Page 1 of 5 123 ... LastLast
Results 1 to 10 of 44
  1. #1
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Unhappy Computer has become slow, especially 'My Computer' (explorere.exe).

    SUPERAntiSpyware Scan Log
    SUPERAntiSpyware | Remove Malware | Remove Spyware - AntiMalware, AntiSpyware, AntiAdware!

    Generated 12/11/2014 at 03:07 AM

    Application Version : 6.0.1164
    Database Version : 11654

    Scan type : Complete Scan
    Total Scan Time : 01:06:54

    Operating System Information
    Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 759
    Memory threats detected : 0
    Registry items scanned : 65736
    Registry threats detected : 0
    File items scanned : 49226
    File threats detected : 230

    Adware.Tracking Cookie
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\7TQQ304E.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\7TQQ304E.txt [ /amazon-adsystem.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\SFD70KWO.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\SFD70KWO.txt [ /clickprotects.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\JTYDR9EO.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\JTYDR9EO.txt [ /www.sex.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\O28AZ707.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\O28AZ707.txt [ /smartadserver.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Z1LWFLWY.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Z1LWFLWY.txt [ /onclickads.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5RD97TQ2.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5RD97TQ2.txt [ /ads.ad4game.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\C84X6F0H.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\C84X6F0H.txt [ /server.cpmstar.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3TONHP68.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3TONHP68.txt [ /delivery.enigmaadserver.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3R1ZT3FV.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3R1ZT3FV.txt [ /statcounter.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AIWOR2Y0.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AIWOR2Y0.txt [ /bs.serving-sys.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\KSWQ79IG.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\KSWQ79IG.txt [ /pro-market.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5UI77K18.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5UI77K18.txt [ /ad.360yield.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Z1T2H0VQ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Z1T2H0VQ.txt [ /questionmarket.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\KN1TP99Z.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\KN1TP99Z.txt [ /ads.adstruct.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\6EXYRQK2.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\6EXYRQK2.txt [ /fastclick.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\2H1OE0VT.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\2H1OE0VT.txt [ /a2.adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AELG7LOQ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AELG7LOQ.txt [ /c1.adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\8CCZ5Q0C.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\8CCZ5Q0C.txt [ /click.api.deximedia.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\SLHHRRJZ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\SLHHRRJZ.txt [ /delivery.trafficforce.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\J0AM2CQ4.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\J0AM2CQ4.txt [ /tribalfusion.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\CO7Q9DYH.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\CO7Q9DYH.txt [ /ads.betweendigital.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\CHVNAOC3.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\CHVNAOC3.txt [ /basebanner.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\EVQKMOTG.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\EVQKMOTG.txt [ /eyeviewads.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\4OM2RNV3.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\4OM2RNV3.txt [ /mediaplex.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\DWQY4JW0.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\DWQY4JW0.txt [ /track.smarttvcodec.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\EQOK9WL7.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\EQOK9WL7.txt [ /c.clickprotects.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5E82MDIQ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5E82MDIQ.txt [ /specificclick.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\A6ZT2FVB.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\A6ZT2FVB.txt [ /theadnetworktracking.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\VM2R61Q1.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\VM2R61Q1.txt [ /serving-sys.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0PNREQ8S.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0PNREQ8S.txt [ /ads.stickyadstv.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AXXAOBPE.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AXXAOBPE.txt [ /ads.ad-center.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\H6PJ27V2.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\H6PJ27V2.txt [ /16745-605665.finditquick-splash.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\9Y5I99NZ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\9Y5I99NZ.txt [ /revsci.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\UUQXA2O0.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\UUQXA2O0.txt [ /epilot.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\VR8NR90N.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\VR8NR90N.txt [ /pointroll.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LE6E882C.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LE6E882C.txt [ /ru4.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\XJL2XK9E.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\XJL2XK9E.txt [ /adx2.adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\R5K0YKDO.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\R5K0YKDO.txt [ /display.eclickz.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\YER16S5X.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\YER16S5X.txt [ /find.mysearchmarket.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\FM1DODMS.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\FM1DODMS.txt [ /ads.adk2.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\X3QWPCFZ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\X3QWPCFZ.txt [ /advertising.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\QOEFYHIA.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\QOEFYHIA.txt [ /smgadserver.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\QFD9ZN6K.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\QFD9ZN6K.txt [ /ads.altitude-arena.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\8O21RCY0.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\8O21RCY0.txt [ /burstnet.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\MQ2O7W2F.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\MQ2O7W2F.txt [ /247realmedia.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\ETBLI32R.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\ETBLI32R.txt [ /track.adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Y78IJ4QN.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Y78IJ4QN.txt [ /adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\R1WQFRZ0.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\R1WQFRZ0.txt [ /realmedia.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\8RCPNUWW.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\8RCPNUWW.txt [ /sex.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\JEUBR5X2.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\JEUBR5X2.txt [ /bs.serving-sys.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LA0UZM5C.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LA0UZM5C.txt [ /ads.undertone.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\A4AIZQ72.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\A4AIZQ72.txt [ /www.burstnet.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\6E7L02U0.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\6E7L02U0.txt [ /casalemedia.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\K981YBE5.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\K981YBE5.txt [ /ad.mlnadvertising.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\EKDATZOB.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\EKDATZOB.txt [ /at.atwola.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\DK202TC3.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\DK202TC3.txt [ /adjuggler.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5YECKR35.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5YECKR35.txt [ /adultadworld.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\I63Q6ARB.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\I63Q6ARB.txt [ /delivery.razoradserver.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Z0SJE1JR.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Z0SJE1JR.txt [ /delivery.sradserver.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\L1IHSKTM.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\L1IHSKTM.txt [ /hypertracker.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0VK0TJZT.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0VK0TJZT.txt [ /doubleclick.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\4BO3UY3W.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\4BO3UY3W.txt [ /zedo.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\987VK50K.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\987VK50K.txt [ /atdmt.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3SZ5QUHN.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3SZ5QUHN.txt [ /tacoda.at.atwola.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Q3P3J8RG.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\Q3P3J8RG.txt [ /adtechus.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\TYRP6OYU.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\TYRP6OYU.txt [ /adtech.de ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\GP428LF9.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\GP428LF9.txt [ /imrworldwide.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\FEWS6VRG.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\FEWS6VRG.txt [ /prisacom.112.2o7.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\BDUY2J1H.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\BDUY2J1H.txt [ /uam.rotator.hadj7.adjuggler.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\FCQ2JWSG.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\FCQ2JWSG.txt [ /ads.pointroll.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\K28ZNSDG.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\K28ZNSDG.txt [ /t.pointroll.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5LNO6SVU.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\5LNO6SVU.txt [ /estat.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\2IJ00U7E.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\2IJ00U7E.txt [ /statcounter.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\O2LXZP1T.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\O2LXZP1T.txt [ /questionmarket.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\U2HPE6ND.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\U2HPE6ND.txt [ /fastclick.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\1IPYW4QT.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\1IPYW4QT.txt [ /network.realmedia.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AS29NT45.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AS29NT45.txt [ /tribalfusion.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\KY83SR3G.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\KY83SR3G.txt [ /mediaplex.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\E2SU45TJ.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\E2SU45TJ.txt [ /serving-sys.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\6Q010H85.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\6Q010H85.txt [ /revsci.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0BFVQ2VX.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0BFVQ2VX.txt [ /ru4.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LT7WLP8M.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LT7WLP8M.txt [ /advertising.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LEN46SAO.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\LEN46SAO.txt [ /track.adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\9V918O6D.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\9V918O6D.txt [ /adform.net ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AHT37VEA.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\AHT37VEA.txt [ /ads.undertone.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\UKXKYKUK.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\UKXKYKUK.txt [ /ads.2xbpub.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3WMPOU5I.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\3WMPOU5I.txt [ /casalemedia.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\887SYVI5.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\887SYVI5.txt [ /at.atwola.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0LXSXK68.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\0LXSXK68.txt [ /zedo.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\MRHTM0RA.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\MRHTM0RA.txt [ /tacoda.at.atwola.com ]
    C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\YOU2JW0O.txtC:\Users\Allan\AppData\Roaming\Microsoft\Windows\Cookies\YOU2JW0O.txt [ /traffic.prod.cobaltgroup.com ]
    content.flashtrackz.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XYTPLYM8 ]
    findingfoodguide.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XYTPLYM8 ]
    s0.2mdn.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XYTPLYM8 ]
    secure-uk.imrworldwide.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XYTPLYM8 ]
    secure-us.imrworldwide.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\XYTPLYM8 ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .ad.mlnadvertising.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    track.hubrus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pd0.imp.revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6wmlogmajwdq.stats.esomniture.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .dmtracker.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .amazon-adsystem.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    server.adformdsp.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adformdsp.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .histats.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    Online Marketing Platform - OnToplist.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .s.clickability.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .iluv.clickbooth.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .iluv.clickbooth.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .kontera.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.qsstats.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .myroitracking.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    onclickads.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    onclickads.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    onclickads.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tripod.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tripod.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tripod.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tripod.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .xiti.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .xiti.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    tapstone.rotator.hadj1.adjuggler.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .ar.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .click2apply.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .clickfuse.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .interclick.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .basebanner.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .eyeviewads.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .eyeviewads.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revenuemantra.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    a2.adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    f.blogads.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    f.blogads.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    f.blogads.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .thefind.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .TheFind - EVERY PRODUCT * EVERY STORE [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .lb.web-stat.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .lb.web-stat.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .web-stat.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .clickztrax.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .track.cvlgpq.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .clickztrax.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .bttrack.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .bttrack.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    LinuxQuestions.org [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    LinuxQuestions.org [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .linuxquestions.org [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .linuxquestions.org [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .e-2dj6afl4kod5ebo.stats.esomniture.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .portfoliotracker.usatoday.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .cannedbanners.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    secure.inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    secure.inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    secure.inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    secure.inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    secure.inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    secure.inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .inmatecanteen.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.googleadservices.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .findlaw.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .findlaw.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .findlaw.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .bs.serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .s.clickability.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    c1.adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adform.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .server.cpmstar.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    www.qsstats.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    mmptrack.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .revsci.net [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\ALLAN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\XPPM7ON0.DEFAULT\COOKIES.SQLITE ]

    ============
    End of Log
    ============

    Malwarebytes Anti-Malware
    Malwarebytes | Free Anti-Malware & Internet Security Software

    Scan Date: 12/11/2014
    Scan Time: 8:09:13 AM
    Logfile: mb-2014-12-11.log
    Administrator: No

    Version: 2.00.4.1028
    Malware Database: v2014.12.11.02
    Rootkit Database: v2014.12.08.03
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled

    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Allan

    Scan Type: Threat Scan
    Result: Completed
    Objects Scanned: 396733
    Time Elapsed: 11 min, 14 sec

    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Disabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled

    Processes: 0
    (No malicious items detected)

    Modules: 0
    (No malicious items detected)

    Registry Keys: 0
    (No malicious items detected)

    Registry Values: 4
    PUP.Optional.KeyBar.A, HKU\S-1-5-21-476653230-959638830-2549161364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER\{3F842035-47F4-4F10-846B-6199B07F09B8}, Quarantined, [d3bb223f621a0333b092458427db05fb],
    PUP.Optional.KeyBar.A, HKU\S-1-5-21-476653230-959638830-2549161364-1000-{ED1FC765-E35E-4C3D-BF15-2C2B11260CE4}-0\SOFTWARE\MICROSOFT\INTERNET EXPLORER\TOOLBAR\WEBBROWSER|{3F842035-47F4-4F10-846B-6199B07F09B8}, ???伐?饡羰*?, Quarantined, [d3bb223f621a0333b092458427db05fb]
    PUP.Optional.KeyBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS|{3F842035-47F4-4F10-846B-6199B07F09B8}, Quarantined, [d3bb223f621a0333b092458427db05fb],
    PUP.Optional.KeyBar.A, HKLM\SOFTWARE\WOW6432NODE\MICROSOFT\INTERNET EXPLORER\URLSEARCHHOOKS\{3f842035-47f4-4f10-846b-6199b07f09b8}, Quarantined, [b9d5bba6d8a4c571c181b613b250c937],

    Registry Data: 0
    (No malicious items detected)

    Folders: 0
    (No malicious items detected)

    Files: 60
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (user_pref("extensions.incredibar.admin", false);), Replaced,[f6980b5685f795a11e76138f996c1ce4]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ferences

    /* Do not edit this file.
    *
    * If ), Replaced,[5b335f02502c0d29187c1f831ce9cf31]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (erences

    /* Do not edit this file.
    *
    * If you make ch), Replaced,[0886bca57efe8fa79ff5adf5976e45bb]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (
    /* Do not edit this file.
    *
    * If you make ), Replaced,[4b439bc6a2dad85e6b29980ad332738d]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (eferences

    /* Do not edit this file.
    *
    * If), Replaced,[c8c61a472a52181ecacafea4c83d1de3]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (erences

    /* Do not edit this file.
    *
    * If you), Replaced,[f896263b3f3dc274662ed0d2d1344fb1]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ences

    /* Do not edit this file.
    *
    * If you), Replaced,[8fffd58ceb912f0796feedb5a75ea759]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (erences

    /* Do not edit this file.
    *
    * If you m), Replaced,[602e610093e9d363177d3d65f60fda26]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ces

    /* Do not edit this file.
    *
    * If you ), Replaced,[246ada872e4ed561b1e3cfd3e520b34d]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ferences

    /* Do not edit this file.
    *
    * If you make), Replaced,[e0aee1804e2e42f4bbd9356d11f49070]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (

    /* Do not edit this file.
    *
    * If you make c), Replaced,[f995b3ae6517d165d5bf742e52b39f61]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (rences

    /* Do not edit this file.
    *
    * If you make changes to this file w), Replaced,[6a24db86c0bcf343dfb5772be71e53ad]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (s file.
    *
    * If you make changes to this fil), Replaced,[0c82e0817ffdd2648c08adf551b41ce4]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (eferences

    /* Do not edit this file.
    *
    * If you make changes to this fi), Replaced,[4f3fb9a8e99361d5ccc8e6bcaf56e719]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (is file.
    *
    * If you make changes to this file while the application is), Replaced,[f39bf36e64180135eea6bfe3fc09ba46]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: ( this file.
    *
    * If you make changes to this file while t), Replaced,[dab488d99ddf270f9301a7fb3ec7817f]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (/* Do not edit this file.
    *
    * If you make changes), Replaced,[dbb3e180f587c96d9103356de81d5aa6]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ferences

    /* Do not edit this file.
    *
    * If you ), Replaced,[e5a9d78a770554e20094ebb785809a66]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ferences

    /* Do not edit this file.
    *
    * If you m), Replaced,[226c263b67155adc4e46772bfc0904fc]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (es

    /* Do not edit this file.
    *
    * If you make chang), Replaced,[95f9d68b64182c0aa9ebf3af38cd0ef2]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (rences

    /* Do not edit this file.
    *
    * If you make changes to), Replaced,[9fefb7aae89432046e26732fc2437a86]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (not edit this file.
    *
    * If you make changes to th), Replaced,[8a044f123448c96d0f85b0f2fc09b749]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ces

    /* Do not edit this file.
    *
    * If you m), Replaced,[701e85dcd9a3dd59aaea2979c3421ae6]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (erences

    /* Do not edit this file.
    *
    * If you ), Replaced,[d4ba85dcf8844de9ccc8aff362a3758b]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (nces

    /* Do not edit this file.
    *
    * If y), Replaced,[0f7f76eb86f6a591e7adf4ae52b338c8]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (references

    /* Do not edit this file.
    *
    * If you ), Replaced,[92fc40212a520531b0e4317101047c84]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (s

    /* Do not edit this file.
    *
    * If you make ), Replaced,[8806baa7d0ac1f17f3a1bae839cc8d73]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ences

    /* Do not edit this file.
    *
    * If you make ch), Replaced,[fe907ae716660234d6becbd71bea6f91]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (

    /* Do not edit this file.
    *
    * If you make changes ), Replaced,[a1ed66fb7a025dd96b290e944bbacb35]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (

    /* Do not edit this file.
    *
    * If you ma), Replaced,[7e10e57c29530e285143950df70ee51b]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (references

    /* Do not edit this file.
    *
    * If ), Replaced,[2b63b7aa3646ff3783110c9632d337c9]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ences

    /* Do not edit this file.
    *
    * If you m), Replaced,[2a645b063c40072f5b391a880afbc739]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ences

    /* Do not edit this file.
    *
    * I), Replaced,[701e74ed5a2216207d179c0627de659b]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: ( Preferences

    /* Do not edit this file.
    *
    *), Replaced,[97f7204184f8bf77ddb7e6bc9e675ca4]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (erences

    /* Do not edit this file.
    *
    * If yo), Replaced,[028c6bf6b7c5a393e7adbae8f411de22]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (rences

    /* Do not edit this file.
    *
    * If you make changes to this file while the application is running,
    * th), Replaced,[107e2140bdbf53e35242d3cfbd48d030]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (this file while the application is running,
    * th), Replaced,[d6b8b0b1c5b743f3652f9b0746bf28d8]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (this file while the application is running,
    * the ch), Replaced,[a6e8afb25a22e94dc5cfbce636cfca36]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (es

