Page 1 of 5 123 ... LastLast
Results 1 to 10 of 46
  1. #1
    Member
    Join Date
    Nov 2014
    Posts
    24
    Points
    0

    Default Advanced System Care (ASC) Bad Site?

    Have discussed with zip516 my experience with an install of Advanced System Care (ASC) which I had used for some years on my XP computers. Last night I decided to try on a Windows 8.1 computer and it appears my computer was hijacked - usual loss of home page on browser was first thing noticed, and no luck trying to get the "free ASC to run. I went to the W8 uninstall and removed all programs installed on the date of the subject "install"... still the browser home page was hijacked. One program that kept appearing was SnapDo.

    I have run Super Antivirus and found 250 problems, I took action to remove the SnapDo found with this scan. Below is the file from Super before taking any additional actions:

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 11/02/2014 at 07:12 AM

    Application Version : 6.0.1158
    Database Version : 11585

    Scan type : Quick Scan
    Total Scan Time : 00:03:53

    Operating System Information
    Windows 8.1 64-bit (Build 6.03.9200)
    UAC On - Limited User

    Memory items scanned : 602
    Memory threats detected : 0
    Registry items scanned : 79108
    Registry threats detected : 45
    File items scanned : 9299
    File threats detected : 205

    PUP.OneSoftPerDay
    (x86) HKLM\SOFTWARE\ONESOFTPERDAY

    PUP.AnyProtect
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\installer\ab.test.json
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\installer\tempfile.t
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\installer
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\language\de.xml
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\language\en.xml
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\language\fr.xml
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\language
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\logs
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\scan_results
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\swf\mov01.swf
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX\swf
    C:\Users\Gerald\AppData\Roaming\ANYPROTECTEX

    PUP.Snap
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\Implemented Categories
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\Implemented Categories\{62C8FE65-4EBB-45e7-B440-6E39B2CDBF29}
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32#ThreadingModel
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32#Class
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32#Assembly
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32#RuntimeVersion
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32#CodeBase
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32\1.0.0.0
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32\1.0.0.0#Class
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32\1.0.0.0#Assembly
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32\1.0.0.0#RuntimeVersion
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\InprocServer32\1.0.0.0#CodeBase
    (x86) HKLM\SOFTWARE\Classes\CLSID\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}\ProgId
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#AuthorizedCDFPrefix
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Comments
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Contact
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#DisplayVersion
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#HelpLink
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#HelpTelephone
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#InstallDate
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#InstallLocation
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#InstallSource
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#ModifyPath
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#NoModify
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#NoRepair
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Publisher
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Readme
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Size
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#EstimatedSize
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#UninstallString
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#URLInfoAbout
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#URLUpdateInfo
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#VersionMajor
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#VersionMinor
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#WindowsInstaller
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Version
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#Language
    (x86) HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{F33C8209-E8E0-49C8-8D7E-363CD346C801}#DisplayName

    PUP.Ask Toolbar
    (x86) HKU\.DEFAULT\Software\AskPartnerNetwork\Toolbar
    (x86) HKU\S-1-5-18-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\Software\AskPartnerNetwork\Toolbar
    (x86) HKU\S-1-5-18\Software\AskPartnerNetwork\Toolbar

