help with removal of http://gooogle-analytics.com/ga.min.js problem

[crazelion]

hi everyone

I need some help with removing this from firefox.

I have ran so far:
Anti-Virus Avast
Vista 32 bit OS
CCleaner
Spy Bot Search and Destroy
Spy Sweeper

I am totaling surprise that i have malware in firefox.


 Here is the problem first:

http://gooogle-analytics.com/ga.min.js
Process:   file://C:\Program Files\Mozilla Firefox\firefox.exe
Infection:   al

SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/22/2011 at 10:03 PM

Application Version : 5.0.1118

Core Rules Database Version : 5352
Trace Rules Database Version: 3164

Scan type       : Complete Scan
Total Scan Time : 00:13:04

Operating System Information
Windows Vista Ultimate 32-bit, Service Pack 2 (Build 6.00.6002)
UAC On - Limited User (Administrator User)

Memory items scanned      : 807
Memory threats detected   : 0
Registry items scanned    : 52638
Registry threats detected : 1
File items scanned        : 15938
File threats detected     : 846

Malware.Trace
   HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Winlogon#Taskman

Adware.Tracking Cookie
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .anrtx.tacoda.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ar.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ar.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ru4.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mediaplex.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .realmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .imrworldwide.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .imrworldwide.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .r1-ads.ace.advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .yieldmanager.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adxpose.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pro-market.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .v11media.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .apmebf.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   media303.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .trafficmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .trafficmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .trafficmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .specificclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .serving-sys.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .v11media.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .viewablemedia.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .mediaplex.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   content2.kitnmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .content.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .content.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.burstnet.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.burstbeacon.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .www.burstnet.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstnet.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .burstnet.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   leads.specificmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   www.campusexplorer.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adserver.adtechus.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tribalfusion.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .lucidmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .revsci.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .atdmt.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tacoda.at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .a1.interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .doubleclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .fastclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .media6degrees.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .tinbuadserv.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
   .microsoftwlsearchcrm.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .solvemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .solvemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   content2.kitnmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .at.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .atdmt.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ncp.imrworldwide.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .mediaplex.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .apmebf.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .s.clickability.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .interclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   wstat.wibiya.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .legolas-media.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .adxpose.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .mlbam.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .lucidmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   in.getclicky.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.campusexplorer.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .bruceclay.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .imrworldwide.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .biglots.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .thefind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .walmart.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   tracker.roitesting.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .specificmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .msnbc.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .steelhousemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   data.coremetrics.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .eyewonder.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .microsoftsto.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .viewablemedia.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ar.atwola.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .pubads.g.doubleclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .pubads.g.doubleclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .trafficmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .trafficmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .trafficmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clickbank.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .getclicky.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .static.getclicky.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .bizrate.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .bizrate.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .bizrate.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .steelhousemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   find.keywordblocks.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .farecastcom.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   s09.flagcounter.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.campusexplorer.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   trafficcenter.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicksia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicksia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .thefind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .thefind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .thefind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .stylefind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .fastclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .fastclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .daveandbusters.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .lfstmedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .qksrv.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .microsoftwlcashback.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .traffichoopla.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   fls.doubleclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   fls.doubleclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .specificclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .specificclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .specificclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .specificclick.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   citi.bridgetrack.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .histats.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .v11media.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .purityproducts.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .autoclickprofits.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .autoclickprofits.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nandomedia.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   s09.flagcounter.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   ads2.phonearena.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   ads2.phonearena.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .levelwing.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .trackalyzer.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .invitemedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .tripleclicks.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .tripleclicks.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .tripleclicks.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .123count.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   teenfuntest.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   teenfuntest.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   teenfuntest.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   teenfuntest.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   surveysampling.directtrack.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .directtrack.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .furniturerow.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .buycom.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   traffic.buyservices.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clickaider.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .123count.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .123count.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .usatoday1.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   optimize.indieclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   optimize.indieclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   optimize.indieclick.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ads.pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .pointroll.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.online-media-stats.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .e-2dj6wjkyahcjaap.stats.esomniture.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   s06.flagcounter.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .traffic-zombie.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .traffic-zombie.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .adtech.de [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .roughcountry.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .roughcountry.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.clickmanage.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.clickmanage.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   hit.deckstats.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   click.eyk.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .e-2dj6aeligjdzmaq.stats.esomniture.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .content.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   clicks.thespecialsearch.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .shopica.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ru4.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ru4.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   trackrev.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .nextag.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .statcounter.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   go.flowclicks.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .raisingthequestion.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .raisingthequestion.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .brandonadvertising.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .stylefind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   fr.sitestat.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   fr.sitestat.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ldproducts.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.keystatsurvey.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .qksrv.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .qksrv.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.qksrv.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.findyour-replacementwindows.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.findyour-replacementwindows.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.findyour-replacementwindows.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   linktrack.info [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   path.trackinglabs.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .liveperson.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .counter.hyipexplorer.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .shinystat.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   www.googleadservices.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .aplaceformom.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   pointclicktrack.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .ru4.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .azjmp.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .shefinds.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .shefinds.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .paypal.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .stats.paypal.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .serving-sys.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .questionmarket.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   socialmedia.themoneypie.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .target.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   citi.bridgetrack.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   citi.bridgetrack.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.walmart.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.walmart.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.walmart.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .linksynergy.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   xml.happytofind.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .mediaforge.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .infrastrategy.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   affiliate.gwmtracker.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .orbitzaway.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .bassproshops.122.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .xiti.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   ad.yieldmanager.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   media303.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .zedo.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .vyvanseadult.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .vyvanseadult.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .vyvanseadult.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .driverfinderpro.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .driverfinderpro.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicktrackprofit.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicktrackprofit.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicktrackprofit.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicktrackprofit.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .clicktrackprofit.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   s05.flagcounter.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .c.gigcount.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .dmtracker.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .alexanderinteractive.112.2o7.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .www.burstnet.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .insightexpressai.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .adbrite.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   surveyfindweb.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   surveyfindweb.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   surveyfindweb.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   surveyfindweb.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   surveyfindweb.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   tracking.surveyclub.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   tracking.surveyclub.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   affiliate.immstracker.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .intermundomedia.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .a.websponsors.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .collective-media.net [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .r1-ads.ace.advertising.com [ C:\USERS\ADMINSTRATOR\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\EO1S6XMS.DEFAULT\COOKIES.SQLITE ]
   .e-2dj6wjnyooajclo

[SuperDave]

Hello and welcome to Computer Hope Forum. My name is Dave. I will be helping you out with your particular problem on your computer.