    /* Do not edit this file.
    *
    * If you make changes to), Replaced,[830bbca5720a68ced1c38c168184dc24]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: ( Do not edit this file.
    *
    * If you make changes t), Replaced,[7d11dc850577a69095ffb4ee679e9c64]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ces

    /* Do not edit this file.
    *
    * If you make changes t), Replaced,[f49a85dc3c402016daba416126df0bf5]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: ( Do not edit this file.
    *
    * If you make changes to), Replaced,[236b2c353d3f0531e5af386aa85dfe02]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: ( Do not edit this file.
    *
    * If you make changes), Replaced,[f995c69bd5a781b5dfb5109250b5bf41]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (rences

    /* Do not edit this file.
    *
    * If you m), Replaced,[6c22233e4d2f0234534190122dd826da]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (nces

    /* Do not edit this file.
    *
    * If you make changes to this file w), Replaced,[2569bca5ccb0cf67bdd7dec43cc94bb5]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (his file.
    *
    * If you make changes to this file while the a), Replaced,[8a047be64933c2749cf8aaf802037c84]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: ( Do not edit this file.
    *
    * If you make changes to ), Replaced,[800ee27f007c68ce3c58297991746c94]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (s

    /* Do not edit this file.
    *
    * If you make), Replaced,[622c74ed77052214eea66c369d6827d9]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (rences

    /* Do not edit this file.
    *
    * If you ), Replaced,[a9e5f869e9939d996430e1c1bc49c33d]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ences

    /* Do not edit this file.
    *
    * If yo), Replaced,[92fc9fc21e5e999d494b554d4fb6c33d]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (

    /* Do not edit this file.
    *
    * If you make chan), Replaced,[ff8f5b06cfad8ea8d9bb039f7194e21e]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ces

    /* Do not edit this file.
    *
    * If you make change), Replaced,[cbc374ed81fb2214a1f36b3713f240c0]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (
    /* Do not edit this file.
    *
    * If you make change), Replaced,[890597ca65173afce2b2317132d3b848]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (ces

    /* Do not edit this file.
    *
    * If you make), Replaced,[aae4cd945824ac8a99fb51515ca92ad6]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (nces

    /* Do not edit this file.
    *
    * If you make changes to this file while the application is running,
    * the ch), Replaced,[7a145110e39990a60d874e547a8b9e62]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (is file while the application is running,
    * the change), Replaced,[aee0fe63c3b9ca6cb9db1a88749129d7]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (

    /* Do not edit this file.
    *
    * If you make changes to thi), Replaced,[a8e65b06641833037123168c37cea759]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (o not edit this file.
    *
    * If you make changes to th), Replaced,[404e9cc59fddf541484c723020e557a9]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (s

    /* Do not edit this file.
    *
    * If you make changes to th), Replaced,[9af4da876b116ec8f4a0960cdf267888]
    PUP.Optional.Incredibar.A, C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\prefs.js, Good: (), Bad: (o not edit this file.
    *
    * If you make changes to thi), Replaced,[3e50aab74b317bbb2272d9c9867f58a8]

    Physical Sectors: 0
    (No malicious items detected)


    (end)


    Logfile of Trend Micro HijackThis v2.0.4
    Scan saved at 8:34:53 AM, on 12/11/2014
    Platform: Windows 7 SP1 (WinNT 6.00.3505)
    MSIE: Internet Explorer v11.0 (11.00.9600.17420)
    Boot mode: Normal

    Running processes:
    C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe
    C:\Program Files (x86)\Skype\Phone\Skype.exe
    C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    C:\Program Files (x86)\Winamp\winampa.exe
    C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
    C:\Program Files (x86)\iTunes\iTunesHelper.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    C:\Program Files (x86)\SkypeMate\SkypeMate.exe
    C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
    C:\Program Files (x86)\eclipse\eclipse.exe
    C:\Program Files (x86)\Crimson Editor\cedt.exe
    C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
    C:\Program Files (x86)\SourceOffSite\sos.exe
    C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    C:\Program Files (x86)\Winamp\winamp.exe
    C:\Program Files (x86)\Trend Micro\HiJackThis\HiJackThis.exe

    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Bar = Preserve
    R1 - HKCU\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = WND - A Free Press for a Free People
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = msn
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = Bing
    R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = Bing
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = msn
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,SearchAssistant =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Search,CustomizeSearch =
    R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
    R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName =
    F2 - REG:system.ini: UserInit=userinit.exe,
    O1 - Hosts: 209.17.183.113 vandevss
    O2 - BHO: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\PROGRA~2\MICROS~1\Office14\GROOVEEX.DLL
    O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
    O2 - BHO: URLRedirectionBHO - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\PROGRA~2\MICROS~1\Office14\URLREDIR.DLL
    O4 - HKLM\..\Run: [NUSB3MON] "C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe"
    O4 - HKLM\..\Run: [WinampAgent] "C:\Program Files (x86)\Winamp\winampa.exe"
    O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe"
    O4 - HKLM\..\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] "C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe" -minimized
    O4 - HKLM\..\Run: [iTunesHelper] "C:\Program Files (x86)\iTunes\iTunesHelper.exe"
    O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files (x86)\QuickTime\QTTask.exe" -atboottime
    O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
    O4 - HKLM\..\Run: [AvastUI.exe] "C:\Program Files\AVAST Software\Avast\AvastUI.exe" /nogui
    O4 - HKCU\..\Run: [Sidebar] C:\Program Files\Windows Sidebar\sidebar.exe /autoRun
    O4 - HKCU\..\Run: [MoneyInsights] "C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe"
    O4 - HKCU\..\Run: [OfficeSyncProcess] "C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE"
    O4 - HKCU\..\Run: [Skype] "C:\Program Files (x86)\Skype\Phone\Skype.exe" /minimized /regrun
    O4 - HKCU\..\Run: [SUPERAntiSpyware] C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    O4 - Startup: OneNote 2010 Screen Clipper and Launcher.lnk = C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    O4 - Startup: OpenOffice.org 3.3.lnk = C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe
    O4 - Startup: SkypeMate.lnk = C:\Program Files (x86)\SkypeMate\SkypeMate.exe
    O4 - Startup: USBKVM Switcher.lnk = C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
    O4 - Global Startup: Microsoft Outlook 2010.lnk = ?
    O4 - Global Startup: vpngui.exe.lnk = ?
    O9 - Extra button: Send to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra 'Tools' menuitem: Se&nd to OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIE.dll
    O9 - Extra button: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O9 - Extra 'Tools' menuitem: OneNote Lin&ked Notes - {789FE86F-6FC4-46A1-9849-EDE0DB0C95CA} - C:\Program Files (x86)\Microsoft Office\Office14\ONBttnIELinkedNotes.dll
    O11 - Options group: [ACCELERATED_GRAPHICS] Accelerated graphics
    O16 - DPF: {254AA86E-5655-4518-AA87-185D7CC41801} (LogMeIn Rescue Technician Console) - https://secure.logmeinrescue.com/Tec...cueControl.cab
    O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000} (Shockwave Flash Object) - http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    O17 - HKLM\System\CCS\Services\Tcpip\..\{05BF0749-5E38-4807-9FD7-7BB6ECF99E66}: Domain = timemgmtcorp.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{47D65AC1-139A-421E-B4B4-372CF32ADDF7}: Domain = timemgmtcorp.com
    O17 - HKLM\System\CCS\Services\Tcpip\..\{47D65AC1-139A-421E-B4B4-372CF32ADDF7}: NameServer = 10.10.10.135
    O17 - HKLM\System\CS1\Services\Tcpip\..\{05BF0749-5E38-4807-9FD7-7BB6ECF99E66}: Domain = timemgmtcorp.com
    O17 - HKLM\System\CS2\Services\Tcpip\..\{05BF0749-5E38-4807-9FD7-7BB6ECF99E66}: Domain = timemgmtcorp.com
    O18 - Protocol: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\PROGRA~2\COMMON~1\Skype\SKYPE4~1.DLL
    O18 - Filter hijack: text/xml - {807573E5-5146-11D5-A672-00B0D022E945} - C:\Program Files (x86)\Common Files\Microsoft Shared\OFFICE14\MSOXMLMF.DLL
    O23 - Service: SAS Core Service (!SASCORE) - SUPERAntiSpyware.com - C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    O23 - Service: Adobe Acrobat Update Service (AdobeARMservice) - Adobe Systems Incorporated - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
    O23 - Service: Agere Modem Call Progress Audio (AgereModemAudio) - LSI Corporation - C:\Program Files\LSI SoftModem\agr64svc.exe
    O23 - Service: @%SystemRoot%\system32\Alg.exe,-112 (ALG) - Unknown owner - C:\windows\System32\alg.exe (file missing)
    O23 - Service: Apple Mobile Device - Apple Inc. - C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    O23 - Service: Bonjour Service - Apple Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
    O23 - Service: Intel(R) Content Protection HECI Service (cphs) - Intel Corporation - C:\windows\SysWow64\IntelCpHeciSvc.exe
    O23 - Service: Cisco Systems, Inc. VPN Service (CVPND) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
    O23 - Service: ShrewSoft DNS Proxy Daemon (dtpd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
    O23 - Service: @%SystemRoot%\system32\efssvc.dll,-100 (EFS) - Unknown owner - C:\windows\System32\lsass.exe (file missing)
    O23 - Service: Fax - Unknown owner - C:\windows\system32\fxssvc.exe (file missing)
    O23 - Service: Sentinel LDK License Manager (hasplms) - Unknown owner - C:\windows\system32\hasplms.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\ieetwcollectorres.dll,-1000 (IEEtwCollectorService) - Unknown owner - C:\windows\system32\IEEtwCollector.exe (file missing)
    O23 - Service: ShrewSoft IKE Daemon (iked) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\iked.exe
    O23 - Service: iPod Service - Apple Inc. - C:\Program Files\iPod\bin\iPodService.exe
    O23 - Service: ShrewSoft IPSEC Daemon (ipsecd) - Unknown owner - C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
    O23 - Service: @keyiso.dll,-100 (KeyIso) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application Local Management Service (LMS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files (x86)\Mozilla Maintenance Service\maintenanceservice.exe
    O23 - Service: @comres.dll,-2797 (MSDTC) - Unknown owner - C:\windows\System32\msdtc.exe (file missing)
    O23 - Service: @%SystemRoot%\System32\netlogon.dll,-102 (Netlogon) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\psbase.dll,-300 (ProtectedStorage) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%systemroot%\system32\Locator.exe,-2 (RpcLocator) - Unknown owner - C:\windows\system32\locator.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\samsrv.dll,-1 (SamSs) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: Skype Updater (SkypeUpdate) - Skype Technologies - C:\Program Files (x86)\Skype\Updater\Updater.exe
    O23 - Service: @%SystemRoot%\system32\snmptrap.exe,-3 (SNMPTRAP) - Unknown owner - C:\windows\System32\snmptrap.exe (file missing)
    O23 - Service: @%systemroot%\system32\spoolsv.exe,-1 (Spooler) - Unknown owner - C:\windows\System32\spoolsv.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\sppsvc.exe,-101 (sppsvc) - Unknown owner - C:\windows\system32\sppsvc.exe (file missing)
    O23 - Service: Steam Client Service - Valve Corporation - C:\Program Files (x86)\Common Files\Steam\SteamService.exe
    O23 - Service: @%SystemRoot%\system32\ui0detect.exe,-101 (UI0Detect) - Unknown owner - C:\windows\system32\UI0Detect.exe (file missing)
    O23 - Service: Intel(R) Management and Security Application User Notification Service (UNS) - Intel Corporation - C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    O23 - Service: @%SystemRoot%\system32\vaultsvc.dll,-1003 (VaultSvc) - Unknown owner - C:\windows\system32\lsass.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\vds.exe,-100 (vds) - Unknown owner - C:\windows\System32\vds.exe (file missing)
    O23 - Service: Cisco AnyConnect Secure Mobility Agent (vpnagent) - Cisco Systems, Inc. - C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
    O23 - Service: @%systemroot%\system32\vssvc.exe,-102 (VSS) - Unknown owner - C:\windows\system32\vssvc.exe (file missing)
    O23 - Service: @%SystemRoot%\system32\Wat\WatUX.exe,-601 (WatAdminSvc) - Unknown owner - C:\windows\system32\Wat\WatAdminSvc.exe (file missing)
    O23 - Service: @%systemroot%\system32\wbengine.exe,-104 (wbengine) - Unknown owner - C:\windows\system32\wbengine.exe (file missing)
    O23 - Service: @%Systemroot%\system32\wbem\wmiapsrv.exe,-110 (wmiApSrv) - Unknown owner - C:\windows\system32\wbem\WmiApSrv.exe (file missing)
    O23 - Service: @%PROGRAMFILES%\Windows Media Player\wmpnetwk.exe,-101 (WMPNetworkSvc) - Unknown owner - C:\Program Files (x86)\Windows Media Player\wmpnetwk.exe (file missing)

    --
    End of file - 11582 bytes

  2. #2
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Default

    On 12/9 I removed MS Security Essentials and installed Avast (Free). Since then Avast has popped up a message saying something like it blocked malware activity from explorer.exe a handful of times.

  3. #3
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Default

    The Avast explorer message popped up again, so I grabbed it.
    Avast-explorer.png

  4. #4
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Allans,

    Sorry for the delay in responding.

    Please download Farbar Recovery Scan Tool and save it to your desktop.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Copy FRST to the desktop of the infected system
    • Right click to run as administrator (XP users click run after receipt of Windows Security Warning - Open File). When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will produce a log called FRST.txt in the same directory the tool is run from.
    • Please copy and paste log back here.
    • The first time the tool is run it generates another log (Addition.txt - also located in the same directory as FRST.exe/FRST64.exe). Please also paste that along with the FRST.txt into your reply.


    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  5. #5
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Default

    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 11-12-2014 03
    Ran by Allan at 2014-12-11 17:32:39
    Running from C:\Users\Allan\Desktop
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    (If an entry is included in the fixlist, it will be removed.)

    AV: avast! Antivirus (Enabled - Up to date) {17AD7D40-BA12-9C46-7131-94903A54AD8B}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: avast! Antivirus (Enabled - Up to date) {ACCC9CA4-9C28-93C8-4B81-AFE241D3E736}

    ==================== Installed Programs ======================

    (Only the adware programs with "hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)