    Adware.Tracking Cookie
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\273EUDLO.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\273EUDLO.txt [ /atdmt.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\6O3FJ1HA.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\6O3FJ1HA.txt [ /ads.undertone.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\687C6C5H.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\687C6C5H.txt [ /serving-sys.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\864N4VDL.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\864N4VDL.txt [ /adtechus.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\YATGSLT9.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\YATGSLT9.txt [ /ads.pubmatic.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\XJOCP9OE.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\XJOCP9OE.txt [ /advertising.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\CIHHZCGK.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\CIHHZCGK.txt [ /ads.yahoo.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\ZK4WHSFC.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\ZK4WHSFC.txt [ /revsci.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\PG81UV9L.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\PG81UV9L.txt [ /at.atwola.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\LYG7KR11.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\LYG7KR11.txt [ /burstnet.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\POYNQL80.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\POYNQL80.txt [ /imrworldwide.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\WKOI3564.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\WKOI3564.txt [ /ru4.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\NWZ2Z7T0.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\NWZ2Z7T0.txt [ /doubleclick.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\574KRT4Y.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\574KRT4Y.txt [ /ads.adsrvmedia.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\N78QXM11.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\N78QXM11.txt [ /adform.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\ZEQJX357.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\ZEQJX357.txt [ /ad.mlnadvertising.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\TIWFJX3F.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\TIWFJX3F.txt [ /smartadserver.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\UEMNQJM9.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\UEMNQJM9.txt [ /www.burstnet.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\EZF27HT1.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\EZF27HT1.txt [ /histats.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\FJDN1PEZ.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\FJDN1PEZ.txt [ /casalemedia.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\MKMNNG3J.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\MKMNNG3J.txt [ /c1.adform.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\D7JVIVSV.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\D7JVIVSV.txt [ /atdmt.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\NP37VFC2.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\NP37VFC2.txt [ /serving-sys.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\9ILAOCSE.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\9ILAOCSE.txt [ /adtechus.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\JUB3S2BN.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\JUB3S2BN.txt [ /basebanner.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\ERM1AE74.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\ERM1AE74.txt [ /advertising.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\7QBNL334.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\7QBNL334.txt [ /ads.yahoo.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\ES69E2H2.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\ES69E2H2.txt [ /ads.pointroll.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\WCEGDQHB.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\WCEGDQHB.txt [ /pro-market.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\AIRSTRXY.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\AIRSTRXY.txt [ /amazon-adsystem.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\QTVX027Z.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\QTVX027Z.txt [ /revsci.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\DYOBUDA4.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\DYOBUDA4.txt [ /at.atwola.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\F16F97WR.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\F16F97WR.txt [ /statse.webtrendslive.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\YTAUZC8B.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\YTAUZC8B.txt [ /ru4.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\SFUEYIHG.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\SFUEYIHG.txt [ /doubleclick.net ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\YNGUFCOT.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\YNGUFCOT.txt [ /tacoda.at.atwola.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\HTTAAOGF.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\HTTAAOGF.txt [ /interclick.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\L99WVW84.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\L99WVW84.txt [ /ad.mlnadvertising.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\48TTN0IE.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\48TTN0IE.txt [ /pointroll.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\SC2R33NC.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\SC2R33NC.txt [ /smartadserver.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\WA4LLQ5Q.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\WA4LLQ5Q.txt [ /bs.serving-sys.com ]
    C:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\1MJLQJCX.txtC:\Users\Gerald\AppData\Local\Microsoft\Windows\INetCookies\Low\1MJLQJCX.txt [ /casalemedia.com ]
    .doubleclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    traffic.prod.cobaltgroup.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .eyeviewads.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ad.mlnadvertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .clickfuse.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    tapstone.rotator.hadj1.adjuggler.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    tapstone.rotator.hadj1.adjuggler.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.bridgetrack.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtech.de [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .247realmedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .247realmedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .revenuemantra.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .liveperson.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adlegend.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adlegend.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    statse.webtrendslive.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    link.mercent.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .statcounter.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .mediaplex.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .medhelpinternational.112.2o7.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adform.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    socialads.pchkit.revenuewire.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    socialads.pchkit.revenuewire.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    socialads.pchkit.revenuewire.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .pchkit.revenuewire.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .speedypc.revenuewire.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adservingsolutionsinc.adk2.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adservingsolutionsinc.adk2.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adservingsolutionsinc.adk2.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adservingsolutionsinc.adk2.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adservingsolutionsinc.adk2.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adservingsolutionsinc.adk2.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .zedo.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ads.bridgetrack.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .burstnet.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .synacorembarq.112.2o7.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .fastclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]

    ============
    End of Log
    ============

  2. #2
    Member
    Join Date
    Nov 2014
    Posts
    24
    Points
    0

    Default

    After a "clean up" of the above scan I ran SuperAntiSpy again and found another batch of problems, the file below is before removing this latest scan:

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 11/02/2014 at 07:53 AM

    Application Version : 6.0.1158
    Database Version : 11585

    Scan type : Complete Scan
    Total Scan Time : 00:26:03

    Operating System Information
    Windows 8.1 64-bit (Build 6.03.9200)
    UAC On - Limited User

    Memory items scanned : 565
    Memory threats detected : 0
    Registry items scanned : 67106
    Registry threats detected : 0
    File items scanned : 37266
    File threats detected : 27

