioned here, I am trying to see if it will work with my DJ software, braina already works with WMP and VLC and others for voice command music playback, if interested you can view it's description here and it only costs $30: https://www.brainasoft.com/braina/music-and-videos.html Also this may be a good option for those who are into TV entertainment, it's pretty cool: http://www.amuletdevices.com/ Quote
Recommended Posts