    Tools for .Net 3.5 (x32 Version: 3.11.50727 - Microsoft Corporation) Hidden
    7-Zip 9.22beta (HKLM-x32\...\7-Zip) (Version: - )
    Acer System Information (HKLM-x32\...\{72199E33-4F2A-4B7F-8E25-95DDDD50A678}) (Version: 1.0.0 - Acer)
    Adobe AIR (HKLM-x32\...\Adobe AIR) (Version: 15.0.0.356 - Adobe Systems Incorporated)
    Adobe Flash Player 15 ActiveX (HKLM-x32\...\Adobe Flash Player ActiveX) (Version: 15.0.0.239 - Adobe Systems Incorporated)
    Adobe Flash Player 15 Plugin (HKLM-x32\...\Adobe Flash Player Plugin) (Version: 15.0.0.239 - Adobe Systems Incorporated)
    Adobe Reader XI (11.0.09) (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AB0000000001}) (Version: 11.0.09 - Adobe Systems Incorporated)
    Agent Ransack 2010 (64-bit) (HKLM\...\Agent Ransack (64-bit)_is1) (Version: - )
    Apple Application Support (HKLM-x32\...\{83CAF0DE-8D3B-4C37-A631-2B8F16EC3031}) (Version: 3.1 - Apple Inc.)
    Apple Mobile Device Support (HKLM\...\{BDD99690-3541-4619-9D2A-3CDDB3E15F9E}) (Version: 8.0.5.6 - Apple Inc.)
    Apple Software Update (HKLM-x32\...\{789A5B64-9DD9-4BA5-915A-F0FC0A1B7BFE}) (Version: 2.1.3.127 - Apple Inc.)
    Avast Free Antivirus (HKLM-x32\...\Avast) (Version: 10.0.2208 - AVAST Software)
    Blend for Visual Studio 2012 (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio 2012 ENU resources (x32 Version: 5.0.30709.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio Add-in for Adobe FXG Import (x32 Version: 1.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for .NET 4.5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Blend for Visual Studio SDK for Silverlight 5 (x32 Version: 3.0.40218.0 - Microsoft Corporation) Hidden
    Bonjour (HKLM\...\{6E3610B2-430D-4EB0-81E3-2B57E8B9DE8D}) (Version: 3.0.0.10 - Apple Inc.)
    Canon MP Navigator EX 3.1 (HKLM-x32\...\MP Navigator EX 3.1) (Version: - )
    CCleaner (HKLM\...\CCleaner) (Version: 4.15 - Piriform)
    Cisco AnyConnect Secure Mobility Client (HKLM-x32\...\Cisco AnyConnect Secure Mobility Client) (Version: 3.1.00495 - Cisco Systems, Inc.)
    Cisco AnyConnect Secure Mobility Client (x32 Version: 3.1.00495 - Cisco Systems, Inc.) Hidden
    Cisco Systems VPN Client 5.0.07.0290 (HKLM\...\{467D5E81-8349-4892-9E81-C3674ED8E451}) (Version: 5.0.7 - Cisco Systems, Inc.)
    Command & Conquer™ 4 Tiberian Twilight (HKLM-x32\...\{82696435-8572-4D8B-A230-D1AA567D0F0F}) (Version: 1.0.0.0 - Electronic Arts)
    Crimson Editor (remove only) (HKLM-x32\...\Crimson Editor) (Version: - )
    Crystal Reports Basic Runtime for Visual Studio 2008 (x64) (HKLM\...\{2BFA9B05-7418-4EDE-A6FC-620427BAAAA3}) (Version: 10.5.0.0 - Business Objects)
    DJ Java Decompiler v.3.2.2.67 (HKLM-x32\...\{8AD2EA30-5049-11D4-A08E-0080AD97BBF5}) (Version: 1.7 - Copyright (c) Atanas Neshkov 2002)
    Dotfuscator and Analytics Community Edition (x32 Version: 5.5.4521.29298 - PreEmptive Solutions) Hidden
    Entity Framework Designer for Visual Studio 2012 - enu (HKLM-x32\...\{3F29268A-F53A-4387-9F2B-E9368A823178}) (Version: 11.1.30729.00 - Microsoft Corporation)
    FileZilla Client 3.5.3 (HKLM-x32\...\FileZilla Client) (Version: 3.5.3 - FileZilla Project)
    Free Stopwatch 2.7.0 (HKLM-x32\...\{A1FAC1AF-5615-47FE-B5C8-5E981EC8522B}_is1) (Version: 2.7 - Comfort Software Group)
    FreeFileSync 5.22 (HKLM-x32\...\FreeFileSync) (Version: 5.22 - Zenju)
    FreeFixer (HKLM-x32\...\FreeFixer1.09) (Version: 1.09 - Kephyr)
    Google Earth Plug-in (HKLM-x32\...\{4AB54F11-2F8C-11E3-B09F-B8AC6F97B88E}) (Version: 7.1.2.2041 - Google)
    Google Update Helper (x32 Version: 1.3.24.15 - Google Inc.) Hidden
    GoToMeeting 5.1.0.880 (HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\GoToMeeting) (Version: 5.1.0.880 - CitrixOnline)
    Grand Ages Rome Gold (HKLM-x32\...\GrandAgesRomeGold) (Version: 2.02 - Kalypso Media)
    GSplit 3 (HKLM-x32\...\GSplit3Set) (Version: 3.0.1.0 - G.D.G. Software)
    HiJackThis (HKLM-x32\...\{45A66726-69BC-466B-A7A4-12FCBA4883D7}) (Version: 1.0.0 - Trend Micro)
    IIS 8.0 Express (HKLM\...\{7BF61FA9-BDFB-4563-98AD-FCB0DA28CCC7}) (Version: 8.0.1557 - Microsoft Corporation)
    IIS Express Application Compatibility Database for x64 (HKLM\...\{9f4f4a9b-eec5-4906-92fe-d1f43ccf5c8d}.sdb) (Version: - )
    IIS Express Application Compatibility Database for x86 (HKLM\...\{fdfba1f3-74ae-4255-9c10-a0f552b4610f}.sdb) (Version: - )
    Inno Setup version 5.4.2 (HKLM-x32\...\Inno Setup 5_is1) (Version: 5.4.2 - Jordan Russell)
    Innova OBD PC-Link (HKLM-x32\...\{1496931F-052B-4E43-8B8F-9CD55BFC4D75}) (Version: 1.2.14.0 - Innova Electronics)
    Intel(R) Control Center (HKLM-x32\...\{F8A9085D-4C7A-41a9-8A77-C8998A96C421}) (Version: 1.2.1.1007 - Intel Corporation)
    Intel(R) Management Engine Components (HKLM-x32\...\{65153EA5-8B6E-43B6-857B-C6E4FC25798A}) (Version: 7.0.0.1144 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 9.17.10.3347 - Intel Corporation)
    iTunes (HKLM\...\{2ABBBD91-91E5-4AD7-929A-FE15D1DC0576}) (Version: 12.0.1.26 - Apple Inc.)
    Java 7 Update 71 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F03217071FF}) (Version: 7.0.710 - Oracle)
    Java 8 Update 25 (HKLM-x32\...\{26A24AE4-039D-4CA4-87B4-2F83218025F0}) (Version: 8.0.250 - Oracle Corporation)
    JavaScript Tooling (Version: 11.0.60315 - Microsoft Corporation) Hidden
    KDiff3 (remove only) (HKLM-x32\...\KDiff3) (Version: - )
    Launch4j 3.0.2 (HKLM-x32\...\Launch4j) (Version: 3.0.2 - Grzegorz Kowal)
    Legacy 7.5 (HKLM-x32\...\Legacy 7.5) (Version: 7.5 - Millennia Corporation)
    LG VZW United Drivers (HKLM-x32\...\{AAAB3333-0F97-4A5D-B725-FFD7E7450FD9}) (Version: 2.14.1 - LG Electronics)
    LocalESPC (x32 Version: 8.59.25584 - Microsoft Corporation) Hidden
    LocalESPCui for en-us (x32 Version: 8.59.25584 - Microsoft) Hidden
    Logitech Harmony Remote Software (HKLM-x32\...\{634F79E1-2A41-4C40-9E8D-89EC740AC9D6}) (Version: 1.0.110307 - Logitech)
    LogMeIn Client (HKLM-x32\...\{0952A0F1-1B10-4382-A4C1-49752AB315EB}) (Version: 1.3.435 - LogMeIn, Inc.)
    LogMeIn Rescue Technician Console (HKLM-x32\...\{7A501E32-91D4-4098-9484-50D0B8919AE1}) (Version: 7.1.1257 - LogMeIn, Inc.)
    LSI PCI-SV92EX Soft Modem (HKLM\...\LSI Soft Modem) (Version: 2.2.100 - LSI Corporation)
    Malwarebytes Anti-Malware version 2.0.4.1028 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.0.4.1028 - Malwarebytes Corporation)
    Microsoft .NET Framework 4.5 Multi-Targeting Pack (HKLM-x32\...\{5CBFF3F3-2D40-34EE-BCA5-A95BC19E400D}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5 SDK (HKLM-x32\...\{1948E039-EC79-4591-951D-9867A8C14C90}) (Version: 4.5.50709 - Microsoft Corporation)
    Microsoft .NET Framework 4.5.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.5.50938 - Microsoft Corporation)
    Microsoft ASP.NET MVC 3 (HKLM-x32\...\{D32EF103-4016-4C15-BCB0-700C0A7A2309}) (Version: 3.0.50813.0 - Microsoft Corporation)
    Microsoft ASP.NET MVC 4 Runtime (HKLM-x32\...\{3FE312D5-B862-40CE-8E4E-A6D8ABF62736}) (Version: 4.0.40804.0 - Microsoft Corporation)
    Microsoft ASP.NET Web Pages (HKLM-x32\...\{631471BE-DEAB-454B-A9AC-CE3EB42C28B3}) (Version: 1.0.20105.0 - Microsoft Corporation)
    Microsoft Document Explorer 2008 (HKLM-x32\...\Microsoft Document Explorer 2008) (Version: - Microsoft Corporation)
    Microsoft Help Viewer 2.0 (HKLM-x32\...\Microsoft Help Viewer 2.0) (Version: 2.0.50727 - Microsoft Corporation)
    Microsoft Money Plus (HKLM-x32\...\Money2008b) (Version: 17 - Microsoft)
    Microsoft Office 2003 Web Components (HKLM-x32\...\{90120000-00A4-0409-0000-0000000FF1CE}) (Version: 12.0.6213.1000 - Microsoft Corporation)
    Microsoft Office Professional Plus 2010 (HKLM\...\Office14.PROPLUSR) (Version: 14.0.7015.1000 - Microsoft Corporation)
    Microsoft Report Viewer Redistributable 2008 SP1 (HKLM-x32\...\Microsoft Report Viewer Redistributable 2008 (KB971119)) (Version: - Microsoft Corporation)
    Microsoft Silverlight (HKLM\...\{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}) (Version: 5.1.30514.0 - Microsoft Corporation)
    Microsoft Silverlight 4 SDK (HKLM-x32\...\{189AEA94-DAFB-487A-8CEE-F9D3DDE0A748}) (Version: 4.0.60310.0 - Microsoft Corporation)
    Microsoft Silverlight 5 SDK (HKLM-x32\...\{E1FBB3D4-ADB0-4949-B101-855DA061C735}) (Version: 5.0.61118.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 (64-bit) (HKLM\...\Microsoft SQL Server 2008 R2) (Version: - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Native Client (HKLM\...\{471AAD2C-9078-4DAC-BD43-FA10FB7C3FCE}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Policies (HKLM-x32\...\{D21BC5B2-CBAC-48FA-A701-B5A63C1CA7B8}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server 2008 R2 Setup (English) (HKLM\...\{01078B88-2981-4F75-96B0-8B22E2D2DE03}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server 2008 Setup Support Files (HKLM\...\{B40EE88B-400A-4266-A17B-E3DE64E94431}) (Version: 10.1.2731.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Command Line Utilities (HKLM\...\{9D573E71-1077-4C7E-B4DB-4E22A5D2B48B}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM\...\{36E619BC-A234-4EC3-849B-779A7C865A45}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Data-Tier App Framework (HKLM-x32\...\{FBA6F90E-36EC-4FC9-9B25-3834E3BD46A8}) (Version: 11.0.2316.0 - Microsoft Corporation)
    Microsoft SQL Server 2012 Express LocalDB (HKLM\...\{13D558FE-A863-402C-B115-160007277033}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (HKLM-x32\...\{DA1C1761-5F4F-4332-AB9D-29EDF3F8EA0A}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Management Objects (x64) (HKLM\...\{FA0A244E-F3C2-4589-B42A-3D522DE79A42}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Native Client (HKLM\...\{49D665A2-4C2A-476E-9AB8-FCC425F526FC}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL Compiler Service (HKLM\...\{BEB0F91E-F2EA-48A1-B938-7857ABF2A93D}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 Transact-SQL ScriptDom (HKLM\...\{0E8670B8-3965-4930-ADA6-570348B67153}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server 2012 T-SQL Language Service (HKLM-x32\...\{6D6D43E5-218C-4B05-92D3-2240810F4760}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft SQL Server Browser (HKLM-x32\...\{BF9BF038-FE03-429D-9B26-2FA0FD756052}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 ENU (HKLM-x32\...\{3A9FC03D-C685-4831-94CF-4EDFD3749497}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 Query Tools ENU (HKLM-x32\...\{DDFD8348-058C-4F4B-85E5-6D740D4AB3FE}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 3.5 SP2 x64 ENU (HKLM\...\{D4AD39AD-091E-4D33-BB2B-59F6FCB8ADC3}) (Version: 3.5.8080.0 - Microsoft Corporation)
    Microsoft SQL Server Compact 4.0 SP1 x64 ENU (HKLM\...\{78909610-D229-459C-A936-25D92283D3FD}) (Version: 4.0.8876.1 - Microsoft Corporation)
    Microsoft SQL Server Data Tools - enu (11.1.20627.00) (HKLM-x32\...\{FA804794-2CCB-4301-954F-2C2894698876}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server Data Tools Build Utilities - enu (11.1.20627.00) (HKLM-x32\...\{790E9425-8570-493F-9AE7-81AFC9E46930}) (Version: 11.1.20627.00 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (HKLM-x32\...\{A47FD1BF-A815-4A76-BE65-53A15BD5D25D}) (Version: 10.50.1600.1 - Microsoft Corporation)
    Microsoft SQL Server System CLR Types (x64) (HKLM\...\{4701DEDE-1888-49E0-BAE5-857875924CA2}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft SQL Server VSS Writer (HKLM\...\{288D79EE-A2D1-42AF-9597-B0ADCC23A8ED}) (Version: 10.51.2500.0 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (HKLM-x32\...\{E2082604-4BA5-44BB-BBFB-AF0F3CB8C6AB}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft System CLR Types for SQL Server 2012 (x64) (HKLM\...\{F1949145-EB64-4DE7-9D81-E6D27937146C}) (Version: 11.0.2100.60 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{4FFA2088-8317-3B14-93CD-4C699DB37843}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.4148 (HKLM\...\{4B6C7001-C7D6-3710-913E-5BC23FCE91E6}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (HKLM-x32\...\{3C3D696B-0DB7-3C6D-A356-3DB8CE541918}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (HKLM\...\Microsoft Visual Studio 2010 Tools for Office Runtime (x64)) (Version: 10.0.50903 - Microsoft Corporation)
    Microsoft Visual Studio Professional 2012 (HKLM-x32\...\{17c2e197-cf26-443b-8beb-53151940df3f}) (Version: 11.0.50727.1 - Microsoft Corporation)
    Microsoft Visual Studio Tools for Applications 2.0 - ENU (HKLM-x32\...\{4ECF4BDC-8387-329A-ABE9-CF5798F84BB2}) (Version: 9.0.35191 - Microsoft Corporation)
    Microsoft Web Deploy 3.5 (HKLM\...\{3674F088-9B90-473A-AAC3-20A00D8D810C}) (Version: 3.1237.1762 - Microsoft Corporation)
    Microsoft Web Deploy dbSqlPackage Provider - enu (HKLM-x32\...\{E4C33F5B-1B2F-466E-957E-B274F08151A0}) (Version: 10.3.20225.0 - Microsoft Corporation)
    Microsoft Web Platform Installer 4.0 (HKLM\...\{E2B8249D-895C-4685-8C83-00F3B1A13028}) (Version: 4.0.1622 - Microsoft Corporation)
    Mozilla Firefox 34.0.5 (x86 en-US) (HKLM-x32\...\Mozilla Firefox 34.0.5 (x86 en-US)) (Version: 34.0.5 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 29.0.1 - Mozilla)
    Notepad++ (HKLM-x32\...\Notepad++) (Version: 5.9 - )
    OpenOffice.org 3.3 (HKLM-x32\...\{3E171899-0175-47CC-84C4-562ACDD4C021}) (Version: 3.3.9567 - OpenOffice.org)
    Paint.NET v3.5.10 (HKLM\...\{529125EF-E3AC-4B74-97E6-F688A7C0F1C0}) (Version: 3.60.0 - dotPDN LLC)
    PL-2303 USB-to-Serial (HKLM-x32\...\{ECC3713C-08A4-40E3-95F1-7D0704F1CE5E}) (Version: 1.00.000 - Prolific Technology INC)
    PreEmptive Analytics Visual Studio Components (x32 Version: 1.0.2180.1 - PreEmptive Solutions) Hidden
    Prerequisites for SSDT (HKLM-x32\...\{9169C939-ED01-446A-BD0C-29873BAF4E48}) (Version: 11.0.2100.60 - Microsoft Corporation)
    QuickTime 7 (HKLM-x32\...\{3D2CBC2C-65D4-4463-87AB-BB2C859C1F3E}) (Version: 7.76.80.95 - Apple Inc.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.37.1229.2010 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.6282 - Realtek Semiconductor Corp.)
    Renesas Electronics USB 3.0 Host Controller Driver (HKLM-x32\...\InstallShield_{5442DAB8-7177-49E1-8B22-09A049EA5996}) (Version: 2.0.32.0 - Renesas Electronics Corporation)
    Renesas Electronics USB 3.0 Host Controller Driver (x32 Version: 2.0.32.0 - Renesas Electronics Corporation) Hidden
    RSA SecurID Software Token (HKLM-x32\...\{1E7941DC-32F1-467D-8351-8955A038A76E}) (Version: 4.1.1 - RSA, The Security Division of EMC)
    SDFormatter (HKLM-x32\...\{A5355F15-F98B-4704-9BAE-E53B9FE48F48}) (Version: 3.1.0 - SD Association)
    Service Pack 1 for SQL Server 2008 R2 (KB2528583) (64-bit) (HKLM\...\KB2528583) (Version: 10.51.2500.0 - Microsoft Corporation)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (HKLM\...\{91140000-0011-0000-1000-0000000FF1CE}_Office14.PROPLUSR_{A3364707-2F53-4C83-8F68-C9877A9080C7}) (Version: - Microsoft)
    Service Pack 2 for Microsoft Office 2010 (KB2687455) 64-Bit Edition (Version: - Microsoft) Hidden
    Shrew Soft VPN Client (HKLM\...\Shrew Soft VPN Client) (Version: - )
    Sid Meier's Civilization V (HKLM-x32\...\Steam App 8930) (Version: - Firaxis Games)
    SkypeMate (HKLM-x32\...\SkypeMate) (Version: - SkypeMate)
    Skype™ 6.21 (HKLM-x32\...\{24991BA0-F0EE-44AD-9CC8-5EC50AECF6B7}) (Version: 6.21.104 - Skype Technologies S.A.)
    SoapUI 4.6.4 4.6.4 (HKLM-x32\...\5517-2803-0637-4585) (Version: 4.6.4 - SmartBear Software)
    SourceOffSite 4.1.2 Client (HKLM-x32\...\{363FC0DD-7646-4E08-B8BA-0A9489051A17}) (Version: 4.1.2 - SourceGear LLC)
    SourceOffSite Classic Client 3.5.3 (HKLM-x32\...\SourceOffSite Classic Client 3.5.3) (Version: - )
    SQL Server 2008 R2 SP1 Client Tools (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP1 Common Files (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP1 Database Engine Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP1 Database Engine Shared (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP1 Full text search (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP1 Integration Services (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    SQL Server 2008 R2 SP1 Management Studio (Version: 10.51.2500.0 - Microsoft Corporation) Hidden
    Sql Server Customer Experience Improvement Program (Version: 10.50.1600.1 - Microsoft Corporation) Hidden
    Steam (HKLM-x32\...\{048298C9-A4D3-490B-9FF9-AB023A9238F3}) (Version: 1.0.0.0 - Valve Corporation)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1164 - SUPERAntiSpyware.com)
    Sysinternals Suite version 2012.9.10 (HKLM-x32\...\Sysinternals Suite_is1) (Version: 2012.9.10 - )
    TestTrack (HKLM-x32\...\TestTrack) (Version: - )
    Trendnet USBKVM Switcher (HKLM-x32\...\Trendnet USBKVM Switcher_is1) (Version: - )
    Update for (KB2504637) (HKLM-x32\...\{CFEF48A8-BFB8-3EAC-8BA5-DE4F8AA267CE}.KB2504637) (Version: 1 - Microsoft Corporation)
    Vhd Resizer (HKLM-x32\...\{8FAA57C5-7BD1-4285-B4B1-36D7337D7BE5}) (Version: 1.0.42 - Xcarab)
    Vim 7.3 (self-installing) (HKLM\...\Vim 7.3) (Version: - )
    Visual Studio 2012 Update 4 (KB2707250) (HKLM-x32\...\{312d9252-c71c-4c84-b171-f4ad46e22098}) (Version: 11.0.61030 - Microsoft Corporation)
    Visual Studio Extensions for Windows Library for JavaScript 1.0.9200.20789 (HKLM-x32\...\{49c53021-7c66-4b0b-b842-9b878d2f0e0f}) (Version: 1.0.9200.20789 - Microsoft Corporation)
    WCF Data Services 5.0 (for OData v3) Primary Components (x32 Version: 5.0.50628.0 - Microsoft Corporation) Hidden
    WCF Data Services Tools for Microsoft Visual Studio 2012 (x32 Version: 5.0.50710.0 - Microsoft Corporation) Hidden
    WCF RIA Services V1.0 SP2 (HKLM-x32\...\{3A523AF9-D32F-4C85-8388-0335731F3405}) (Version: 4.1.61829.0 - Microsoft Corporation)
    WebEx (HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\ActiveTouchMeetingClient) (Version: - Cisco WebEx LLC)
    Winamp (HKLM-x32\...\Winamp) (Version: 5.63 - Nullsoft, Inc)
    Windows XP Mode (HKLM\...\{1374CC63-B520-4f3f-98E8-E9020BF01CFF}) (Version: 1.3.7600.16423 - Microsoft Corporation)