1. I will be working on your Malware issues. This may or may not solve other issues you have with your machine.
2. The fixes are specific to your problem and should only be used for this issue on this machine.
3. If you don't know or understand something, please don't hesitate to ask.
4. Please DO NOT run any other tools or scans while I am helping you.
5. It is important that you reply to this thread. Do not start a new topic.
6. Your security programs may give warnings for some of the tools I will ask you to use. Be assured, any links I give are safe.
7. Absence of symptoms does not mean that everything is clear.

If you can't access the internet with your infected computer you will have to download and transfer any programs to the computer you're using now and transfer them to the infected computer with a CD-RW or a USB storage device. I prefer a CD because a storage device can get infected. If you use a storage device hold the shift key down while inserting the USB storage device for about 10 secs. You will also have to transfer the logs you receive back to the good computer using the same method until we can get the computer back on-line.
*************************************************************************
Please download Malwarebytes Anti-Malware from here.
Double Click mbam-setup.exe to install the application.

• Make sure a checkmark is placed next to Update Malwarebytes' Anti-Malware and Launch Malwarebytes Anti-Malware, then click Finish.
  
• If an update is found, it will download and install the latest version.
• Once the program has loaded, select "Perform Full Scan", then click Scan.
  
• The scan may take some time to finish,so please be patient.
• When the scan is complete, click OK, then Show Results to view the results.
• Make sure that everything is checked, and click Remove Selected.
  
• When disinfection is completed, a log will open in Notepad and you may be prompted to Restart. (See Extra Note)
• Please save the log to a location you will remember.
• The log is automatically saved by MBAM and can be viewed by clicking the Logs tab in MBAM.
• Copy and paste the entire report in your next reply.

Extra Note:

If MBAM encounters a file that is difficult to remove,you will be presented with 1 of 2 prompts,click OK to either and let MBAM proceed with the disinfection process. If asked to restart the computer, please do so immediately.
************************************************
Download DDS from HERE or HERE and save it to your desktop.

Vista users right click on dds and select Run as administrator (you will receive a UAC prompt, please allow it)

* XP users Double click on dds to run it.
* If your antivirus or firewall try to block DDS then please allow it to run.
* When finished DDS will open two (2) logs.
* Save both reports to your desktop.
* The instructions here ask you to attach the Attach.txt.



1) DDS.txt
2) Attach.txt
Instead of attaching, please copy/past both logs into your Thread

Note: DDS will instruct you to post the Attach.txt log as an attachment.
Please just post it as you would any other log by copying and pasting it into the reply.

•Close the program window, and delete the program from your desktop.

Please note: You may have to disable any script protection running if the scan fails to run.
After downloading the tool, disconnect from the internet and disable all antivirus protection.
Run the scan, enable your A/V and reconnect to the internet.
Information on A/V control HERE .Then post your DDS logs. (DDS.txt and Attach.txt )

[crazelion]

Malwarebytes' Anti-Malware 1.51.2.1300
www.malwarebytes.org

Database version: 7784

Windows 6.0.6002 Service Pack 2
Internet Explorer 9.0.8112.16421

9/23/2011 11:34:29 PM
mbam-log-2011-09-23 (23-34-29).txt

Scan type: Full scan (C:\|)
Objects scanned: 394684
Time elapsed: 1 hour(s), 34 minute(s), 56 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 0
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
(No malicious items detected)

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

[crazelion]