    Trojan.Agent/Gen-Spy
    C:\USERS\GERALD\APPDATA\LOCAL\SMARTBAR\APPLICATION\HELPERBAR@HELPERBAR.COM\COMPONENTS\SMARTBARFIREFOXREMOTEPLUGIN_32.DLL
    C:\USERS\GERALD\APPDATA\LOCAL\SMARTBAR\APPLICATION\HELPERBAR@HELPERBAR.COM\COMPONENTS\SMARTBARFIREFOXREMOTEPLUGIN_27.DLL
    C:\USERS\GERALD\APPDATA\LOCAL\SMARTBAR\APPLICATION\HELPERBAR@HELPERBAR.COM\COMPONENTS\SMARTBARFIREFOXREMOTEPLUGIN_28.DLL
    C:\USERS\GERALD\APPDATA\LOCAL\SMARTBAR\APPLICATION\HELPERBAR@HELPERBAR.COM\COMPONENTS\SMARTBARFIREFOXREMOTEPLUGIN_29.DLL
    C:\USERS\GERALD\APPDATA\LOCAL\SMARTBAR\APPLICATION\HELPERBAR@HELPERBAR.COM\COMPONENTS\SMARTBARFIREFOXREMOTEPLUGIN_30.DLL
    C:\USERS\GERALD\APPDATA\LOCAL\SMARTBAR\APPLICATION\HELPERBAR@HELPERBAR.COM\COMPONENTS\SMARTBARFIREFOXREMOTEPLUGIN_31.DLL

    Adware.FavoriteNetwork/Variant
    C:\USERS\GERALD\APPDATA\LOCAL\TEMP\A2DAXWYTYV\IS45637729\74102958_STP\GENERIC_VO.EXE
    C:\WINDOWS\Prefetch\GENERIC_VO.EXE-F254E8AB.pf

    Adware.Tracking Cookie
    secure-uk.imrworldwide.com [ C:\USERS\GERALD\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\4LSN8BYL ]
    .doubleclick.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .smartadserver.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .adaptv.advertising.com [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]
    .synacorembarq.112.2o7.net [ C:\USERS\GERALD\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\26PCYXM1.DEFAULT-1413945276322\COOKIES.SQLITE ]

    ============
    End of Log
    ============

  3. #3
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Jerry_NJ,

    Welcome to Help2Go!

    I found the thread at the Garden Web where you and Joe were discussing this issue. I believe that Joe may have been called into work today or he would have posted by now. I sent out a message to him to let him know that you have posted your logs above. We work together on many occasions and help each other when needed. If you don't mind, I'll provide the instructions he would like for you to follow and get the logs needed to at least get you started in his absence and he can either take over from there, or I can help in his absence.

    Please do the following:

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • After the scan has finished, click the Report button. A logfile (AdwCleaner[R0].txt) will open in Notepad for review.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of all logfiles are saved in the C:\AdwCleaner folder which was created when running the tool.


    Thank you,
    Donna
    Last edited by DonnaB; 11-02-2014 at 09:10 AM.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  4. #4
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Good news, I see Donna has got you started and you got nailed pretty good. Most importantly now is not to make any changes or try an remove anything yourself. Don't run anymore scans, just the things we give you instruction for. Download every tool we give you to the desktop and right click an run those tools as Administrator.

    Waiting for the AdwCleaner log, please post it in your next reply

    Joe

  5. #5
    Member
    Join Date
    Nov 2014
    Posts
    24
    Points
    0

    Default

    Thanks Donna, Joe,

    When I tried to download Adwarecleaner I got a 700K+ file named FileOpenerSetup. When I clicked and when I right clicked/admin I got an "insufficient resources" dialog. Next I see Avira giving a "security Alert" in which it has blocked the FileOpnerSetup, seems Avira considers adware... a virus or unwanted progrem. Do I have to turn Avira off for the download/installation?

  6. #6
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Try turning avira off yes.

  7. #7
    Member
    Join Date
    Nov 2014
    Posts
    24
    Points
    0

    Default

    Ouch, I can't find where to turn Avira off. The task manager in W8.1 isn't as friendly as earlier Windows and it shows at least 4 or 5 instances of Avira

  8. #8
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

  9. #9
    Member
    Join Date
    Nov 2014
    Posts
    24
    Points
    0

    Default

    Adwcleaner appears to be at a halt, waiting for me to say "clean" here's what the file shows... can I turn Avira back on?
    # AdwCleaner v4.000 - Report created 02/11/2014 at 12:19:31
    # Updated 12/10/2014 by Xplode
    # Database : 201.28
    # Operating System : Windows 8.1 (64 bits)
    # Username : Gerald - JERRYGAYEWAY2
    # Running from : C:\Users\Gerald\Downloads\adwcleaner_4.000.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : BackupStack
    Service Found : ttsvc