    ==================== Custom CLSID (selected items): ==========================

    (If an entry is included in the fixlist, it will be removed from registry. Any eventual file will not be moved.)

    CustomCLSID: HKU\S-1-5-21-476653230-959638830-2549161364-1000_Classes\CLSID\{84B5A313-CD5D-4904-8BA2-AFDC81C1B309}\InprocServer32 -> C:\Program Files (x86)\Citrix\GoToMeeting\880\G2MOutlookAddin64.dll (Citrix Online, a division of Citrix Systems, Inc.)
    CustomCLSID: HKU\S-1-5-21-476653230-959638830-2549161364-1000_Classes\CLSID\{F6BF8414-962C-40FE-90F1-B80A7E72DB9A}\InprocServer32 -> C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}\Display.dll (Microsoft Corporation)

    ==================== Restore Points =========================


    ==================== Hosts content: ==========================

    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)

    2009-07-13 20:34 - 2012-06-21 07:56 - 00000849 ____A C:\windows\system32\Drivers\etc\hosts
    209.17.183.113 vandevss

    ==================== Scheduled Tasks (whitelisted) =============

    (If an entry is included in the fixlist, it will be removed from registry. Any associated file could be listed separately to be moved.)

    Task: {0E80109D-5690-4F01-96FD-5C6D4415224A} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
    Task: {1302F38F-B4C4-4103-8516-305A1B457EDA} - System32\Tasks\OfficeSoftwareProtectionPlatform\SvcRestartTask => Sc.exe start osppsvc
    Task: {60FCE01B-7020-44D2-88F6-0C20EB75D3B7} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {6DE76789-BED6-49C2-8F36-422299482CFF} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {7087AA45-5320-40F4-A96D-52424E95B2F1} - System32\Tasks\{4996007D-B884-4718-8077-E4D6D237BBD6} => pcalua.exe -a C:\windows\SysWOW64\Samsung_USB_Drivers\5\SSSDUninstall.exe
    Task: {844BFA4C-F5D8-4C40-AD17-9D3A1CBAF517} - System32\Tasks\{15A2629B-8AD5-4660-A6B3-9006476D23ED} => pcalua.exe -a C:\windows\SysWOW64\Samsung_USB_Drivers\3\SSCDUninstall.exe
    Task: {93D55CD9-FC2B-4748-B637-2188739BF615} - System32\Tasks\{47837D2B-62F4-49CA-B5E8-F8293475488F} => pcalua.exe -a C:\windows\SysWOW64\Samsung_USB_Drivers\1\SS_Uninstall.exe
    Task: {95DD4676-837C-487D-AD73-1D7BCC5FADC7} - System32\Tasks\SUPERAntiSpyware Scheduled Task db669d8e-8279-4f72-86b6-ed130e9b3c96 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {9BB0EA6B-5B45-4A8C-8E83-E551E87E0699} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2014-06-24] (Piriform Ltd)
    Task: {A543ADA0-7A54-4682-8036-37D5907AF244} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: {B3D7D898-B46C-4127-96DF-E9BC0A061153} - System32\Tasks\{0ADC3023-DE41-4DC1-9AFB-746FFFDF9045} => pcalua.exe -a C:\Users\Allan\Downloads\winsdk_web.exe -d C:\Users\Allan\Downloads
    Task: {BA42B100-ECD5-4511-82BD-0FA4D47962F3} - System32\Tasks\SUPERAntiSpyware Scheduled Task 96771c42-a466-422c-8f77-35fcb3701e0f => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-11-07] (SUPERAdBlocker.com)
    Task: {C6BB6386-DC77-473D-AD0A-A7D595BF34EE} - System32\Tasks\avast! Emergency Update => C:\Program Files\AVAST Software\Avast\AvastEmUpdate.exe [2014-12-09] (AVAST Software)
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 96771c42-a466-422c-8f77-35fcb3701e0f.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\windows\Tasks\SUPERAntiSpyware Scheduled Task db669d8e-8279-4f72-86b6-ed130e9b3c96.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Loaded Modules (whitelisted) =============

    2010-10-07 23:18 - 2010-10-07 23:18 - 00056592 _____ () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
    2010-09-02 01:24 - 2010-09-02 01:24 - 00017920 _____ () C:\Program Files\ShrewSoft\VPN Client\libith.dll
    2010-09-02 01:24 - 2010-09-02 01:24 - 00019456 _____ () C:\Program Files\ShrewSoft\VPN Client\libdtp.dll
    2010-09-02 01:24 - 2010-09-02 01:24 - 00026624 _____ () C:\Program Files\ShrewSoft\VPN Client\libidb.dll
    2010-09-02 01:24 - 2010-09-02 01:24 - 00013312 _____ () C:\Program Files\ShrewSoft\VPN Client\liblog.dll
    2010-09-02 01:24 - 2010-09-02 01:24 - 00035328 _____ () C:\Program Files\ShrewSoft\VPN Client\libvflt.dll
    2010-09-02 01:24 - 2010-09-02 01:24 - 00119296 _____ () C:\Program Files\ShrewSoft\VPN Client\libip.dll
    2010-10-07 23:18 - 2010-10-07 23:18 - 00957712 _____ () C:\Program Files\ShrewSoft\VPN Client\iked.exe
    2010-09-02 01:24 - 2010-09-02 01:24 - 00028160 _____ () C:\Program Files\ShrewSoft\VPN Client\libike.dll
    2010-09-02 01:25 - 2010-09-02 01:25 - 00040448 _____ () C:\Program Files\ShrewSoft\VPN Client\libvnet.dll
    2010-09-02 01:24 - 2010-09-02 01:24 - 00030720 _____ () C:\Program Files\ShrewSoft\VPN Client\libpfk.dll
    2010-10-07 23:18 - 2010-10-07 23:18 - 00697616 _____ () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:23 - 2010-10-20 15:23 - 08801632 _____ () C:\Program Files\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2010-01-02 08:42 - 2010-01-02 08:42 - 00098304 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext_64.dll
    2010-01-12 14:20 - 2010-01-12 14:20 - 00176128 _____ () C:\Program Files (x86)\KDiff3\diff_ext_for_kdiff3_64.dll
    2011-02-08 18:56 - 2011-02-08 18:56 - 00301568 _____ () C:\Program Files (x86)\Notepad++\NppShell_04.dll
    2011-04-26 01:21 - 2010-12-22 19:00 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2013-09-05 00:17 - 2013-09-05 00:17 - 04300456 _____ () C:\Program Files\Common Files\Microsoft Shared\office14\Cultures\office.odf
    2013-02-15 02:36 - 2013-02-15 02:36 - 01554496 _____ () C:\Program Files\Microsoft Office\Office14\ADDINS\UmOutlookAddin.dll
    2011-11-15 10:53 - 2007-07-17 16:33 - 00589824 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
    2011-03-21 15:05 - 2011-03-21 15:05 - 00053248 _____ () C:\Program Files (x86)\eclipse\eclipse.exe
    2012-08-03 13:53 - 2012-08-03 13:53 - 00062968 _____ () C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\zlib1.dll
    2014-02-06 00:52 - 2014-02-06 00:52 - 00073544 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2014-10-11 12:05 - 2014-10-11 12:05 - 01044776 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2010-03-23 12:26 - 2010-03-23 12:26 - 00201512 _____ () C:\Program Files (x86)\Cisco Systems\VPN Client\vpnapi.dll
    2010-03-01 14:31 - 2010-03-01 14:31 - 00247672 _____ () C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\myuni08.dll
    2013-09-05 00:14 - 2013-09-05 00:14 - 04300456 _____ () C:\Program Files (x86)\Common Files\microsoft shared\OFFICE14\Cultures\OFFICE.ODF
    2010-10-20 15:45 - 2010-10-20 15:45 - 08801120 _____ () C:\Program Files (x86)\Microsoft Office\Office14\1033\GrooveIntlResource.dll
    2011-11-15 10:53 - 2007-07-17 16:26 - 00086016 _____ () C:\Program Files (x86)\Trendnet\USBKVM Switcher\kEYHOOK.dll
    2011-01-17 16:19 - 2011-11-10 07:32 - 00985088 _____ () C:\Program Files (x86)\OpenOffice.org 3\program\libxml2.dll
    2014-12-09 09:02 - 2014-12-09 09:02 - 02905088 _____ () C:\Program Files\AVAST Software\Avast\defs\14120900\algo.dll
    2014-12-11 07:05 - 2014-12-11 07:05 - 02905600 _____ () C:\Program Files\AVAST Software\Avast\defs\14121100\algo.dll
    2014-12-09 09:01 - 2014-12-09 09:01 - 38562088 _____ () C:\Program Files\AVAST Software\Avast\libcef.dll
    2011-03-21 15:05 - 2011-03-21 15:05 - 00053248 _____ () C:\Program Files (x86)\eclipse\plugins\org.eclipse.equinox.launcher.win32.win32.x86_1.1.100.v20110502\eclipse_1406.dll
    2011-10-29 08:21 - 2011-10-29 08:21 - 00047616 _____ () C:\Users\Allan\.eclipse\org.eclipse.platform_3.7.0_248562372\configuration\org.eclipse.osgi\bundles\48\1\.cp\os\win32\x86\localfile_1_0_0.dll
    2011-10-29 08:21 - 2011-10-29 08:21 - 00044544 _____ () C:\Users\Allan\.eclipse\org.eclipse.platform_3.7.0_248562372\configuration\org.eclipse.osgi\bundles\51\1\.cp\jWinHttp-1.0.0.dll
    2012-01-08 07:41 - 2012-01-08 07:41 - 00093696 _____ () C:\Program Files (x86)\FileZilla FTP Client\fzshellext.dll
    2014-12-09 10:52 - 2014-12-09 10:52 - 03758192 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00417280 _____ () C:\Program Files (x86)\Winamp\nsutil.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00078848 _____ () C:\Program Files (x86)\Winamp\nde.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00023552 _____ () C:\Program Files (x86)\Winamp\System\albumart.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00174080 _____ () C:\Program Files (x86)\Winamp\System\auth.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00019456 _____ () C:\Program Files (x86)\Winamp\System\bmp.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00064512 _____ () C:\Program Files (x86)\Winamp\zlib.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00044544 _____ () C:\Program Files (x86)\Winamp\System\devices.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00016896 _____ () C:\Program Files (x86)\Winamp\System\dlmgr.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00014336 _____ () C:\Program Files (x86)\Winamp\System\filereader.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00019456 _____ () C:\Program Files (x86)\Winamp\System\gif.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00016384 _____ () C:\Program Files (x86)\Winamp\System\gracenote.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00623616 _____ () C:\Program Files (x86)\Winamp\System\jnetlib.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00154624 _____ () C:\Program Files (x86)\Winamp\System\jpeg.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00084480 _____ () C:\Program Files (x86)\Winamp\System\playlist.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00087552 _____ () C:\Program Files (x86)\Winamp\System\png.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00013824 _____ () C:\Program Files (x86)\Winamp\System\primo.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00021504 _____ () C:\Program Files (x86)\Winamp\System\tagz.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00035328 _____ () C:\Program Files (x86)\Winamp\System\timer.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00091136 _____ () C:\Program Files (x86)\Winamp\System\xml.w5s
    2012-06-28 09:42 - 2013-05-03 07:31 - 00068608 _____ () C:\Program Files (x86)\Winamp\Plugins\in_avi.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00102400 _____ () C:\Program Files (x86)\Winamp\Plugins\in_cdda.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00072192 _____ () C:\Program Files (x86)\Winamp\Plugins\in_dshow.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00061440 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flac.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00043008 _____ () C:\Program Files (x86)\Winamp\Plugins\in_flv.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00007168 _____ () C:\Program Files (x86)\Winamp\Plugins\in_linein.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00109568 _____ () C:\Program Files (x86)\Winamp\Plugins\in_midi.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00049152 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mkv.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00164864 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mod.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00290816 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp3.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00052736 _____ () C:\Program Files (x86)\Winamp\Plugins\in_mp4.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00075264 _____ () C:\Program Files (x86)\Winamp\Plugins\in_nsv.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00023552 _____ () C:\Program Files (x86)\Winamp\Plugins\in_swf.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00253440 _____ () C:\Program Files (x86)\Winamp\Plugins\in_vorbis.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00016896 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wave.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00253440 _____ () C:\Program Files (x86)\Winamp\libsndfile.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00313344 _____ () C:\Program Files (x86)\Winamp\Plugins\in_wm.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00022528 _____ () C:\Program Files (x86)\Winamp\Plugins\out_disk.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00052224 _____ () C:\Program Files (x86)\Winamp\Plugins\out_ds.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00018432 _____ () C:\Program Files (x86)\Winamp\Plugins\out_wave.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 01737728 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ff.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00083968 _____ () C:\Program Files (x86)\Winamp\tataki.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00340992 _____ () C:\Program Files (x86)\Winamp\Plugins\freeform\wacs\freetype\freetype.wac
    2012-06-28 09:42 - 2013-05-03 07:31 - 00028160 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_hotkeys.dll
    2011-11-10 16:10 - 2013-05-03 07:31 - 00185344 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_jumpex.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00318976 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_ml.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00294912 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_local.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00084480 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_playlists.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00124928 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_online.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00249856 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_devices.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00201728 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_disc.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00240640 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_pmp.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00060928 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_android.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00170496 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_ipod.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00020480 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_njb.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00118272 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_p4s.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00053760 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_usb.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00113664 _____ () C:\Program Files (x86)\Winamp\Plugins\pmp_wifi.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00028672 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_bookmarks.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00052224 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_history.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00028672 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_autotag.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00057344 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_impex.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00083456 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_plg.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00033792 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_rg.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00032256 _____ () C:\Program Files (x86)\Winamp\Plugins\ml_transcode.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00057344 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_orgler.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00025600 _____ () C:\Program Files (x86)\Winamp\Plugins\gen_tray.dll
    2012-06-28 09:42 - 2013-05-03 07:31 - 00136192 _____ () C:\Program Files (x86)\Winamp\libflac.dll
    2012-03-01 18:35 - 2013-05-03 07:31 - 00511488 _____ () C:\Program Files (x86)\Winamp\Plugins\lame_enc.dll

    ==================== Alternate Data Streams (whitelisted) =========

    (If an entry is included in the fixlist, only the Alternate Data Streams will be removed.)