.
DDS (Ver_2011-06-23.01) - NTFSx86
Internet Explorer: 9.0.8112.16421  BrowserJavaVersion: 1.6.0_24
Run by adminstrator at 0:05:51 on 2011-09-24
Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.2046.865 [GMT -4:00]
.
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
SP: Spy Sweeper *Enabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
.
============== Running Processes ===============
.
C:\Windows\system32\wininit.exe
C:\Windows\system32\lsm.exe
C:\Windows\system32\svchost.exe -k DcomLaunch
C:\Program Files\Webroot\Spy Sweeper\WRConsumerService.exe
C:\Windows\system32\svchost.exe -k rpcss
C:\Windows\System32\svchost.exe -k secsvcs
C:\Windows\System32\svchost.exe -k LocalServiceNetworkRestricted
C:\Windows\System32\svchost.exe -k LocalSystemNetworkRestricted
C:\Windows\system32\svchost.exe -k netsvcs
C:\Windows\system32\svchost.exe -k GPSvcGroup
C:\Windows\system32\SLsvc.exe
C:\Windows\system32\svchost.exe -k LocalService
C:\Windows\system32\svchost.exe -k NetworkService
C:\Windows\System32\ZoneLabs\vsmon.exe
C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
C:\Program Files\CheckPoint\ZAForceField\IswSvc.exe
C:\Windows\System32\spoolsv.exe
C:\Windows\system32\svchost.exe -k LocalServiceNoNetwork
C:\Windows\system32\Dwm.exe
C:\Windows\system32\taskeng.exe
C:\Windows\system32\taskeng.exe
C:\Windows\Explorer.EXE
C:\Windows\system32\taskeng.exe
C:\Program Files\IObit\Advanced SystemCare 4\PMonitor.exe
C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
C:\Program Files\IObit\Smart Defrag 2\SmartDefrag.exe
C:\Program Files\Google\Update\1.3.21.69\GoogleCrashHandler.exe
C:\Program Files\SUPERAntiSpyware\SASCORE.EXE
C:\Program Files\IObit\Advanced SystemCare 4\ASCService.exe
C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe
C:\Windows\system32\svchost.exe -k hpdevmgmt
C:\Program Files\Intel\Intel Matrix Storage Manager\Iaantmon.exe
c:\Program Files\Common Files\LightScribe\LSSrvc.exe
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\System32\svchost.exe -k HPZ12
C:\Windows\system32\svchost.exe -k NetworkServiceNetworkRestricted
C:\Windows\system32\svchost.exe -k imgsvc
C:\Program Files\Webroot\Spy Sweeper\SpySweeper.exe
C:\Windows\System32\svchost.exe -k WerSvcGroup
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
C:\Windows\system32\SearchIndexer.exe
C:\Windows\system32\DRIVERS\xaudio.exe
C:\Windows\system32\WUDFHost.exe
C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
C:\Program Files\Windows Defender\MSASCui.exe
C:\Program Files\Windows Media Player\wmpnscfg.exe
C:\hp\support\hpsysdrv.exe
C:\Windows\system32\wbem\unsecapp.exe
C:\Program Files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe
C:\Program Files\Windows Media Player\wmpnetwk.exe
C:\Windows\system32\wbem\wmiprvse.exe
C:\Windows\RtHDVCpl.exe
C:\Windows\System32\rundll32.exe
C:\Program Files\Intel\Intel Matrix Storage Manager\IAAnotif.exe
C:\Program Files\Zone Labs\ZoneAlarm\zlclient.exe
C:\Program Files\Adobe\Reader 9.0\Reader\reader_sl.exe
C:\Program Files\Alwil Software\Avast5\AvastUI.exe
C:\Program Files\HP\HP Software Update\hpwuschd2.exe
C:\Program Files\Real\RealPlayer\Update\realsched.exe
C:\Program Files\Webroot\Spy Sweeper\SpySweeperUI.exe
C:\Program Files\Windows Sidebar\sidebar.exe
C:\Windows\ehome\ehtray.exe
C:\Program Files\IObit\Advanced SystemCare 4\ASCTray.exe
C:\Windows\ehome\ehmsas.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Windows\system32\svchost.exe -k LocalServiceAndNoImpersonation
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqSTE08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqbam08.exe
C:\Program Files\Hewlett-Packard\Digital Imaging\bin\hpqgpc01.exe
C:\Program Files\Hewlett-Packard\HP Health Check\hphc_service.exe
C:\Program Files\CheckPoint\ZAForceField\ForceField.exe
C:\Users\adminstrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\adminstrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\adminstrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Users\adminstrator\AppData\Local\Google\Chrome\Application\chrome.exe
C:\Windows\servicing\TrustedInstaller.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\DllHost.exe
C:\Windows\system32\wbem\wmiprvse.exe
.
============== Pseudo HJT Report ===============
.
uStart Page = hxxp://toolbar.discoverbing.com/toolbar/en-us.html
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
mDefault_Page_URL = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
uURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa2.dll
mURLSearchHooks: H - No File
mURLSearchHooks: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa2.dll
BHO: HP Print Enhancer: {0347c33e-8762-4905-bf09-768834316c61} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_printenhancer.dll