    ***** [ Files / Folders ] *****

    File Found : C:\Users\Gerald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MyPC Backup.lnk
    File Found : C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\26pcyxm1.default-1413945276322\searchplugins\astromenda.xml
    File Found : C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\26pcyxm1.default-1413945276322\searchplugins\Web Search.xml
    File Found : C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\26pcyxm1.default-1413945276322\user.js
    File Found : C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\ys8fctmc.default-1382538210551\searchplugins\astromenda.xml
    File Found : C:\Users\Gerald\AppData\Roaming\Mozilla\Firefox\Profiles\ys8fctmc.default-1382538210551\user.js
    File Found : C:\Users\Gerald\Desktop\Continue Live Installation.lnk
    File Found : C:\Users\Gerald\Desktop\MyPC Backup.lnk
    File Found : C:\Users\Gerald\Desktop\Sync Folder.lnk
    File Found : C:\Users\Public\Desktop\DriverRestore.lnk
    File Found : C:\Users\Public\Desktop\FileOpener.lnk
    File Found : C:\WINDOWS\System32\roboot64.exe
    Folder Found : C:\Program Files (x86)\DriverRestore
    Folder Found : C:\Program Files (x86)\Mozilla Firefox\Extensions\termtutor@termtutor.com
    Folder Found : C:\Program Files (x86)\MyPC Backup
    Folder Found : C:\Program Files (x86)\predm
    Folder Found : C:\Program Files (x86)\TermTutor
    Folder Found : C:\Program Files (x86)\Tweaks
    Folder Found : C:\Program Files (x86)\ver7BlockAndSurf
    Folder Found : C:\Program Files\TermTutor
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\DriverRestore
    Folder Found : C:\ProgramData\Microsoft\Windows\Start Menu\Programs\FileOpener
    Folder Found : C:\Users\Gerald\AppData\Local\Google\Chrome\User Data\Default\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
    Folder Found : C:\Users\Gerald\AppData\Local\LPT
    Folder Found : C:\Users\Gerald\AppData\Local\Smartbar
    Folder Found : C:\Users\Gerald\AppData\Roaming\DigitalSites
    Folder Found : C:\Users\Gerald\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\MyPC Backup
    Folder Found : C:\Users\Gerald\AppData\Roaming\Systweak
    Folder Found : C:\Users\Gerald\Documents\PC Health Kit

    ***** [ Scheduled Tasks ] *****

    Task Found : ASP
    Task Found : Digital Sites
    Task Found : LaunchSignup

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AnyProtect
    Key Found : HKCU\Software\DriverRestore
    Key Found : HKCU\Software\dsiteproducts
    Key Found : HKCU\Software\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
    Key Found : HKCU\Software\InstallCore
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\Digital Sites
    Key Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\File Opener Packages
    Key Found : HKCU\Software\SmartBar
    Key Found : HKCU\Software\Smartbar
    Key Found : HKCU\Software\smartbarbackup
    Key Found : HKCU\Software\smartbarlog
    Key Found : HKCU\Software\systweak
    Key Found : HKCU\Software\Tune
    Key Found : HKCU\Software\TutoTag
    Key Found : [x64] HKCU\Software\AnyProtect
    Key Found : [x64] HKCU\Software\DriverRestore
    Key Found : [x64] HKCU\Software\dsiteproducts
    Key Found : [x64] HKCU\Software\InstallCore
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : [x64] HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Key Found : [x64] HKCU\Software\SmartBar
    Key Found : [x64] HKCU\Software\Smartbar
    Key Found : [x64] HKCU\Software\smartbarbackup
    Key Found : [x64] HKCU\Software\smartbarlog
    Key Found : [x64] HKCU\Software\systweak
    Key Found : [x64] HKCU\Software\Tune
    Key Found : [x64] HKCU\Software\TutoTag
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Found : HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bandobjectattribute
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.bho
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.dockingpanel
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbar
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.iesmartbarbandobject
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbardisplaystate
    Key Found : HKLM\SOFTWARE\Classes\iesmartbar.smartbarmenuform
    Key Found : HKLM\SOFTWARE\Classes\TypeLib\{733413F4-5FB9-4EE9-8536-BF7AB1731A19}
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\nfengeggddojhakldhlpjdlddgkkjkdd
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
    Key Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{006EE092-9658-4FD6-BD8E-A21A348E59F5}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\GoogleUpdate.exe
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Paths\mypc backup
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CB99040-7828-4C37-AC01-F15758F43E4D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{6CB99040-7828-4C37-AC01-F15758F43E4D}
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\TermTutor
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\Tweaks FileOpener
    Key Found : HKLM\SOFTWARE\systweak
    Key Found : HKLM\SOFTWARE\TermTutor
    Key Found : HKLM\SOFTWARE\Tune
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{56561B2A-FB5D-363A-9631-4C03D6054209}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{6CB99040-7828-4C37-AC01-F15758F43E4D}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{A717364F-69F3-3A24-ADD5-3901A57F880E}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{AE07101B-46D4-4A98-AF68-0333EA26E113}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CCB08265-B35D-30B2-A6AF-6986CA957358}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{CD92622E-49B9-33B7-98D1-EC51049457D7}
    Key Found : [x64] HKLM\SOFTWARE\Classes\CLSID\{E041E037-FA4B-364A-B440-7A1051EA0301}
    Key Found : [x64] HKLM\SOFTWARE\DriverRestore
    Key Found : [x64] HKLM\SOFTWARE\Google\Chrome\Extensions\pfkfdlcdbajamklbneflfbcmfgddmpae
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchScopes\{2E00D31D-D171-423D-836D-1A4D7EA7F1A9}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{31AD400D-1B06-4E33-A59A-90C2C140CBA0}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{6CB99040-7828-4C37-AC01-F15758F43E4D}
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UpgradeCodes\5E8031606EB60A64C882918F8FF38DD4
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\649A52D257CA5DB4EAAE8BA9EB23E467
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DriverRestore
    Key Found : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\MyPC Backup
    Value Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [ConvertAd]
    Value Found : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [termtutor@termtutor.com]
    Value Found : [x64] HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{AE07101B-46D4-4A98-AF68-0333EA26E113}]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17344