    ==================== Safe Mode (whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)

    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\75837955.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83241577.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\75837955.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83241577.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SMPCHelper => ""=""
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\tvnserver => ""=""

    ==================== EXE Association (whitelisted) =============

    (If an entry is included in the fixlist, the default will be restored. None default entries will be removed.)


    ==================== MSCONFIG/TASK MANAGER disabled items =========

    (Currently there is no automatic fix for this section.)

    MSCONFIG\startupreg: Steam => "C:\Program Files (x86)\Steam\Steam.exe" -silent

    ========================= Accounts: ==========================

    Administrator (S-1-5-21-476653230-959638830-2549161364-500 - Administrator - Disabled)
    Allan (S-1-5-21-476653230-959638830-2549161364-1000 - Administrator - Enabled) => C:\Users\Allan
    Guest (S-1-5-21-476653230-959638830-2549161364-501 - Limited - Disabled)

    ==================== Faulty Device Manager Devices =============

    Name: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
    Description: Cisco AnyConnect Secure Mobility Client Virtual Miniport Adapter for Windows x64
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Cisco Systems
    Service: vpnva
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Cisco Systems VPN Adapter for 64-bit Windows
    Description: Cisco Systems VPN Adapter for 64-bit Windows
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Cisco Systems
    Service: CVirtA
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Shrew Soft Virtual Adapter
    Description: Shrew Soft Virtual Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Shrew Soft
    Service: vnet
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.

    Name: Shrew Soft Virtual Adapter #2
    Description: Shrew Soft Virtual Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Shrew Soft
    Service: vnet
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: ZT-W7)
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2014-06-20_MoulinDor_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17204) (User: ZT-W7)
    Description: FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2014-06-20_MoulinDor.mdf for file number 1. OS error: 2(The system cannot find the file specified.).

    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: ZT-W7)
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2013-09-24_corp_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17204) (User: ZT-W7)
    Description: FCB::Open failed: Could not open file C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2013-09-24_corp.mdf for file number 1. OS error: 2(The system cannot find the file specified.).

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\RM2742-CRM-store_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\DJCRM_2014-07-29_corp_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\JessesStoreJ_2014-04-01_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\RM2825-CRM_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\DJCRM_2014-08-07_corp_1.LDF'. Diagnose and correct the operating system error, and retry the operation.

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles: Operating system error 2(The system cannot find the file specified.) occurred while creating or opening file 'C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\JessesCorp_2014-04-01.LDF'. Diagnose and correct the operating system error, and retry the operation.


    System errors:
    =============
    Error: (12/10/2014 09:53:48 PM) (Source: volsnap) (EventID: 36) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (12/10/2014 07:46:20 PM) (Source: Service Control Manager) (EventID: 7000) (User: )
    Description: The Steam Client Service service failed to start due to the following error:
    %%1053

    Error: (12/10/2014 07:46:20 PM) (Source: Service Control Manager) (EventID: 7009) (User: )
    Description: A timeout was reached (30000 milliseconds) while waiting for the Steam Client Service service to connect.

    Error: (12/09/2014 08:36:33 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYSYSTEMS-1-5-18LocalHost (Using LRPC)

    Error: (12/09/2014 08:36:29 AM) (Source: DCOM) (EventID: 10016) (User: NT AUTHORITY)
    Description: application-specificLocalLaunch{C97FCC79-E628-407D-AE68-A06AD6D8B4D1}{344ED43D-D086-4961-86A6-1106F4ACAD9B}NT AUTHORITYLOCAL SERVICES-1-5-19LocalHost (Using LRPC)

    Error: (12/09/2014 02:48:24 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 40.

    Error: (12/09/2014 02:48:23 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 40.

    Error: (12/09/2014 02:48:21 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.

    Error: (12/09/2014 02:48:16 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 70.

    Error: (12/09/2014 01:10:04 AM) (Source: Schannel) (EventID: 4119) (User: NT AUTHORITY)
    Description: The following fatal alert was received: 20.


    Microsoft Office Sessions:
    =========================
    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: ZT-W7)
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2014-06-20_MoulinDor_1.LDF

    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17204) (User: ZT-W7)
    Description: FCB::Open failedC:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2014-06-20_MoulinDor.mdf12(The system cannot find the file specified.)

    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: ZT-W7)
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2013-09-24_corp_1.LDF

    Error: (12/10/2014 00:10:17 PM) (Source: MSSQLSERVER) (EventID: 17204) (User: ZT-W7)
    Description: FCB::Open failedC:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\IMSCRM_2013-09-24_corp.mdf12(The system cannot find the file specified.)

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\RM2742-CRM-store_1.LDF

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\DJCRM_2014-07-29_corp_1.LDF

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\JessesStoreJ_2014-04-01_1.LDF

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\RM2825-CRM_1.LDF

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\DJCRM_2014-08-07_corp_1.LDF

    Error: (12/09/2014 04:29:45 PM) (Source: MSSQLSERVER) (EventID: 17207) (User: )
    Description: FileMgr::StartLogFiles2(The system cannot find the file specified.)C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\DATA\JessesCorp_2014-04-01.LDF


    CodeIntegrity Errors:
    ===================================
    Date: 2013-04-08 13:10:04.214
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:10:04.174
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:09:51.804
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:09:51.774
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:07:47.994
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:07:47.964
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:07:07.124
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.

    Date: 2013-04-08 13:07:07.094
    Description: Windows is unable to verify the image integrity of the file \Device\HarddiskVolume2\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS because file hash could not be found on the system. A recent hardware or software change might have installed a file that is signed incorrectly or damaged, or that might be malicious software from an unknown source.


    ==================== Memory info ===========================

    Processor: Intel(R) Core(TM) i7-2600 CPU @ 3.40GHz
    Percentage of memory in use: 45%
    Total physical RAM: 12189.32 MB
    Available physical RAM: 6618.42 MB
    Total Pagefile: 24376.83 MB
    Available Pagefile: 15038.9 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: (OS) (Fixed) (Total:1862.92 GB) (Free:267.03 GB) NTFS
    Drive p: (HP SimpleSave) (Fixed) (Total:930.86 GB) (Free:439.88 GB) NTFS
    Drive v: (Seagate Backup Plus Drive) (Fixed) (Total:3726.01 GB) (Free:2837.33 GB) NTFS
    Drive y: (Seagate Expansion Drive) (Fixed) (Total:1863.02 GB) (Free:181.68 GB) NTFS

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 1863 GB) (Disk ID: 2BD2C32A)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=1862.9 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (Size: 1863 GB) (Disk ID: 909E2041)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
    Attempted reading MBR returned 0 bytes.
    Could not read MBR for disk 2.

    ========================================================
    Disk: 7 (MBR Code: Windows XP) (Size: 930.9 GB) (Disk ID: 000839B2)
    Partition 1: (Not Active) - (Size=930.9 GB) - (Type=07 NTFS)

    ==================== End Of Log ============================

    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 11-12-2014 03
    Ran by Allan (administrator) on ZT-W7 on 11-12-2014 17:31:51
    Running from C:\Users\Allan\Desktop
    Loaded Profile: Allan (Available profiles: Allan)
    Platform: Windows 7 Professional Service Pack 1 (X64) OS Language: English (United States)
    Internet Explorer Version 11
    Boot Mode: Normal
    Tutorial for Farbar Recovery Scan Tool: FRST Tutorial - How to use Farbar Recovery Scan Tool - Malware Removal Guides and Tutorials

    ==================== Processes (Whitelisted) =================

    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)

    (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnagent.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (LSI Corporation) C:\Program Files\LSI SoftModem\agr64svc.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco Systems\VPN Client\cvpnd.exe
    () C:\Program Files\ShrewSoft\VPN Client\dtpd.exe
    (SafeNet Inc.) C:\Windows\System32\hasplms.exe
    () C:\Program Files\ShrewSoft\VPN Client\iked.exe
    () C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\90\Shared\sqlwriter.exe
    (Microsoft Corporation) C:\Windows\System32\FXSSVC.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Microsoft(R) Corporation) C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE
    (Skype Technologies S.A.) C:\Program Files (x86)\Skype\Phone\Skype.exe
    (Renesas Electronics Corporation) C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe
    (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winampa.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\OUTLOOK.EXE
    (Cisco Systems, Inc.) C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE
    (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.exe
    (Yealink) C:\Program Files (x86)\SkypeMate\SkypeMate.exe
    (OpenOffice.org) C:\Program Files (x86)\OpenOffice.org 3\program\soffice.bin
    () C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\OfficeSoftwareProtectionPlatform\OSPPSVC.EXE
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastSvc.exe
    (AVAST Software) C:\Program Files\AVAST Software\Avast\AvastUI.exe
    (Microsoft Corporation) C:\Program Files\Windows Sidebar\sidebar.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe
    (Microsoft Corporation) C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdhost.exe
    () C:\Program Files (x86)\eclipse\eclipse.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (SourceGear Corporation) C:\Program Files (x86)\SourceOffSite\sos.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Nullsoft, Inc.) C:\Program Files (x86)\Winamp\winamp.exe
    (Microsoft Corporation) C:\Program Files\Microsoft Office\Office14\EXCEL.EXE
    (Microsoft Corporation) C:\Program Files (x86)\Microsoft SQL Server\100\Tools\Binn\VSShell\Common7\IDE\Ssms.exe
    (Microsoft Corporation) C:\Windows\System32\mspaint.exe


    ==================== Registry (Whitelisted) ==================

    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)

    HKLM\...\Run: [RTHDVCPL] => C:\Program Files\Realtek\Audio\HDA\RtkNGUI64.exe [6602856 2011-01-04] (Realtek Semiconductor)
    HKLM\...\Run: [BCSSync] => C:\Program Files\Microsoft Office\Office14\BCSSync.exe [108144 2012-11-05] (Microsoft Corporation)
    HKLM-x32\...\Run: [NUSB3MON] => C:\Program Files (x86)\Renesas Electronics\USB 3.0 Host Controller Driver\Application\nusb3mon.exe [113288 2010-11-17] (Renesas Electronics Corporation)
    HKLM-x32\...\Run: [WinampAgent] => C:\Program Files (x86)\Winamp\winampa.exe [74752 2012-06-28] (Nullsoft, Inc.)
    HKLM-x32\...\Run: [APSDaemon] => C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [60712 2014-10-11] (Apple Inc.)
    HKLM-x32\...\Run: [Cisco AnyConnect Secure Mobility Agent for Windows] => C:\Program Files (x86)\Cisco\Cisco AnyConnect Secure Mobility Client\vpnui.exe [685048 2012-08-03] (Cisco Systems, Inc.)
    HKLM-x32\...\Run: [iTunesHelper] => C:\Program Files (x86)\iTunes\iTunesHelper.exe [157480 2014-10-15] (Apple Inc.)
    HKLM-x32\...\Run: [QuickTime Task] => C:\Program Files (x86)\QuickTime\QTTask.exe [421888 2014-10-02] (Apple Inc.)
    HKLM-x32\...\Run: [Adobe ARM] => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [959176 2014-09-12] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [AvastUI.exe] => C:\Program Files\AVAST Software\Avast\AvastUI.exe [5225064 2014-12-09] (AVAST Software)
    Winlogon\Notify\igfxcui: C:\windows\system32\igfxdev.dll (Intel Corporation)
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\Run: [MoneyInsights] => C:\Program Files (x86)\Microsoft Money Plus\MNYCoreFiles\mnyinsit.exe [499576 2010-03-01] (Microsoft(R) Corporation)
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\Run: [OfficeSyncProcess] => C:\Program Files\Microsoft Office\Office14\MSOSYNC.EXE [911032 2014-10-14] (Microsoft Corporation)
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [22065760 2014-10-01] (Skype Technologies S.A.)
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7777560 2014-11-13] (SUPERAntiSpyware)
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\MountPoints2: {366d72ae-03d1-11e1-ae74-8c89a5663f09} - I:\HPLauncher.exe
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\...\MountPoints2: {7a001718-0569-11e4-92b0-8c89a5663f09} - J:\VerizonSWUpgradeAssistantLauncher.exe
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Microsoft Outlook 2010.lnk
    ShortcutTarget: Microsoft Outlook 2010.lnk -> C:\Windows\Installer\{91140000-0011-0000-1000-0000000FF1CE}\outicon.exe ()
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\vpngui.exe.lnk
    ShortcutTarget: vpngui.exe.lnk -> C:\Windows\Installer\{467D5E81-8349-4892-9E81-C3674ED8E451}\Icon09DB8A851.exe ()
    Startup: C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OneNote 2010 Screen Clipper and Launcher.lnk
    ShortcutTarget: OneNote 2010 Screen Clipper and Launcher.lnk -> C:\Program Files\Microsoft Office\Office14\ONENOTEM.EXE (Microsoft Corporation)
    Startup: C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\OpenOffice.org 3.3.lnk
    ShortcutTarget: OpenOffice.org 3.3.lnk -> C:\Program Files (x86)\OpenOffice.org 3\program\quickstart.exe ()
    Startup: C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\SkypeMate.lnk
    ShortcutTarget: SkypeMate.lnk -> C:\Program Files (x86)\SkypeMate\SkypeMate.exe (Yealink)
    Startup: C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\USBKVM Switcher.lnk
    ShortcutTarget: USBKVM Switcher.lnk -> C:\Program Files (x86)\Trendnet\USBKVM Switcher\USBKVM.exe ()
    ShellIconOverlayIdentifiers: [00avast] -> {472083B0-C522-11CF-8763-00608CC02F24} => C:\Program Files\AVAST Software\Avast\ashShA64.dll (AVAST Software)
    ShellIconOverlayIdentifiers-x32: [NG3CheckedOut] -> {1E5E1445-6CEA-4761-8E45-AA19F654571E} => No File
    ShellIconOverlayIdentifiers-x32: [NG3ReadOnly] -> {1AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => No File
    GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
    CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION

    ==================== Internet (Whitelisted) ====================

    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)

    HKU\S-1-5-21-476653230-959638830-2549161364-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = msn
    HKU\S-1-5-21-476653230-959638830-2549161364-1000\Software\Microsoft\Internet Explorer\Main,Start Page = WND - A Free Press for a Free People
    SearchScopes: HKLM-x32 -> DefaultScope {7B366409-AE1E-4905-A392-526067BC44F0} URL =
    BHO: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE64.dll (AVAST Software)
    BHO: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    BHO-x32: Groove GFS Browser Helper -> {72853161-30C5-4D22-B7F9-0BBC1D38A37E} -> C:\Program Files (x86)\Microsoft Office\Office14\GROOVEEX.DLL (Microsoft Corporation)
    BHO-x32: avast! Online Security -> {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} -> C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll (AVAST Software)
    BHO-x32: Office Document Cache Handler -> {B4F3A835-0E21-4959-BA22-42B3008E02FF} -> C:\Program Files (x86)\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
    DPF: HKLM {254AA86E-5655-4518-AA87-185D7CC41801} https://secure.logmeinrescue.com/Tec...cueControl.cab
    DPF: HKLM-x32 {17492023-C23A-453E-A040-C7C580BBF700} http://download.microsoft.com/downlo...eckControl.cab
    DPF: HKLM-x32 {254AA86E-5655-4518-AA87-185D7CC41801} https://secure.logmeinrescue.com/Tec...cueControl.cab
    DPF: HKLM-x32 {D27CDB6E-AE6D-11CF-96B8-444553540000} http://fpdownload2.macromedia.com/ge...sh/swflash.cab
    DPF: HKLM-x32 {FD0B6769-6490-4A91-AA0A-B5AE0DC75AC9} https://secure.logmein.com/activex/R...rnd=2512725876
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Hosts: 209.17.183.113 vandevss
    Tcpip\Parameters: [DhcpNameServer] 192.168.1.1
    Tcpip\..\Interfaces\{47D65AC1-139A-421E-B4B4-372CF32ADDF7}: [NameServer] 10.10.10.135