BHO: Adobe PDF Link Helper: {18df081c-e8ad-4283-a596-fa578c2ebdc3} - c:\program files\common files\adobe\acrobat\activex\AcroIEHelperShim.dll
BHO: RealPlayer Download and Record Plugin for Internet Explorer: {3049c3e9-b461-4bc5-8870-4c09146192ca} - c:\programdata\real\realplayer\browserrecordplugin\ie\rpbrowserrecordplugin.dll
BHO: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
BHO: Spybot-S&D IE Protection: {53707962-6f74-2d53-2644-206d7942484f} - c:\program files\spybot - search & destroy\SDHelper.dll
BHO: SSVHelper Class: {761497bb-d6f0-462c-b6eb-d4daf1d92d43} - c:\program files\java\jre6\bin\ssv.dll
BHO: ZoneAlarm Security Engine Registrar: {8a4a36c2-0535-4d2c-bd3d-496cb7eed6e3} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
BHO: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa2.dll
BHO: Windows Live ID Sign-in Helper: {9030d464-4c02-4abf-8ecc-5164760863c6} - c:\program files\common files\microsoft shared\windows live\WindowsLiveLogin.dll
BHO: Google Toolbar Helper: {aa58ed58-01dd-4d91-8333-cf10577473f7} - c:\program files\google\google toolbar\GoogleToolbar.dll
BHO: Google Toolbar Notifier BHO: {af69de43-7d58-4638-b6fa-ce66b5ad205d} - c:\program files\google\googletoolbarnotifier\5.6.5612.1312\swg.dll
BHO: Google Dictionary Compression sdch: {c84d72fe-e17d-4195-bb24-76c02e2e7c4e} - c:\program files\google\google toolbar\component\fastsearch_219B3E1547538286.dll
BHO: Java(tm) Plug-In 2 SSV Helper: {dbc80044-a445-435b-bc74-9c25c1c588a9} - c:\program files\java\jre6\bin\jp2ssv.dll
BHO: HP Smart BHO Class: {ffffffff-cf4e-4f2b-bdc2-0e72e116a856} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll
TB: &Google Toolbar: {2318c2b1-4965-11d4-9b18-009027a5cd4f} - c:\program files\google\google toolbar\GoogleToolbar.dll
TB: ZoneAlarm Security Engine: {ee2ac4e5-b0b0-4ec6-88a9-bca1a32ab107} - c:\program files\checkpoint\zaforcefield\trustchecker\bin\TrustCheckerIEPlugin.dll
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: Swag Bucks Toolbar: {8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94} - c:\program files\swag_bucks\prxtbSwa2.dll
TB: Conduit Engine : {30f9b915-b755-4826-820b-08fba6bd249d} - c:\program files\conduitengine\prxConduitEngine.dll
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
EB: HP Smart Web Printing: {555d4d79-4bd2-4094-a395-cfc534424a05} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_bho.dll
uRun: [Sidebar] "c:\program files\windows sidebar\sidebar.exe" /autoRun
uRun: [ehTray.exe] "c:\windows\ehome\ehTray.exe"
uRun: [Google Update] "c:\users\adminstrator\appdata\local\google\update\GoogleUpdate.exe" /c
uRun: [swg] "c:\program files\google\googletoolbarnotifier\GoogleToolbarNotifier.exe"
uRun: [Advanced SystemCare 4] "c:\program files\iobit\advanced systemcare 4\ASCTray.exe"
uRun: [WMPNSCFG] "c:\program files\windows media player\WMPNSCFG.exe"
mRun: [Windows Defender] "c:\program files\windows defender\MSASCui.exe" -hide
mRun: [hpsysdrv] "c:\hp\support\hpsysdrv.exe"
mRun: [OsdMaestro] "c:\program files\hewlett-packard\on-screen osd indicator\OSD.exe"
mRun: [RtHDVCpl] "RtHDVCpl.exe"
mRun: [CCUTRAYICON] FactoryMode
mRun: [HP Health Check Scheduler] "c:\program files\hewlett-packard\hp health check\HPHC_Scheduler.exe"
mRun: [NvSvc] "c:\windows\system32\rundll32.exe" c:\windows\system32\nvsvc.dll,nvsvcStart
mRun: [NvCplDaemon] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvCpl.dll,NvStartup
mRun: [NvMediaCenter] "c:\windows\system32\rundll32.exe" c:\windows\system32\NvMcTray.dll,NvTaskbarInit
mRun: [IAAnotif] "c:\program files\intel\intel matrix storage manager\Iaanotif.exe"
mRun: [ZoneAlarm Client] "c:\program files\zone labs\zonealarm\zlclient.exe"
mRun: [ISW] "c:\program files\checkpoint\zaforcefield\ForceField.exe" /icon="hidden"
mRun: [Adobe Reader Speed Launcher] "c:\program files\adobe\reader 9.0\reader\Reader_sl.exe"
mRun: [Adobe ARM] "c:\program files\common files\adobe\arm\1.0\AdobeARM.exe"
mRun: [Microsoft Default Manager] "c:\program files\microsoft\search enhancement pack\default manager\DefMgr.exe" -resume
mRun: [avast5] "c:\program files\alwil software\avast5\avastUI.exe" /nogui
mRun: [HP Software Update] "c:\program files\hp\hp software update\HPWuSchd2.exe"
mRun: [hpqSRMon]
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot
mRun: [SpySweeper] "c:\program files\webroot\spy sweeper\SpySweeperUI.exe" /startintray
mRunOnce: [Launcher] "%WINDIR%\SMINST\launcher.exe"
StartupFolder: c:\users\admins~1\appdata\roaming\micros~1\windows\startm~1\programs\startup\onenot~1.lnk - c:\program files\microsoft office\office12\ONENOTEM.EXE
StartupFolder: c:\progra~2\micros~1\windows\startm~1\programs\startup\hpdigi~1.lnk - c:\program files\hewlett-packard\digital imaging\bin\hpqtra08.exe
mPolicies-explorer: BindDirectlyToPropertySetStorage = 0 (0x0)
mPolicies-system: EnableUIADesktopToggle = 0 (0x0)