    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjH4ejPbGMJXIuAnJRHSCJHnrtBfaiDy8zXDTBsMDCz5qRSWJ9n-EjkilckMtHrw,,&q={searchTerms}
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjE_7xKycJWu678h84OGj8eh2kY1dQLFgP4RWthfGzAGfDXoAs7R8MsVFdtI5ZdQ,,
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Main [Search Bar] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjH4ejPbGMJXIuAnJRHSCJHnrtBfaiDy8zXDTBsMDCz5qRSWJ9n-EjkilckMtHrw,,&q={searchTerms}
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [Default_Search_URL] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjH4ejPbGMJXIuAnJRHSCJHnrtBfaiDy8zXDTBsMDCz5qRSWJ9n-EjkilckMtHrw,,&q={searchTerms}
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\Search [SearchAssistant] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjH4ejPbGMJXIuAnJRHSCJHnrtBfaiDy8zXDTBsMDCz5qRSWJ9n-EjkilckMtHrw,,&q={searchTerms}
    Setting Found : HKCU\Software\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjH4ejPbGMJXIuAnJRHSCJHnrtBfaiDy8zXDTBsMDCz5qRSWJ9n-EjkilckMtHrw,,&q={searchTerms}
    Setting Found : HKLM\SOFTWARE\Microsoft\Internet Explorer\SearchUrl [Default] - hxxp://feed.snapdo.com/?p=mKO_AwFzXIpYRaHk7fb-MO5XCXXVn6DMoLXA5bpSRiP8qgt8qU7Ogr7c4IDGfiu-lwYP6AejFBKxdwoXUyOqcjqveMIk8BlPpv-tQvMMa0HWQCgZRi2yZniBmpm7nGs49mPx8FwjH4ejPbGMJXIuAnJRHSCJHnrtBfaiDy8zXDTBsMDCz5qRSWJ9n-EjkilckMtHrA,,&q={searchTerms}

    -\\ Mozilla Firefox v32.0.3 (x86 en-US)


    -\\ Google Chrome v38.0.2125.111


    *************************

    AdwCleaner[R0].txt - [2845 octets] - [12/01/2014 07:33:40]
    AdwCleaner[R1].txt - [1015 octets] - [12/01/2014 08:12:11]
    AdwCleaner[R2].txt - [1136 octets] - [12/01/2014 19:40:08]
    AdwCleaner[R3].txt - [3642 octets] - [17/10/2014 08:05:00]
    AdwCleaner[R4].txt - [3702 octets] - [17/10/2014 08:25:00]
    AdwCleaner[R5].txt - [1396 octets] - [19/10/2014 09:04:11]
    AdwCleaner[R6].txt - [11461 octets] - [02/11/2014 12:19:31]
    AdwCleaner[S0].txt - [2933 octets] - [12/01/2014 07:36:55]
    AdwCleaner[S1].txt - [1076 octets] - [12/01/2014 08:13:29]
    AdwCleaner[S2].txt - [1198 octets] - [12/01/2014 19:42:28]
    AdwCleaner[S3].txt - [3469 octets] - [17/10/2014 08:28:38]
    AdwCleaner[S4].txt - [1370 octets] - [19/10/2014 10:50:22]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R6].txt - [11822 octets] ##########

  10. #10
    Member Spyware Fighter zep516's Avatar
    Join Date
    Dec 2005
    Location
    Pittsburgh, Pa
    Posts
    7,173
    Points
    1307

    Default

    Run the clean option now. That's how the malware gets removed . Post the log after you run the Clean option.

Page 1 of 5 123 ... LastLast