    FireFox:
    ========
    FF ProfilePath: C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default
    FF Homepage: hxxp://www.newsmax.com/
    FF Plugin: @adobe.com/FlashPlayer -> C:\windows\system32\Macromed\Flash\NPSWF64_15_0_0_239.dll ()
    FF Plugin: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\windows\SysWOW64\Macromed\Flash\NPSWF32_15_0_0_239.dll ()
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 -> C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin -> C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\dtplugin\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\new_plugin\npjp2.dll No File
    FF Plugin-x32: @java.com/JavaPlugin,version=11.25.2 -> C:\Program Files (x86)\Java\jre1.8.0_25\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @logitech.com/HarmonyRemote,version=1.0.0 -> C:\Program Files (x86)\Logitech\Harmony Remote Driver\NprtHarmonyPlugin.dll (Logitech Inc.)
    FF Plugin-x32: @microsoft.com/GENUINE -> C:\windows\system32\Wat\npWatWeb.dll (Microsoft Corporation)
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 -> C:\Program Files (x86)\Microsoft Silverlight\5.1.30514.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/OfficeAuthz,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/SharePoint,version=14.0 -> C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
    FF Plugin-x32: @tools.google.com/Google Update;version=3 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: @tools.google.com/Google Update;version=9 -> C:\Program Files (x86)\Google\Update\1.3.24.15\npGoogleUpdate3.dll No File
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKU\S-1-5-21-476653230-959638830-2549161364-1000: @citrixonline.com/appdetectorplugin -> C:\Users\Allan\AppData\Local\Citrix\Plugins\104\npappdetector.dll (Citrix Online)
    FF user.js: detected! => C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\user.js
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin2.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin3.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin4.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Program Files (x86)\mozilla firefox\plugins\npqtplugin5.dll (Apple Inc.)
    FF Plugin ProgramFiles/Appdata: C:\Users\Allan\AppData\Roaming\mozilla\plugins\npatgpc.dll (Cisco WebEx LLC)
    FF Extension: FireFTP - C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\Extensions\{a7c6cf7f-112c-4500-a7ea-39801a327e5f} [2014-10-15]
    FF Extension: SQLite Manager - C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\Extensions\SQLiteManager@mrinalkant.blogspot.com.xpi [2011-10-28]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0033-ABCDEFFEDCBA} [2014-12-09]
    FF Extension: Java Console - C:\Program Files (x86)\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0035-ABCDEFFEDCBA} [2014-12-09]
    FF HKLM-x32\...\Firefox\Extensions: [wrc@avast.com] - C:\Program Files\AVAST Software\Avast\WebRep\FF
    FF Extension: Avast Online Security - C:\Program Files\AVAST Software\Avast\WebRep\FF [2014-12-09]
    FF Extension: No Name - wrc@avast.com [Not Found]

    Chrome:
    =======
    CHR dev: Chrome dev build detected! <======= ATTENTION
    CHR Profile: C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default
    CHR Extension: (AutoPagerize) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\igiofjhpmpihnifddepnpngfjhkfenbp [2014-07-02]
    CHR Extension: (CostMin) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk [2014-07-02]
    CHR Extension: (SSave on) - C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk [2014-07-02]
    CHR HKLM-x32\...\Chrome\Extension: [gomekmidlodglbbmalcneegieacbdmki] - C:\Program Files\AVAST Software\Avast\WebRep\Chrome\aswWebRepChrome.crx [2014-12-09]

    ==================== Services (Whitelisted) =================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-22] (SUPERAntiSpyware.com)
    R2 avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [50344 2014-12-09] (AVAST Software)
    R2 dtpd; C:\Program Files\ShrewSoft\VPN Client\dtpd.exe [56592 2010-10-07] ()
    S3 fussvc; C:\Program Files (x86)\Windows Kits\8.0\App Certification Kit\fussvc.exe [139776 2012-07-25] (Microsoft Corporation) [File not signed]
    R2 hasplms; C:\Windows\system32\hasplms.exe [4683144 2014-07-15] (SafeNet Inc.)
    R2 iked; C:\Program Files\ShrewSoft\VPN Client\iked.exe [957712 2010-10-07] ()
    R2 ipsecd; C:\Program Files\ShrewSoft\VPN Client\ipsecd.exe [697616 2010-10-07] ()
    R2 MsDtsServer100; C:\Program Files\Microsoft SQL Server\100\DTS\Binn\MsDtsSrvr.exe [210784 2011-06-17] (Microsoft Corporation)
    R3 MSSQLFDLauncher; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\fdlauncher.exe [32096 2010-04-03] (Microsoft Corporation)
    R2 MSSQLSERVER; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\sqlservr.exe [62111072 2011-06-17] (Microsoft Corporation)
    S3 SQLSERVERAGENT; C:\Program Files\Microsoft SQL Server\MSSQL10_50.MSSQLSERVER\MSSQL\Binn\SQLAGENT.EXE [431456 2011-06-17] (Microsoft Corporation)
    S3 Te.Service; C:\Program Files (x86)\Windows Kits\8.0\Testing\Runtimes\TAEF\Wex.Services.exe [126976 2012-07-25] (Microsoft Corporation) [File not signed]

    ==================== Drivers (Whitelisted) ====================

    (If an entry is included in the fixlist, the service will be removed from the registry. The file will not be moved unless listed separately.)

    R3 akshasp; C:\Windows\System32\DRIVERS\akshasp.sys [60488 2013-03-15] (SafeNet Inc.)
    R3 akshhl; C:\Windows\System32\DRIVERS\akshhl.sys [63944 2013-03-15] (SafeNet Inc.)
    R3 aksusb; C:\Windows\System32\DRIVERS\aksusb.sys [303624 2013-08-09] (SafeNet Inc.)
    R2 aswHwid; C:\Windows\system32\drivers\aswHwid.sys [29208 2014-12-09] ()
    R2 aswMonFlt; C:\Windows\system32\drivers\aswMonFlt.sys [83280 2014-12-09] (AVAST Software)
    R1 aswRdr; C:\Windows\system32\drivers\aswRdr2.sys [93568 2014-12-09] (AVAST Software)
    S0 aswRvrt; C:\Windows\System32\Drivers\aswRvrt.sys [65776 2014-12-09] ()
    R1 aswSnx; C:\Windows\system32\drivers\aswSnx.sys [1050432 2014-12-09] (AVAST Software)
    R1 aswSP; C:\Windows\system32\drivers\aswSP.sys [436624 2014-12-09] (AVAST Software)
    R2 aswStm; C:\Windows\system32\drivers\aswStm.sys [116728 2014-12-09] (AVAST Software)
    R0 aswVmm; C:\Windows\System32\Drivers\aswVmm.sys [267632 2014-12-09] ()
    R3 CVPNDRVA; C:\windows\system32\Drivers\CVPNDRVA.sys [304784 2010-03-23] ()
    R2 hardlock; C:\windows\system32\drivers\hardlock.sys [331608 2014-07-15] (SafeNet Inc.)
    S3 PORTMON; C:\Program Files (x86)\Sysinternals Suite\PORTMSYS.SYS [28656 2013-04-08] (Systems Internals) [File not signed]
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 USBAAPL64; C:\Windows\System32\Drivers\usbaapl64.sys [54784 2012-12-13] (Apple, Inc.) [File not signed]
    S3 VSPerfDrv110; C:\Program Files (x86)\Microsoft Visual Studio 11.0\Team Tools\Performance Tools\x64\VSPerfDrv110.sys [70264 2012-07-13] (Microsoft Corporation)
    S1 apkblvha; \??\C:\windows\system32\drivers\apkblvha.sys [X]
    S1 gitpgnop; \??\C:\windows\system32\drivers\gitpgnop.sys [X]
    S1 kjcrmsbj; \??\C:\windows\system32\drivers\kjcrmsbj.sys [X]
    S1 nohaapzk; \??\C:\windows\system32\drivers\nohaapzk.sys [X]
    S1 reeoxjdr; \??\C:\windows\system32\drivers\reeoxjdr.sys [X]
    S1 vyfnsupc; \??\C:\windows\system32\drivers\vyfnsupc.sys [X]

    ==================== NetSvcs (Whitelisted) ===================

    (If an item is included in the fixlist, it will be removed from the registry. Any associated file could be listed separately to be moved.)