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
IE: {08B0E5C0-4FCB-11CF-AAA5-00401C608501} - {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}
IE: {2670000A-7350-4f3c-8081-5663EE0C6C49} - {48E73304-E1D6-4330-914C-F5F514E3486C} - c:\progra~1\micros~3\office12\ONBttnIE.dll
IE: {92780B25-18CC-41C8-B9BE-3C9C571A8263} - {FF059E31-CC5A-4E2E-BF3B-96E929D65503} - c:\progra~1\micros~3\office12\REFIEBAR.DLL
IE: {DDE87865-83C5-48c4-8357-2F5B1AA84522} - {DDE87865-83C5-48c4-8357-2F5B1AA84522} - c:\program files\hewlett-packard\digital imaging\smart web printing\hpswp_BHO.dll
IE: {DFB852A3-47F8-48C4-A200-58CAB36FD2A2} - {53707962-6F74-2D53-2644-206D7942484F} - c:\program files\spybot - search & destroy\SDHelper.dll
DPF: {297DE2B6-509A-4B36-93C5-A65276606900} - hxxp://www.in.honda.com/rraaapps/rraasec/codebase/RRAAINAX/RraainAX.CAB
DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {A906CBEA-6FAF-43B8-AE2F-857C5A21884C} - hxxp://mediadownloads.walmart.com/mmce/resources/walmartcheck2.cab
DPF: {AB86CE53-AC9F-449F-9399-D8ABCA09EC09} - hxxps://h17000.www1.hp.com/ewfrf-JAVA/Secure/HPGetDownloadManager.ocx
DPF: {CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_15-windows-i586.cab
DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} - hxxp://java.sun.com/update/1.6.0/jinstall-1_6_0_24-windows-i586.cab
DPF: {FFB3A759-98B1-446F-BDA9-909C6EB18CC7} - hxxp://utilities.pcpitstop.com/optimize2/pcpitstop2.dll
TCP: DhcpNameServer = 205.152.150.23 205.152.37.23
TCP: Interfaces\{1CD3DDF1-3A71-4FE8-A363-037C4B9F780C} : DhcpNameServer = 66.18.32.2 66.18.32.3
TCP: Interfaces\{FA6CABB0-A5B5-4C78-8CAE-8E90D4D6F951} : DhcpNameServer = 205.152.150.23 205.152.37.23
STS: Windows DreamScene: {e31004d1-a431-41b8-826f-e902f9d95c81} - %SystemRoot%\System32\DreamScene.dll
SEH: SABShellExecuteHook Class: {5ae067d3-9afb-48e0-853a-ebb7f4a000da} - c:\program files\superantispyware\SASSEH.DLL
mASetup: {7070D8E0-650A-46b3-B03C-9497582E6A74} - %SystemRoot%\system32\soundschemes.exe /AddRegistration
.
================= FIREFOX ===================
.
FF - ProfilePath - c:\users\adminstrator\appdata\roaming\mozilla\firefox\profiles\eo1s6xms.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - component: c:\users\adminstrator\appdata\roaming\mozilla\firefox\profiles\eo1s6xms.default\extensions\{70df8d13-bdd3-448e-944c-efde21b77161}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\adminstrator\appdata\roaming\mozilla\firefox\profiles\eo1s6xms.default\extensions\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}\components\RadioWMPCoreGecko19.dll
FF - component: c:\users\adminstrator\appdata\roaming\mozilla\firefox\profiles\eo1s6xms.default\extensions\[email protected]\components\RadioWMPCoreGecko19.dll
FF - plugin: c:\program files\adobe\reader 9.0\reader\air\nppdf32.dll
FF - plugin: c:\program files\checkpoint\zaforcefield\trustchecker\bin\npFFApi.dll
FF - plugin: c:\program files\google\google earth\plugin\npgeplugin.dll
FF - plugin: c:\program files\google\google updater\2.4.1908.5032\npCIDetect14.dll
FF - plugin: c:\program files\google\update\1.2.133.33\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.141.5\npGoogleOneClick7.dll
FF - plugin: c:\program files\google\update\1.2.145.5\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.13\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.17\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.23\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.2.183.7\npGoogleOneClick8.dll
FF - plugin: c:\program files\google\update\1.3.21.53\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.57\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.65\npGoogleUpdate3.dll
FF - plugin: c:\program files\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\program files\java\jre6\bin\new_plugin\npdeployJava1.dll
FF - plugin: c:\program files\microsoft silverlight\4.0.60531.0\npctrlui.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npCouponPrinter.dll
FF - plugin: c:\program files\mozilla firefox\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\opera\program\plugins\np_gp.dll
FF - plugin: c:\program files\opera\program\plugins\npMozCouponPrinter.dll
FF - plugin: c:\program files\picasa2\npPicasa2.dll
FF - plugin: c:\program files\picasa2\npPicasa3.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprpchromebrowserrecordext.dll
FF - plugin: c:\programdata\real\realplayer\browserrecordplugin\mozillaplugins\nprphtml5videoshim.dll
FF - plugin: c:\users\adminstrator\appdata\local\google\update\1.3.21.69\npGoogleUpdate3.dll
FF - plugin: c:\users\adminstrator\appdata\roaming\mozilla\plugins\npgoogletalk.dll
FF - plugin: c:\users\adminstrator\appdata\roaming\mozilla\plugins\npgtpo3dautoplugin.dll
.
---- FIREFOX POLICIES ----