    ==================== One Month Created Files and Folders ========

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-11 17:31 - 2014-12-11 17:32 - 00020502 _____ () C:\Users\Allan\Desktop\FRST.txt
    2014-12-11 17:31 - 2014-12-11 17:31 - 00000000 ____D () C:\FRST
    2014-12-11 17:29 - 2014-12-11 17:30 - 02119680 _____ (Farbar) C:\Users\Allan\Desktop\FRST64.exe
    2014-12-11 08:21 - 2014-12-11 08:21 - 00015779 _____ () C:\mb-2014-12-11.log
    2014-12-09 10:52 - 2014-12-09 10:52 - 00000000 ____D () C:\Program Files (x86)\Mozilla Firefox
    2014-12-09 09:15 - 2014-12-09 09:15 - 17711760 _____ (Adobe Systems Inc.) C:\Users\Allan\Downloads\AdobeAIRInstaller.exe
    2014-12-09 09:04 - 2014-12-09 09:04 - 00001997 _____ () C:\Users\Public\Desktop\Avast Free Antivirus.lnk
    2014-12-09 09:04 - 2014-12-09 09:04 - 00000000 ____D () C:\Users\Allan\AppData\Roaming\AVAST Software
    2014-12-09 09:04 - 2014-12-09 09:04 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVAST Software
    2014-12-09 09:03 - 2014-12-09 09:04 - 00004182 _____ () C:\windows\System32\Tasks\avast! Emergency Update
    2014-12-09 09:02 - 2014-12-09 09:03 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00436624 _____ (AVAST Software) C:\windows\system32\Drivers\aswSP.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00364512 _____ (AVAST Software) C:\windows\system32\aswBoot.exe
    2014-12-09 09:02 - 2014-12-09 09:02 - 00267632 _____ () C:\windows\system32\Drivers\aswVmm.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00116728 _____ (AVAST Software) C:\windows\system32\Drivers\aswStm.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00093568 _____ (AVAST Software) C:\windows\system32\Drivers\aswRdr2.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00083280 _____ (AVAST Software) C:\windows\system32\Drivers\aswMonFlt.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00065776 _____ () C:\windows\system32\Drivers\aswRvrt.sys
    2014-12-09 09:02 - 2014-12-09 09:02 - 00029208 _____ () C:\windows\system32\Drivers\aswHwid.sys
    2014-12-09 09:02 - 2014-12-09 09:01 - 01050432 _____ (AVAST Software) C:\windows\system32\Drivers\aswsnx.sys.1418137437347
    2014-12-09 09:01 - 2014-12-09 09:01 - 00043152 _____ (AVAST Software) C:\windows\avastSS.scr
    2014-12-09 08:59 - 2014-12-09 08:59 - 00000000 ____D () C:\Program Files\AVAST Software
    2014-12-09 08:51 - 2014-12-09 08:59 - 00000000 ____D () C:\ProgramData\AVAST Software
    2014-12-09 08:38 - 2014-12-09 08:38 - 00000064 _____ () C:\Users\Allan\Documents\Sorenson.lrd
    2014-12-08 19:03 - 2014-12-11 08:09 - 00129752 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\MBAMSwissArmy.sys
    2014-12-08 19:03 - 2014-12-08 19:03 - 00001095 _____ () C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
    2014-12-08 19:03 - 2014-12-08 19:03 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Malwarebytes Anti-Malware
    2014-12-08 19:02 - 2014-12-08 19:03 - 00000000 ____D () C:\Program Files (x86)\Malwarebytes Anti-Malware
    2014-12-08 19:02 - 2014-12-08 19:02 - 00000000 ____D () C:\ProgramData\Malwarebytes
    2014-12-08 19:02 - 2014-11-21 06:14 - 00093400 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbamchameleon.sys
    2014-12-08 19:02 - 2014-11-21 06:14 - 00063704 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mwac.sys
    2014-12-08 19:02 - 2014-11-21 06:14 - 00025816 _____ (Malwarebytes Corporation) C:\windows\system32\Drivers\mbam.sys
    2014-12-08 11:00 - 2014-12-08 11:00 - 00000000 ____D () C:\SUPERDelete
    2014-12-08 10:58 - 2014-12-11 10:58 - 00000510 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task db669d8e-8279-4f72-86b6-ed130e9b3c96.job
    2014-12-08 10:58 - 2014-12-11 02:00 - 00000510 _____ () C:\windows\Tasks\SUPERAntiSpyware Scheduled Task 96771c42-a466-422c-8f77-35fcb3701e0f.job
    2014-12-08 10:58 - 2014-12-08 10:58 - 00003578 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 96771c42-a466-422c-8f77-35fcb3701e0f
    2014-12-08 10:58 - 2014-12-08 10:58 - 00003504 _____ () C:\windows\System32\Tasks\SUPERAntiSpyware Scheduled Task db669d8e-8279-4f72-86b6-ed130e9b3c96
    2014-12-08 10:58 - 2014-12-08 10:58 - 00000000 ____D () C:\Users\Allan\AppData\Roaming\SUPERAntiSpyware.com
    2014-12-08 10:57 - 2014-12-11 10:58 - 00000000 ____D () C:\Program Files\SUPERAntiSpyware
    2014-12-08 10:57 - 2014-12-08 10:58 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\SUPERAntiSpyware
    2014-12-08 10:57 - 2014-12-08 10:57 - 00001841 _____ () C:\Users\Public\Desktop\SUPERAntiSpyware Professional.lnk
    2014-12-08 10:57 - 2014-12-08 10:57 - 00000000 ____D () C:\ProgramData\SUPERAntiSpyware.com
    2014-12-04 15:26 - 2014-12-04 18:13 - 449513930 _____ () C:\Users\Allan\Downloads\bug3279a.zip
    2014-12-04 14:37 - 2014-12-04 14:39 - 07881072 _____ () C:\Users\Allan\Downloads\bug3279(1).zip
    2014-12-04 14:21 - 2014-12-04 14:21 - 07029104 _____ () C:\Users\Allan\Downloads\bug3279.zip
    2014-11-25 14:44 - 2014-12-11 10:09 - 00000000 ____D () C:\Users\Allan\AppData\Local\LogMeInIgnition
    2014-11-25 14:44 - 2014-11-25 14:44 - 00001945 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\LogMeIn Client.lnk
    2014-11-25 14:44 - 2014-11-25 14:44 - 00000000 ____D () C:\Users\Allan\AppData\Roaming\LogMeInIgnition
    2014-11-25 14:44 - 2014-11-25 14:44 - 00000000 ____D () C:\Program Files (x86)\LogMeIn Ignition
    2014-11-25 14:42 - 2014-11-25 14:42 - 08122368 _____ () C:\Users\Allan\Downloads\LogMeInIgnition.msi
    2014-11-18 17:22 - 2014-11-10 21:08 - 00728064 _____ (Microsoft Corporation) C:\windows\system32\kerberos.dll
    2014-11-18 17:22 - 2014-11-10 21:08 - 00241152 _____ (Microsoft Corporation) C:\windows\system32\pku2u.dll
    2014-11-18 17:22 - 2014-11-10 20:44 - 00550912 _____ (Microsoft Corporation) C:\windows\SysWOW64\kerberos.dll
    2014-11-18 17:22 - 2014-11-10 20:44 - 00186880 _____ (Microsoft Corporation) C:\windows\SysWOW64\pku2u.dll
    2014-11-17 22:06 - 2014-12-04 08:04 - 00701104 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerApp.exe
    2014-11-17 22:06 - 2014-12-04 08:04 - 00071344 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerCPLApp.cpl
    2014-11-17 18:16 - 2014-11-17 18:16 - 00000000 ___HD () C:\ProgramData\CanonIJFAX
    2014-11-17 18:16 - 2013-09-25 05:00 - 00303104 _____ (CANON INC.) C:\windows\system32\CNCALC2.DLL
    2014-11-17 18:15 - 2013-09-12 05:00 - 00391168 _____ (CANON INC.) C:\windows\system32\CNMLMC2.DLL
    2014-11-17 12:27 - 2014-11-17 12:27 - 00002058 _____ () C:\Users\Allan\Downloads\Delivery(1).kml
    2014-11-17 11:50 - 2014-11-17 11:50 - 00000000 ____D () C:\ProgramData\NuGet
    2014-11-17 11:50 - 2014-11-17 11:50 - 00000000 ____D () C:\Program Files (x86)\NuGet
    2014-11-17 11:42 - 2014-11-17 11:42 - 00000000 ____D () C:\Program Files (x86)\Microsoft Web Tools
    2014-11-17 11:32 - 2014-11-17 11:32 - 01359960 _____ (Microsoft Corporation) C:\Users\Allan\Downloads\VS2012.4.exe
    2014-11-16 09:01 - 2014-11-24 14:21 - 00002441 _____ () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Adobe Reader XI.lnk
    2014-11-16 09:01 - 2014-11-24 14:21 - 00002012 _____ () C:\Users\Public\Desktop\Adobe Reader XI.lnk
    2014-11-16 08:26 - 2014-11-16 08:26 - 00000000 __SHD () C:\Users\Allan\AppData\Local\EmieBrowserModeList
    2014-11-14 11:32 - 2014-11-14 11:33 - 13087456 _____ (Microsoft Corporation) C:\Users\Allan\Downloads\Silverlight_x64.exe
    2014-11-14 11:22 - 2014-11-14 11:22 - 00000000 ____D () C:\MATS
    2014-11-14 11:02 - 2014-11-14 11:02 - 00347816 _____ (Microsoft Corporation) C:\Users\Allan\Downloads\MicrosoftFixit.ProgramInstallUninstall.RNP.1339411454322227.1.1.Run.exe
    2014-11-14 10:56 - 2014-11-14 10:56 - 00050688 _____ (Atribune.org) C:\Users\Allan\Downloads\ATF-Cleaner.exe
    2014-11-14 10:05 - 2014-12-11 15:00 - 00001548 _____ () C:\windows\setupact.log
    2014-11-14 10:05 - 2014-11-14 10:05 - 00000000 _____ () C:\windows\setuperr.log
    2014-11-14 10:04 - 2014-12-09 08:34 - 00069794 _____ () C:\windows\PFRO.log
    2014-11-14 09:58 - 2014-11-14 09:58 - 00059578 _____ () C:\Users\Allan\Documents\cc_20141114_095825.reg
    2014-11-14 09:25 - 2014-11-14 09:25 - 00003106 _____ () C:\windows\System32\Tasks\{4996007D-B884-4718-8077-E4D6D237BBD6}
    2014-11-14 09:02 - 2014-11-14 09:02 - 00003104 _____ () C:\windows\System32\Tasks\{47837D2B-62F4-49CA-B5E8-F8293475488F}
    2014-11-14 09:01 - 2014-11-14 09:01 - 00003106 _____ () C:\windows\System32\Tasks\{15A2629B-8AD5-4660-A6B3-9006476D23ED}
    2014-11-13 09:02 - 2014-11-13 09:02 - 00002058 _____ () C:\Users\Allan\Downloads\Delivery.kml
    2014-11-12 03:35 - 2014-11-12 03:35 - 04918960 _____ (Adobe Systems Incorporated) C:\windows\SysWOW64\FlashPlayerInstaller.exe
    2014-11-12 01:17 - 2014-11-07 13:49 - 00388272 _____ (Microsoft Corporation) C:\windows\system32\iedkcs32.dll
    2014-11-12 01:17 - 2014-11-07 13:23 - 00341168 _____ (Microsoft Corporation) C:\windows\SysWOW64\iedkcs32.dll
    2014-11-12 01:17 - 2014-11-05 22:04 - 02724864 _____ (Microsoft Corporation) C:\windows\system32\mshtml.tlb
    2014-11-12 01:17 - 2014-11-05 22:03 - 00004096 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollectorres.dll
    2014-11-12 01:17 - 2014-11-05 21:47 - 00066560 _____ (Microsoft Corporation) C:\windows\system32\iesetup.dll
    2014-11-12 01:17 - 2014-11-05 21:46 - 00048640 _____ (Microsoft Corporation) C:\windows\system32\ieetwproxystub.dll
    2014-11-12 01:17 - 2014-11-05 21:35 - 00034304 _____ (Microsoft Corporation) C:\windows\system32\iernonce.dll
    2014-11-12 01:17 - 2014-11-05 21:30 - 00114688 _____ (Microsoft Corporation) C:\windows\system32\ieetwcollector.exe
    2014-11-12 01:17 - 2014-11-05 21:28 - 02724864 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.tlb
    2014-11-12 01:17 - 2014-11-05 21:20 - 00968704 _____ (Microsoft Corporation) C:\windows\system32\MsSpellCheckingFacility.exe
    2014-11-12 01:17 - 2014-11-05 21:13 - 00062464 _____ (Microsoft Corporation) C:\windows\SysWOW64\iesetup.dll
    2014-11-12 01:17 - 2014-11-05 21:12 - 00047616 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieetwproxystub.dll
    2014-11-12 01:17 - 2014-11-05 21:10 - 19781632 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtml.dll
    2014-11-12 01:17 - 2014-11-05 21:07 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\JavaScriptCollectionAgent.dll
    2014-11-12 01:17 - 2014-11-05 21:05 - 02277376 _____ (Microsoft Corporation) C:\windows\SysWOW64\iertutil.dll
    2014-11-12 01:17 - 2014-11-05 21:04 - 00047104 _____ (Microsoft Corporation) C:\windows\SysWOW64\jsproxy.dll
    2014-11-12 01:17 - 2014-11-05 21:03 - 00030720 _____ (Microsoft Corporation) C:\windows\SysWOW64\iernonce.dll
    2014-11-12 01:17 - 2014-11-05 21:00 - 00478208 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieui.dll
    2014-11-12 01:17 - 2014-11-05 20:59 - 00115712 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieUnatt.exe
    2014-11-12 01:17 - 2014-11-05 20:58 - 00620032 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9diag.dll
    2014-11-12 01:17 - 2014-11-05 20:57 - 00316928 _____ (Microsoft Corporation) C:\windows\system32\dxtrans.dll
    2014-11-12 01:17 - 2014-11-05 20:48 - 00418304 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtmsft.dll
    2014-11-12 01:17 - 2014-11-05 20:42 - 00060416 _____ (Microsoft Corporation) C:\windows\SysWOW64\JavaScriptCollectionAgent.dll
    2014-11-12 01:17 - 2014-11-05 20:41 - 00800768 _____ (Microsoft Corporation) C:\windows\system32\msfeeds.dll
    2014-11-12 01:17 - 2014-11-05 20:41 - 00716800 _____ (Microsoft Corporation) C:\windows\system32\ie4uinit.exe
    2014-11-12 01:17 - 2014-11-05 20:36 - 00076288 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmled.dll
    2014-11-12 01:17 - 2014-11-05 20:34 - 00285696 _____ (Microsoft Corporation) C:\windows\SysWOW64\dxtrans.dll
    2014-11-12 01:17 - 2014-11-05 20:22 - 00688640 _____ (Microsoft Corporation) C:\windows\SysWOW64\msfeeds.dll
    2014-11-12 01:17 - 2014-11-05 20:21 - 02051072 _____ (Microsoft Corporation) C:\windows\SysWOW64\inetcpl.cpl
    2014-11-12 01:17 - 2014-11-05 20:04 - 01550336 _____ (Microsoft Corporation) C:\windows\system32\urlmon.dll
    2014-11-12 01:17 - 2014-11-05 20:03 - 12819456 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieframe.dll
    2014-11-12 01:17 - 2014-11-05 19:53 - 00799232 _____ (Microsoft Corporation) C:\windows\system32\ieapfltr.dll
    2014-11-12 01:17 - 2014-11-05 19:48 - 01310208 _____ (Microsoft Corporation) C:\windows\SysWOW64\urlmon.dll
    2014-11-12 01:17 - 2014-11-05 19:47 - 00708096 _____ (Microsoft Corporation) C:\windows\SysWOW64\ieapfltr.dll
    2014-11-12 01:17 - 2014-11-05 11:56 - 00304640 _____ (Microsoft Corporation) C:\windows\system32\generaltel.dll
    2014-11-12 01:17 - 2014-11-05 11:56 - 00228864 _____ (Microsoft Corporation) C:\windows\system32\aepdu.dll
    2014-11-12 01:17 - 2014-11-05 11:52 - 00424448 _____ (Microsoft Corporation) C:\windows\system32\aeinv.dll
    2014-11-12 01:17 - 2014-10-13 20:16 - 00155064 _____ (Microsoft Corporation) C:\windows\system32\Drivers\ksecpkg.sys
    2014-11-12 01:17 - 2014-10-13 20:13 - 00683520 _____ (Microsoft Corporation) C:\windows\system32\termsrv.dll
    2014-11-12 01:17 - 2014-10-13 20:12 - 01460736 _____ (Microsoft Corporation) C:\windows\system32\lsasrv.dll
    2014-11-12 01:17 - 2014-10-13 20:09 - 00146432 _____ (Microsoft Corporation) C:\windows\system32\msaudite.dll
    2014-11-12 01:17 - 2014-10-13 20:07 - 00681984 _____ (Microsoft Corporation) C:\windows\system32\adtschema.dll
    2014-11-12 01:17 - 2014-10-13 19:50 - 00022016 _____ (Microsoft Corporation) C:\windows\SysWOW64\secur32.dll
    2014-11-12 01:17 - 2014-10-13 19:49 - 00096768 _____ (Microsoft Corporation) C:\windows\SysWOW64\sspicli.dll
    2014-11-12 01:17 - 2014-10-13 19:47 - 00146432 _____ (Microsoft Corporation) C:\windows\SysWOW64\msaudite.dll
    2014-11-12 01:17 - 2014-10-13 19:46 - 00681984 _____ (Microsoft Corporation) C:\windows\SysWOW64\adtschema.dll
    2014-11-12 01:16 - 2014-11-05 22:03 - 25110016 _____ (Microsoft Corporation) C:\windows\system32\mshtml.dll
    2014-11-12 01:16 - 2014-11-05 21:46 - 00580096 _____ (Microsoft Corporation) C:\windows\system32\vbscript.dll
    2014-11-12 01:16 - 2014-11-05 21:44 - 00088064 _____ (Microsoft Corporation) C:\windows\system32\MshtmlDac.dll
    2014-11-12 01:16 - 2014-11-05 21:43 - 02884096 _____ (Microsoft Corporation) C:\windows\system32\iertutil.dll
    2014-11-12 01:16 - 2014-11-05 21:36 - 00054784 _____ (Microsoft Corporation) C:\windows\system32\jsproxy.dll
    2014-11-12 01:16 - 2014-11-05 21:31 - 00633856 _____ (Microsoft Corporation) C:\windows\system32\ieui.dll
    2014-11-12 01:16 - 2014-11-05 21:30 - 00144384 _____ (Microsoft Corporation) C:\windows\system32\ieUnatt.exe
    2014-11-12 01:16 - 2014-11-05 21:29 - 00814080 _____ (Microsoft Corporation) C:\windows\system32\jscript9diag.dll
    2014-11-12 01:16 - 2014-11-05 21:23 - 06040064 _____ (Microsoft Corporation) C:\windows\system32\jscript9.dll
    2014-11-12 01:16 - 2014-11-05 21:16 - 00490496 _____ (Microsoft Corporation) C:\windows\system32\dxtmsft.dll
    2014-11-12 01:16 - 2014-11-05 21:13 - 00501248 _____ (Microsoft Corporation) C:\windows\SysWOW64\vbscript.dll
    2014-11-12 01:16 - 2014-11-05 21:10 - 00064000 _____ (Microsoft Corporation) C:\windows\SysWOW64\MshtmlDac.dll
    2014-11-12 01:16 - 2014-11-05 21:02 - 00199680 _____ (Microsoft Corporation) C:\windows\system32\msrating.dll
    2014-11-12 01:16 - 2014-11-05 21:00 - 00092160 _____ (Microsoft Corporation) C:\windows\system32\mshtmled.dll
    2014-11-12 01:16 - 2014-11-05 20:39 - 01359360 _____ (Microsoft Corporation) C:\windows\system32\mshtmlmedia.dll
    2014-11-12 01:16 - 2014-11-05 20:38 - 02124288 _____ (Microsoft Corporation) C:\windows\system32\inetcpl.cpl
    2014-11-12 01:16 - 2014-11-05 20:37 - 00168960 _____ (Microsoft Corporation) C:\windows\SysWOW64\msrating.dll
    2014-11-12 01:16 - 2014-11-05 20:30 - 14390272 _____ (Microsoft Corporation) C:\windows\system32\ieframe.dll
    2014-11-12 01:16 - 2014-11-05 20:21 - 04298240 _____ (Microsoft Corporation) C:\windows\SysWOW64\jscript9.dll
    2014-11-12 01:16 - 2014-11-05 20:20 - 01155072 _____ (Microsoft Corporation) C:\windows\SysWOW64\mshtmlmedia.dll
    2014-11-12 01:16 - 2014-11-05 20:17 - 02365440 _____ (Microsoft Corporation) C:\windows\system32\wininet.dll
    2014-11-12 01:16 - 2014-11-05 19:52 - 01892864 _____ (Microsoft Corporation) C:\windows\SysWOW64\wininet.dll
    2014-11-12 01:14 - 2014-10-24 19:57 - 00077824 _____ (Microsoft Corporation) C:\windows\system32\packager.dll
    2014-11-12 01:14 - 2014-10-24 19:32 - 00067584 _____ (Microsoft Corporation) C:\windows\SysWOW64\packager.dll
    2014-11-12 01:14 - 2014-10-17 20:05 - 00861696 _____ (Microsoft Corporation) C:\windows\system32\oleaut32.dll
    2014-11-12 01:14 - 2014-10-17 19:33 - 00571904 _____ (Microsoft Corporation) C:\windows\SysWOW64\oleaut32.dll
    2014-11-12 01:14 - 2014-10-13 20:13 - 03241984 _____ (Microsoft Corporation) C:\windows\system32\msi.dll
    2014-11-12 01:14 - 2014-10-13 19:50 - 02363904 _____ (Microsoft Corporation) C:\windows\SysWOW64\msi.dll
    2014-11-12 01:14 - 2014-10-09 18:57 - 03198976 _____ (Microsoft Corporation) C:\windows\system32\win32k.sys
    2014-11-12 01:14 - 2014-10-02 20:12 - 00500224 _____ (Microsoft Corporation) C:\windows\system32\AUDIOKSE.dll
    2014-11-12 01:14 - 2014-10-02 20:11 - 00680960 _____ (Microsoft Corporation) C:\windows\system32\audiosrv.dll
    2014-11-12 01:14 - 2014-10-02 20:11 - 00440832 _____ (Microsoft Corporation) C:\windows\system32\AudioEng.dll
    2014-11-12 01:14 - 2014-10-02 20:11 - 00296448 _____ (Microsoft Corporation) C:\windows\system32\AudioSes.dll
    2014-11-12 01:14 - 2014-10-02 20:11 - 00284672 _____ (Microsoft Corporation) C:\windows\system32\EncDump.dll
    2014-11-12 01:14 - 2014-10-02 19:44 - 00442880 _____ (Microsoft Corporation) C:\windows\SysWOW64\AUDIOKSE.dll
    2014-11-12 01:14 - 2014-10-02 19:44 - 00374784 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioEng.dll
    2014-11-12 01:14 - 2014-10-02 19:44 - 00195584 _____ (Microsoft Corporation) C:\windows\SysWOW64\AudioSes.dll
    2014-11-12 01:14 - 2014-09-19 03:42 - 00342016 _____ (Microsoft Corporation) C:\windows\system32\schannel.dll
    2014-11-12 01:14 - 2014-09-19 03:42 - 00314880 _____ (Microsoft Corporation) C:\windows\system32\msv1_0.dll
    2014-11-12 01:14 - 2014-09-19 03:42 - 00309760 _____ (Microsoft Corporation) C:\windows\system32\ncrypt.dll
    2014-11-12 01:14 - 2014-09-19 03:42 - 00210944 _____ (Microsoft Corporation) C:\windows\system32\wdigest.dll
    2014-11-12 01:14 - 2014-09-19 03:42 - 00086528 _____ (Microsoft Corporation) C:\windows\system32\TSpkg.dll
    2014-11-12 01:14 - 2014-09-19 03:42 - 00022016 _____ (Microsoft Corporation) C:\windows\system32\credssp.dll
    2014-11-12 01:14 - 2014-09-19 03:23 - 00259584 _____ (Microsoft Corporation) C:\windows\SysWOW64\msv1_0.dll
    2014-11-12 01:14 - 2014-09-19 03:23 - 00248832 _____ (Microsoft Corporation) C:\windows\SysWOW64\schannel.dll
    2014-11-12 01:14 - 2014-09-19 03:23 - 00221184 _____ (Microsoft Corporation) C:\windows\SysWOW64\ncrypt.dll
    2014-11-12 01:14 - 2014-09-19 03:23 - 00172032 _____ (Microsoft Corporation) C:\windows\SysWOW64\wdigest.dll
    2014-11-12 01:14 - 2014-09-19 03:23 - 00065536 _____ (Microsoft Corporation) C:\windows\SysWOW64\TSpkg.dll
    2014-11-12 01:14 - 2014-09-19 03:23 - 00017408 _____ (Microsoft Corporation) C:\windows\SysWOW64\credssp.dll
    2014-11-12 01:14 - 2014-08-21 00:43 - 01882624 _____ (Microsoft Corporation) C:\windows\system32\msxml3.dll
    2014-11-12 01:14 - 2014-08-21 00:40 - 00002048 _____ (Microsoft Corporation) C:\windows\system32\msxml3r.dll
    2014-11-12 01:14 - 2014-08-21 00:26 - 01237504 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3.dll
    2014-11-12 01:14 - 2014-08-21 00:23 - 00002048 _____ (Microsoft Corporation) C:\windows\SysWOW64\msxml3r.dll
    2014-11-12 01:14 - 2014-08-11 20:02 - 00878080 _____ (Microsoft Corporation) C:\windows\system32\IMJP10K.DLL
    2014-11-12 01:14 - 2014-08-11 19:36 - 00701440 _____ (Microsoft Corporation) C:\windows\SysWOW64\IMJP10K.DLL

    ==================== One Month Modified Files and Folders =======

    (If an entry is included in the fixlist, the file\folder will be moved.)