FF - user.js: general.useragent.extra.brc - BRI/1
.
============= SERVICES / DRIVERS ===============
.
R0 SmartDefragDriver;SmartDefragDriver;c:\windows\system32\drivers\SmartDefragDriver.sys [2011-7-31 16184]
R0 ssfs0bbc;ssfs0bbc;c:\windows\system32\drivers\ssfs0bbc.sys [2011-3-22 29832]
R1 aswSnx;aswSnx;c:\windows\system32\drivers\aswSnx.sys [2011-5-24 442200]
R1 aswSP;aswSP;c:\windows\system32\drivers\aswSP.sys [2010-11-8 320856]
R1 SASDIFSV;SASDIFSV;c:\program files\superantispyware\SASDIFSV.SYS [2010-2-17 12880]
R1 SASKUTIL;SASKUTIL;c:\program files\superantispyware\SASKUTIL.SYS [2010-5-10 67664]
R2 !SASCORE;SAS Core Service;c:\program files\superantispyware\SASCORE.EXE [2010-6-29 116608]
R2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\hp\dvdplay\000.fcl [2007-3-20 39408]
R2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\iobit\advanced systemcare 4\ASCService.exe [2011-5-21 352656]
R2 aswFsBlk;aswFsBlk;c:\windows\system32\drivers\aswFsBlk.sys [2010-11-8 20568]
R2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2010-11-8 54616]
R2 avast! Antivirus;avast! Antivirus;c:\program files\alwil software\avast5\AvastSvc.exe [2010-11-8 44768]
R2 DQLWinService;DQLWinService;c:\program files\common files\intel\inteldh\nms\adpplugins\DQLWinService.exe [2006-9-3 208896]
R2 FontCache;Windows Font Cache Service;c:\windows\system32\svchost.exe -k LocalServiceAndNoImpersonation [2008-6-13 21504]
R2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\checkpoint\zaforcefield\ISWKL.sys [2010-5-26 26352]
R2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\checkpoint\zaforcefield\ISWSVC.exe [2010-5-26 493032]
R2 WebrootSpySweeperService;Webroot Spy Sweeper Engine;c:\program files\webroot\spy sweeper\SpySweeper.exe [2011-3-22 4048256]
R2 WRConsumerService;Webroot Client Service;c:\program files\webroot\spy sweeper\WRConsumerService.exe [2008-11-16 1201656]
R3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2007-4-18 366080]
S2 AVGIDSAgent;AVGIDSAgent;"c:\program files\avg\avg10\identity protection\agent\bin\avgidsagent.exe" --> c:\program files\avg\avg10\identity protection\agent\bin\AVGIDSAgent.exe [?]
S2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\microsoft.net\framework\v4.0.30319\mscorsvw.exe [2010-3-18 130384]
S2 gupdate1c9899ef02088a2;Google Update Service (gupdate1c9899ef02088a2);c:\program files\google\update\GoogleUpdate.exe [2009-2-7 133104]
S2 IntelDHSvcConf;Intel DH Service;c:\program files\intel\inteldh\intel media server\tools\IntelDHSvcConf.exe [2006-5-10 29696]
S3 gupdatem;Google Update Service (gupdatem);c:\program files\google\update\GoogleUpdate.exe [2009-2-7 133104]
S3 MCLServiceATL;Intel(R) Application Tracker;c:\program files\intel\inteldh\intel media server\shells\MCLServiceATL.exe [2006-9-11 167936]
S3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\microsoft.net\framework\v4.0.30319\wpf\WPFFontCache_v0400.exe [2010-3-18 753504]
.
=============== Created Last 30 ================
.
2011-09-24 03:58:44   56200   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{4349a41c-63ff-4d85-870e-000b32f5ed27}\offreg.dll
2011-09-23 13:47:18   7269712   ----a-w-   c:\programdata\microsoft\windows defender\definition updates\{4349a41c-63ff-4d85-870e-000b32f5ed27}\mpengine.dll
2011-09-20 19:09:30   --------   d-----w-   c:\users\adminstrator\appdata\roaming\f-secure
2011-09-20 19:08:27   --------   d-----w-   c:\programdata\F-Secure
2011-09-20 17:24:33   --------   d-----w-   c:\program files\common files\xing shared
2011-09-19 01:09:46   388096   ----a-r-   c:\users\adminstrator\appdata\roaming\microsoft\installer\{45a66726-69bc-466b-a7a4-12fcba4883d7}\HiJackThis.exe
2011-09-19 01:09:44   --------   d-----w-   c:\program files\Trend Micro
2011-09-15 20:02:52   2409784   ----a-w-   c:\program files\windows mail\OESpamFilter.dat
.
==================== Find3M  ====================
.
2011-09-20 17:20:47   499712   ----a-w-   c:\windows\system32\msvcp71.dll
2011-09-20 17:20:47   348160   ----a-w-   c:\windows\system32\msvcr71.dll
2011-09-07 03:29:45   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 20:45:29   41184   ----a-w-   c:\windows\avastSS.scr
2011-09-06 20:38:05   442200   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:36:26   54616   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-08-31 21:00:50   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-07-22 02:54:43   1797632   ----a-w-   c:\windows\system32\jscript9.dll
2011-07-22 02:48:26   1126912   ----a-w-   c:\windows\system32\wininet.dll
2011-07-22 02:44:36   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-07-11 13:25:35   2048   ----a-w-   c:\windows\system32\tzres.dll
2011-07-06 15:31:47   214016   ----a-w-   c:\windows\system32\drivers\mrxsmb10.sys
.
============= FINISH:  0:09:18.39 ===============