    2014-12-11 17:31 - 2011-11-08 11:21 - 00000000 ____D () C:\Users\Allan\Documents\Outlook Files
    2014-12-11 17:30 - 2011-11-02 08:07 - 00000000 ____D () C:\Users\Allan\AppData\Roaming\Skype
    2014-12-11 17:13 - 2013-08-09 15:12 - 00000000 ____D () C:\Users\Allan\Documents\Visual Studio 2012
    2014-12-11 17:13 - 2012-01-25 09:15 - 00000000 ____D () C:\VPC
    2014-12-11 17:13 - 2011-11-11 09:55 - 00000000 ___RD () C:\Users\Allan\Virtual Machines
    2014-12-11 17:08 - 2014-03-17 18:46 - 00000896 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineUA.job
    2014-12-11 16:01 - 2013-05-01 13:23 - 00000000 ____D () C:\Users\Allan\AppData\Local\Paint.NET
    2014-12-11 12:39 - 2011-10-06 15:09 - 01361169 _____ () C:\windows\WindowsUpdate.log
    2014-12-11 09:42 - 2011-11-03 12:43 - 00000000 ____D () C:\Users\Allan\Documents\Visual Studio 2008
    2014-12-11 08:34 - 2013-08-21 11:59 - 00000000 ____D () C:\temp
    2014-12-11 08:22 - 2012-04-25 18:19 - 00000000 ____D () C:\Program Files (x86)\Mozilla Maintenance Service
    2014-12-11 08:08 - 2014-03-17 18:46 - 00000892 _____ () C:\windows\Tasks\GoogleUpdateTaskMachineCore.job
    2014-12-11 08:07 - 2012-01-08 09:12 - 00000000 ____D () C:\Program Files (x86)\Steam
    2014-12-10 16:00 - 2009-07-13 22:45 - 00033552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2014-12-10 16:00 - 2009-07-13 22:45 - 00033552 ____H () C:\windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2014-12-10 08:55 - 2011-10-31 12:49 - 00004517 _____ () C:\Users\Allan\.kdiff3rc
    2014-12-10 08:34 - 2011-10-29 08:21 - 00000000 ____D () C:\Users\Allan\AppData\Local\Eclipse
    2014-12-09 09:08 - 2011-11-02 08:55 - 00001945 _____ () C:\windows\epplauncher.mif
    2014-12-09 09:02 - 2014-03-17 18:46 - 00000000 ____D () C:\Program Files (x86)\Google
    2014-12-09 08:40 - 2011-11-08 14:13 - 31789056 _____ () C:\Users\Allan\Documents\Sorenson.mny
    2014-12-09 08:37 - 2014-10-16 12:59 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
    2014-12-09 08:34 - 2014-10-30 05:40 - 00000000 ____D () C:\ProgramData\YuvpuLapco
    2014-12-09 08:34 - 2009-07-13 23:08 - 00000006 ____H () C:\windows\Tasks\SA.DAT
    2014-12-09 08:34 - 2009-07-13 21:20 - 00000000 __RSD () C:\windows\Media
    2014-12-08 14:26 - 2011-11-07 13:10 - 00000000 ____D () C:\Users\Allan\AppData\Local\CrashDumps
    2014-12-08 13:35 - 2011-11-14 10:29 - 00000000 ____D () C:\Users\Allan\Documents\SQL Server Management Studio
    2014-12-08 09:54 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\system32\NDF
    2014-12-06 19:22 - 2011-11-13 08:06 - 00000000 ____D () C:\Users\Allan\Documents\money
    2014-12-04 13:28 - 2009-07-13 23:13 - 00878740 _____ () C:\windows\system32\PerfStringBackup.INI
    2014-12-02 15:44 - 2011-11-08 18:53 - 00000000 ____D () C:\Users\Allan\AppData\Local\Adobe
    2014-12-01 13:57 - 2013-07-26 09:49 - 00010110 _____ () C:\Users\Allan\_viminfo
    2014-12-01 13:57 - 2011-10-28 16:23 - 00000000 ____D () C:\Users\Allan
    2014-11-27 17:04 - 2011-11-13 08:49 - 00000000 ____D () C:\Users\Allan\Documents\Docs-N-More
    2014-11-27 16:27 - 2012-06-03 14:25 - 00000000 ____D () C:\Users\Allan\Documents\Manuals
    2014-11-25 14:53 - 2014-10-28 04:53 - 00000000 ____D () C:\Users\Allan\AppData\Local\Deployment
    2014-11-24 14:21 - 2011-11-08 18:53 - 00000000 ____D () C:\ProgramData\Adobe
    2014-11-24 14:04 - 2010-11-20 21:27 - 00275080 ____N (Microsoft Corporation) C:\windows\system32\MpSigStub.exe
    2014-11-17 11:55 - 2013-08-09 14:32 - 00000000 ____D () C:\ProgramData\Package Cache
    2014-11-17 11:44 - 2013-08-09 14:41 - 00000000 ____D () C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Microsoft Visual Studio 2012
    2014-11-16 09:00 - 2011-11-08 18:53 - 00000000 ____D () C:\Program Files (x86)\Adobe
    2014-11-14 10:00 - 2011-11-02 08:07 - 00000000 ___RD () C:\Program Files (x86)\Skype
    2014-11-14 09:22 - 2011-04-26 01:22 - 00000000 ___HD () C:\Program Files (x86)\InstallShield Installation Information
    2014-11-13 20:05 - 2011-11-02 08:07 - 00000000 ____D () C:\ProgramData\Skype
    2014-11-12 21:48 - 2009-07-13 21:20 - 00000000 ____D () C:\windows\rescache
    2014-11-12 21:11 - 2011-10-29 08:11 - 00116560 _____ () C:\Users\Allan\AppData\Local\GDIPFONTCACHEV1.DAT
    2014-11-12 20:53 - 2009-07-13 22:45 - 00437368 _____ () C:\windows\system32\FNTCACHE.DAT
    2014-11-12 20:48 - 2014-06-11 06:49 - 00000000 ___SD () C:\windows\system32\CompatTel
    2014-11-12 19:41 - 2011-11-03 12:42 - 00000000 ____D () C:\ProgramData\Microsoft Help
    2014-11-12 19:35 - 2013-10-05 15:13 - 00000000 ____D () C:\windows\system32\MRT
    2014-11-12 18:54 - 2011-10-31 07:51 - 103374192 _____ (Microsoft Corporation) C:\windows\system32\MRT.exe

    Files to move or delete:
    ====================
    C:\Users\Allan\btest.bat
    C:\Users\Allan\gosetup.exe
    C:\Users\Allan\gotomypc_635.exe


    Some content of TEMP:
    ====================
    C:\Users\Allan\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe


    ==================== Bamital & volsnap Check =================

    (There is no automatic fix for files that do not pass verification.)

    C:\Windows\System32\winlogon.exe => File is digitally signed
    C:\Windows\System32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\System32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\System32\services.exe => File is digitally signed
    C:\Windows\System32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\System32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\System32\rpcss.dll => File is digitally signed
    C:\Windows\System32\Drivers\volsnap.sys => File is digitally signed


    LastRegBack: 2014-12-05 00:49

    ==================== End Of Log ============================

  6. #6
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Allan,

    Sorry for the delay. I am reviewing your log now. Do you recognize the following:

    C:\Users\Allan\btest.bat

    I don't want to include this in my fix if you created that .bat file unless you are through with it.
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  7. #7
    Member Spyware Fighter DonnaB's Avatar
    Join Date
    Apr 2009
    Location
    Illiana, Ill. USA
    Posts
    3,521
    Points
    563

    Default

    Hi Allan,

    Please do the following:

    Please download AdwCleaner by Xplode and save to your Desktop.
    • Double-click AdwCleaner.exe to run the tool.
      Note: Windows Vista, Windows 7/8 users right-click and select Run As Administrator.
    • Click the Scan button.
    • AdwCleaner will begin. Be patient as the scan may take some time to complete.
    • The contents of the scan results may be confusing. If you see a program name that you know should not be removed, uncheck the results and please let me know about it.
    • Click the Clean button.
    • Press OK when asked to close all programs and follow the onscreen prompts.
    • Press OK again to allow AdwCleaner to restart the computer and complete the removal process.
    • After rebooting, a logfile report (AdwCleaner[S0].txt) will open automatically.
    • Copy and paste the contents of that logfile in your next reply.
    • A copy of that logfile will also be saved in the C:\AdwCleaner folder.


    Next:

    Please download Junkware Removal Tool to your desktop.

    • Disable your protection software now to avoid potential conflicts.
    • Run the tool by double-clicking on XP. Or right click and select Run as Administrator Vista/Win7 and above.
    • The tool will open and start scanning your system.
    • Please be patient as this can take a while to complete depending on your system's specifications.
    • On completion, a log (JRT.txt) is saved to your desktop and will automatically open.
    • Post the contents of JRT.txt into your next message.


    Next:

    I omitted the .bat file till I find out from you if it is a keeper or not.

    • Open notepad (Start =>All Programs => Accessories => Notepad).
    • Please copy the entire contents of the code box below.
      (To do this highlight the contents of the box, right click on it and select copy. Right-click in the open notepad and select Paste).
    • Save it to the same direction as frst.exe (or frst64.exe) as fixlist.txt.

      Code:
      Task: {0E80109D-5690-4F01-96FD-5C6D4415224A} - \BackgroundContainer Startup Task No Task File <==== ATTENTION
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\75837955.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\83241577.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\75837955.sys => ""="Driver"
      HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\83241577.sys => ""="Driver"
      ShellIconOverlayIdentifiers-x32: [NG3CheckedOut] -> {1E5E1445-6CEA-4761-8E45-AA19F654571E} => No File
      ShellIconOverlayIdentifiers-x32: [NG3ReadOnly] -> {1AB81E72-CB2F-11D3-8D3B-AC2F34F1FA3C} => No File
      GroupPolicy: Group Policy on Chrome detected <======= ATTENTION
      CHR HKLM\SOFTWARE\Policies\Google: Policy restriction <======= ATTENTION
      S1 apkblvha; \??\C:\windows\system32\drivers\apkblvha.sys [X]
      S1 gitpgnop; \??\C:\windows\system32\drivers\gitpgnop.sys [X]
      S1 kjcrmsbj; \??\C:\windows\system32\drivers\kjcrmsbj.sys [X]
      S1 nohaapzk; \??\C:\windows\system32\drivers\nohaapzk.sys [X]
      S1 reeoxjdr; \??\C:\windows\system32\drivers\reeoxjdr.sys [X]
      S1 vyfnsupc; \??\C:\windows\system32\drivers\vyfnsupc.sys [X]
      2014-12-09 08:37 - 2014-10-16 12:59 - 00000000 ___HD () C:\ProgramData\{9A88E103-A20A-4EA5-8636-C73B709A5BF8}
      C:\Users\Allan\AppData\Local\Temp\install_flashplayer15x32_mssd_aaa_aih.exe
      C:\Users\Allan\gosetup.exe
      C:\Users\Allan\gotomypc_635.exe
      
      Hosts:
      EmptyTemp:
      NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system
    • Run frst.exe (on 64bit, run frst64.exe) and press the Fix button just once and wait.
    • The tool will make a log (Fixlog.txt) which you find where you saved FRST. Please post it to your reply.


    In your next reply,please post the following logs:

    AdwCleaner[S0].txt
    JRT.txt
    Fixlog.txt


    Thank you,
    Donna
    If you think you might be infected with malware or have recently cleansed your computer of malware without the help of an expert, please read and follow the instructions in How to Start Removing Viruses and Spyware from your Computer. This can alleviate time consumed in trouble shooting your current computer problems.

    If your problem is solved, here's how to say thanks!

    Very proud parent of a U.S. Navy "CB"



    "People may forget what you say,
    People may forget what you did,
    but People will never forget how you made them feel!"

  8. #8
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Default

    I have only done AdwCleaner so far. Let run overnight. Cleaned this morning. Rebooted.
    Rebooted to login screen quickly. The desktop loaded EXTREMELY slowly. The network icon in the notifiation area says there is not connection, yet 3 undecorated, unidentified browsers came up, 2 of which were playing videos. They did not show in the Applications tab of Task Manager. So I launched Firefox to post this. I am rebooting again right after I send this.

    AdwCleaner log:

    # AdwCleaner v4.105 - Report created 12/12/2014 at 09:04:39
    # Updated 08/12/2014 by Xplode
    # Database : 2014-12-08.2 [Live]
    # Operating System : Windows 7 Professional Service Pack 1 (64 bits)
    # Username : Allan - ZT-W7
    # Running from : C:\Users\Allan\Desktop\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****


    ***** [ Files / Folders ] *****

    Folder Deleted : C:\SearchProtect
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\ShowMyPCService
    Folder Deleted : C:\windows\SysWOW64\ARFC
    Folder Deleted : C:\windows\SysWOW64\WNLT
    Folder Deleted : C:\Program Files\FreeFixer
    Folder Deleted : C:\windows\System32\ARFC
    Folder Deleted : C:\Users\Administrator\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Administrator\AppData\Local\torch
    Folder Deleted : C:\Users\Allan\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Allan\AppData\Local\Conduit
    Folder Deleted : C:\Users\Allan\AppData\Local\FreeFixer
    Folder Deleted : C:\Users\Allan\AppData\Local\torch
    Folder Deleted : C:\Users\Allan\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\Allan\AppData\Roaming\FreeFixer
    Folder Deleted : C:\Users\Allan\AppData\Roaming\serv
    Folder Deleted : C:\Users\Allan\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\FreeFixer
    Folder Deleted : C:\Users\Guest\AppData\Local\Chromatic Browser
    Folder Deleted : C:\Users\Guest\AppData\Local\torch
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk
    Folder Deleted : C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk
    Folder Deleted : C:\Users\Administrator\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk
    Folder Deleted : C:\Users\Allan\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk
    Folder Deleted : C:\Users\Guest\AppData\Local\Google\Chrome\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk
    Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk
    Folder Deleted : C:\Users\Allan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk
    Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jbhjdffccldaedejeodmkcgohpjolfdk
    Folder Deleted : C:\Users\Administrator\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk
    Folder Deleted : C:\Users\Allan\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk
    Folder Deleted : C:\Users\Guest\AppData\Local\Comodo\Dragon\User Data\Default\Extensions\jikdkffagnfkpcjabiccddnnjembdcnk
    File Deleted : C:\END
    File Deleted : C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\invalidprefs.js
    File Deleted : C:\Users\Allan\AppData\Roaming\Mozilla\Firefox\Profiles\xppm7on0.default\user.js

    ***** [ Scheduled Tasks ] *****

    Task Deleted : BackgroundContainer Startup Task

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\DOMStorage\ask.com
    Key Deleted : HKCU\Software\AppDataLow\{5F189DF5-2D05-472B-9091-84D9848AE48B}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{DE9028D0-5FFA-4E69-94E3-89EE8741F468}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{E7DF6BFF-55A5-4EB7-A673-4ED3E9456D39}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{9C049BA6-EA47-4AC3-AED6-A66D8DC9E1D8}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{03E2A1F3-4402-4121-8B35-733216D61217}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{79FB5FC8-44B9-4AF5-BADD-CCE547F953E5}
    Key Deleted : [x64] HKLM\SOFTWARE\Classes\Interface\{9E3B11F6-4179-4603-A71B-A55F4BCB0BEC}
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Goobzo
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\AppDataLow\Toolbar
    Key Deleted : HKCU\Software\AppDataLow\Software\BackgroundContainer
    Key Deleted : HKLM\SOFTWARE\{3A7D3E19-1B79-4E4E-BD96-5467DA2C4EF0}
    Key Deleted : HKLM\SOFTWARE\{77D46E27-0E41-4478-87A6-AABE6FBCF252}
    Key Deleted : HKLM\SOFTWARE\BrowserSafeGuard
    Key Deleted : HKLM\SOFTWARE\TBID
    Key Deleted : [x64] HKLM\SOFTWARE\Description
    Key Deleted : [x64] HKLM\SOFTWARE\TBID

    ***** [ Browsers ] *****

    -\\ Internet Explorer v11.0.9600.17420


    -\\ Mozilla Firefox v34.0.5 (x86 en-US)


    -\\ Google Chrome v

    [C:\Users\Allan\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://www.ixquick.com

    -\\ Comodo Dragon v

    [C:\Users\Allan\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://www.ixquick.com

    -\\ Opera v0.0.0.0

    [C:\Users\Allan\AppData\Roaming\Opera Software\Opera Stable\Web Data] - Deleted [Search Provider] : hxxp://www.ixquick.com

    *************************

    AdwCleaner[R0].txt - [5496 octets] - [11/12/2014 22:29:29]
    AdwCleaner[S0].txt - [5526 octets] - [12/12/2014 09:04:39]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [5586 octets] ##########

  9. #9
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Default

    I forgot to mention: When I launched Firefox the other 3 browsers disappeared.
    I do not remember writing btest.bat. If I did I no longer need it (it contains a ping to loop back).
    Desk top loaded better this time. Internet connection icon shows normal.
    When I rebooted Windows said it was installing 20 updates at shutdown & 19280 on bootup.
    Last edited by Allans; 12-12-2014 at 10:00 AM.

  10. #10
    Member
    Join Date
    Dec 2014
    Posts
    25
    Points
    0

    Default

    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Junkware Removal Tool (JRT) by Thisisu
    Version: 6.4.0 (11.29.2014:1)
    OS: Windows 7 Professional x64
    Ran by Allan on Fri 12/12/2014 at 10:04:51.33
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




    ~~~ Services



    ~~~ Registry Values



    ~~~ Registry Keys

    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{11111111-1111-1111-1111-110011441193}
    Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{11111111-1111-1111-1111-110011441193}



    ~~~ Files



    ~~~ Folders



    ~~~ FireFox

    Successfully deleted: [File] C:\user.js
    Emptied folder: C:\Users\Allan\AppData\Roaming\mozilla\firefox\profiles\xppm7on0.default\minidumps [111 files]



    ~~~ Event Viewer Logs were cleared





    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
    Scan was completed on Fri 12/12/2014 at 10:11:58.17
    End of JRT log
    ~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

Page 1 of 5 123 ... LastLast