[crazelion]

.
UNLESS SPECIFICALLY INSTRUCTED, DO NOT POST THIS LOG.
IF REQUESTED, ZIP IT UP & ATTACH IT
.
DDS (Ver_2011-06-23.01)
.
Microsoft® Windows Vista™ Ultimate
Boot Device: \Device\HarddiskVolume1
Install Date: 4/5/2007 10:42:05 AM
System Uptime: 9/23/2011 11:58:13 PM (1 hours ago)
.
Motherboard: ASUSTek Computer INC. |  | Basswood2
Processor: Intel(R) Core(TM)2 CPU          6600  @ 2.40GHz | Socket 775 | 2400/266mhz
.
==== Disk Partitions =========================
.
C: is FIXED (NTFS) - 458 GiB total, 346.644 GiB free.
D: is FIXED (NTFS) - 8 GiB total, 0.46 GiB free.
E: is CDROM ()
F: is CDROM ()
G: is Removable
H: is Removable
I: is Removable
J: is Removable
.
==== Disabled Device Manager Items =============
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0000
Manufacturer: Microsoft
Name: 6TO4 Adapter
PNP Device ID: ROOT\*6TO4MP\0000
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft 6to4 Adapter
Device ID: ROOT\*6TO4MP\0001
Manufacturer: Microsoft
Name: Microsoft 6to4 Adapter #2
PNP Device ID: ROOT\*6TO4MP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: Microsoft ISATAP Adapter
Device ID: ROOT\*ISATAP\0001
Manufacturer: Microsoft
Name: Microsoft ISATAP Adapter #2
PNP Device ID: ROOT\*ISATAP\0001
Service: tunnel
.
Class GUID: {4d36e972-e325-11ce-bfc1-08002be10318}
Description: HP 802.11b/g Wireless Network Adapter
Device ID: PCI\VEN_168C&DEV_001B&SUBSYS_500111AD&REV_01\4&1535F642&0&18F0
Manufacturer: Atheros Communications Inc.
Name: HP 802.11b/g Wireless Network Adapter
PNP Device ID: PCI\VEN_168C&DEV_001B&SUBSYS_500111AD&REV_01\4&1535F642&0&18F0
Service: athr
.
==== System Restore Points ===================
.
.
==== Installed Programs ======================
.
 Update for Microsoft Office 2007 (KB2508958)
32 Bit HP CIO Components Installer
AC3Filter (remove only)
Acrobat.com
Activation Assistant for the 2007 Microsoft Office suites
ActiveCheck component for HP Active Support Library
Adobe AIR
Adobe Download Manager
Adobe Flash Player 10 ActiveX
Adobe Flash Player 10 Plugin
Adobe Reader 9.4.6
Advanced SystemCare 4
Amazon Kindle For PC v1.0
Amazon MP3 Downloader 1.0.10
Apple Mobile Device Support
Apple Software Update
AusLogics Disk Defrag
AutoUpdate
avast! Free Antivirus
Bing Rewards Client Installer
Bonjour
BufferChm
CCleaner
Conduit Engine
Copy
Coupon Printer for Windows
CustomerResearchQFolder
Destination Component
DeviceDiscovery
DeviceManagementQFolder
DivX Codec
DivX Converter
DivX Player
DivX Version Checker
DivX Web Player
DJ_AIO_03_F4200_ProductContext
DJ_AIO_03_F4200_Software
DJ_AIO_03_F4200_Software_Min
DVD Play HD DVD
Enhanced Multimedia Keyboard Solution
eSupportQFolder
F4100_doccd
F4200
F4200_Help
Google Chrome
Google Earth
Google Photos Screensaver
Google Talk Plugin
Google Toolbar for Internet Explorer
Google Update Helper
Google Updater
GPBaseService
Hardware Diagnostic Tools
HiJackThis
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB953595)
Hotfix for Microsoft .NET Framework 3.5 SP1 (KB958484)
HP Active Support Library
HP Active Support Library 32 bit components
HP Advisor
HP Customer Experience Enhancements
HP Customer Feedback
HP Customer Participation Program 10.0
HP Deskjet F4200 All-In-One Driver Software 10.0 Rel .3
HP Driver Diagnostics
HP Easy Setup - Core
HP Easy Setup - Frontend
HP Imaging Device Functions 10.0
HP On-Screen Caps/Num/Scroll Lock Indicator
HP Photosmart Essential 2.5
HP Picasso Media Center Add-In
HP Smart Web Printing 4.60
HP Solution Center 10.0
HP Update
HPAsset component for HP Active Support Library
HPDiagnosticAlert
HPProductAssistant
HPSSupply
Intel(R) Matrix Storage Manager
Intel(R) Network Connections Drivers
Intel® Viiv™ Software
IrfanView (remove only)
iTunes
Java(TM) 6 Update 15
Java(TM) 6 Update 24
Java(TM) 6 Update 7
LightScribe  1.4.136.1
Malwarebytes' Anti-Malware version 1.51.2.1300
MarketResearch
Microsoft .NET Framework 3.5 SP1
Microsoft .NET Framework 4 Client Profile
Microsoft Default Manager
Microsoft Office 2007 Service Pack 2 (SP2)
Microsoft Office Excel MUI (English) 2007
Microsoft Office File Validation Add-In
Microsoft Office Home and Student 2007
Microsoft Office OneNote MUI (English) 2007
Microsoft Office PowerPoint MUI (English) 2007
Microsoft Office Proof (English) 2007
Microsoft Office Proof (French) 2007
Microsoft Office Proof (Spanish) 2007
Microsoft Office Proofing (English) 2007
Microsoft Office Proofing Tools 2007 Service Pack 2 (SP2)
Microsoft Office Shared MUI (English) 2007
Microsoft Office Shared Setup Metadata MUI (English) 2007
Microsoft Office Word MUI (English) 2007
Microsoft Silverlight
Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
Microsoft Visual C++ 2005 Redistributable
Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - KB2467174 - x86 9.0.30729.5570
Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148
Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
Microsoft Works
Mozilla Firefox 6.0.2 (x86 en-US)
MSXML 4.0 SP2 (KB927978)
MSXML 4.0 SP2 (KB936181)
MSXML 4.0 SP2 (KB941833)
MSXML 4.0 SP2 (KB954430)
MSXML 4.0 SP2 (KB973688)
MSXML 4.0 SP2 and SOAP Toolkit 3.0
muvee autoProducer 5.0
My HP Games
NVIDIA Drivers
OGA Notifier 2.0.0048.0
oggcodecs 0.71.0946
OpenOffice.org 3.1
Opera 10.00
PeaZip 2.4.1
Picasa 3
PSSWCORE
Python 2.4.3
QuickTime
RCA Video Converter
RealNetworks - Microsoft Visual C++ 2008 Runtime
RealPlayer
Realtek High Definition Audio Driver
RealUpgrade 1.1
Rhapsody
Rhapsody Player Engine
Roxio Creator Audio
Roxio Creator Basic v9
Roxio Creator Copy
Roxio Creator Data
Roxio Creator EasyArchive
Roxio Creator Tools
Roxio Express Labeler 3
Roxio MyDVD Basic v9
Scan
Security Update for 2007 Microsoft Office System (KB2288621)
Security Update for 2007 Microsoft Office System (KB2288931)
Security Update for 2007 Microsoft Office System (KB2345043)
Security Update for 2007 Microsoft Office System (KB2553074)
Security Update for 2007 Microsoft Office System (KB2553089)
Security Update for 2007 Microsoft Office System (KB2553090)
Security Update for 2007 Microsoft Office System (KB2584063)
Security Update for 2007 Microsoft Office System (KB969559)
Security Update for 2007 Microsoft Office System (KB976321)
Security Update for Microsoft .NET Framework 3.5 SP1 (KB2416473)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2446708)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2478663)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2518870)
Security Update for Microsoft .NET Framework 4 Client Profile (KB2539636)
Security Update for Microsoft Office Excel 2007 (KB2553073)
Security Update for Microsoft Office InfoPath 2007 (KB979441)
Security Update for Microsoft Office PowerPoint 2007 (KB2535818)
Security Update for Microsoft Office PowerPoint Viewer 2007 (KB2464623)
Security Update for Microsoft Office system 2007 (972581)
Security Update for Microsoft Office system 2007 (KB974234)
Security Update for Microsoft Office Visio Viewer 2007 (KB973709)
Security Update for Microsoft Office Word 2007 (KB2344993)
Shop for HP Supplies
Smart Defrag 2
SmartWebPrinting
Soft Data Fax Modem with SmartCP
SolutionCenter
Spy Sweeper
Spy Sweeper Core
Spybot - Search & Destroy
Status
SUPERAntiSpyware
Swag Bucks Toolbar
Toolbox
TrayApp
UnloadSupport
Update for 2007 Microsoft Office System (KB967642)
Update for Microsoft .NET Framework 3.5 SP1 (KB963707)
Update for Microsoft .NET Framework 4 Client Profile (KB2468871)
Update for Microsoft .NET Framework 4 Client Profile (KB2533523)
Update for Microsoft Office 2007 Help for Common Features (KB963673)
Update for Microsoft Office 2007 System (KB2539530)
Update for Microsoft Office Excel 2007 Help (KB963678)
Update for Microsoft Office OneNote 2007 (KB980729)
Update for Microsoft Office OneNote 2007 Help (KB963670)
Update for Microsoft Office Powerpoint 2007 Help (KB963669)
Update for Microsoft Office Script Editor Help (KB963671)
Update for Microsoft Office Word 2007 Help (KB963665)
VC 9.0 Runtime
VC80CRTRedist - 8.0.50727.4053
Video Converter Factory Pro
VideoToolkit01
Visual C++ 2008 x86 Runtime - (v9.0.30729)
Visual C++ 2008 x86 Runtime - v9.0.30729.01
WebReg
Winamp
Windows Live ID Sign-in Assistant
Windows Media Player Firefox Plugin
Windows Sound Schemes
WinX Bluray DVD iPhone Ripper 4.5.0
WinX Video Converter 4.0
Yahoo! Music Jukebox
YouTube Downloader 2.7.2
ZoneAlarm
ZoneAlarm Toolbar
.
==== Event Viewer Messages From Past Week ========
.
9/24/2011 12:00:31 AM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  Lbd
9/24/2011 12:00:30 AM, Error: Service Control Manager [7022]  - The HP CUE DeviceDiscovery Service service hung on starting.
9/24/2011 12:00:13 AM, Error: Service Control Manager [7003]  - The AVGIDSAgent service depends the following service: AVGIDSDriver. This service might not be installed.
9/24/2011 12:00:13 AM, Error: Service Control Manager [7000]  - The X4HSX32 service failed to start due to the following error:  The system cannot find the path specified.
9/24/2011 12:00:13 AM, Error: Service Control Manager [7000]  - The Parallel port driver service failed to start due to the following error:  The service cannot be started, either because it is disabled or because it has no enabled devices associated with it.
9/23/2011 9:37:34 AM, Error: Microsoft-Windows-Dhcp-Client [1002]  - The IP address lease 192.168.1.100 for the Network Card with network address 001A9299BF28 has been denied by the DHCP server 192.168.1.1 (The DHCP Server sent a DHCPNACK message).
9/23/2011 9:37:32 AM, Error: EventLog [6008]  - The previous system shutdown at 9:35:06 AM on 9/23/2011 was unexpected.
9/23/2011 11:11:11 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-AB~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/23/2011 10:12:34 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-2B~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/23/2011 10:07:06 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-B3~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/22/2011 7:43:44 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-0A~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/22/2011 12:59:11 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-E8~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/21/2011 8:18:24 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-78~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/20/2011 3:12:11 PM, Error: F-Secure Standalone Minifilter [1]  -
9/20/2011 12:14:58 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {9E175B6D-F52A-11D8-B9A5-505054503030}
9/20/2011 12:08:42 PM, Error: iaStor [9]  - The device, \Device\Ide\iaStor0, did not respond within the timeout period.
9/20/2011 12:06:18 PM, Error: Service Control Manager [7026]  - The following boot-start or system-start driver(s) failed to load:  aswSnx aswSP aswTdi eeCtrl Lbd SASDIFSV SASKUTIL spldr Wanarpv6
9/20/2011 12:06:18 PM, Error: Service Control Manager [7001]  - The Computer Browser service depends on the Server service which failed to start because of the following error:  The dependency service or group failed to start.
9/20/2011 12:06:13 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service WSearch with arguments "" in order to run the server: {7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
9/20/2011 12:06:08 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1068" attempting to start the service fdPHost with arguments "" in order to run the server: {145B4335-FE2A-4927-A040-7C35AD3180EF}
9/20/2011 12:06:07 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service EventSystem with arguments "" in order to run the server: {1BE1F766-5536-11D1-B726-00C04FB926AF}
9/20/2011 12:06:00 PM, Error: Microsoft-Windows-DistributedCOM [10005]  - DCOM got error "1084" attempting to start the service ShellHWDetection with arguments "" in order to run the server: {DD522ACC-F821-461A-A407-50B198B896DC}
9/20/2011 11:25:07 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-9A~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/19/2011 5:18:33 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-0C~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/19/2011 3:06:38 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-19~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/19/2011 2:50:27 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-CC~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/19/2011 12:03:37 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-87~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/19/2011 10:53:24 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-5C~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/18/2011 9:02:19 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-E7~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/18/2011 6:36:50 PM, Error: Microsoft-Windows-BitLocker-Driver [24620]  - Encrypted volume check: Volume information on J: cannot be read.
9/18/2011 6:36:50 PM, Error: Microsoft-Windows-BitLocker-Driver [24620]  - Encrypted volume check: Volume information on I: cannot be read.
9/18/2011 6:36:50 PM, Error: Microsoft-Windows-BitLocker-Driver [24620]  - Encrypted volume check: Volume information on H: cannot be read.
9/18/2011 6:36:50 PM, Error: Microsoft-Windows-BitLocker-Driver [24620]  - Encrypted volume check: Volume information on G: cannot be read.
9/18/2011 5:26:27 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-8B~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/18/2011 4:39:02 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-EC~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/17/2011 9:24:19 PM, Error: Service Control Manager [7000]  - The SASDIFSV service failed to start due to the following error:  Cannot create a file when that file already exists.
9/17/2011 9:06:09 PM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-64~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/17/2011 11:46:06 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-5F~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/17/2011 11:33:35 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-45~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
9/17/2011 10:05:41 AM, Error: Microsoft-Windows-Kernel-General [5]  - {Registry Hive Recovered} Registry hive (file): '\??\C:\Windows\Temp\SST-E5~1.TMP' was corrupted and it has been recovered. Some data might have been lost.
.
==== End Of File ===========================

[SuperDave]

Update Your Java (JRE)

Old versions of Java have vulnerabilities that malware can use to infect your system.

First Verify your Java Version

If there are any other version(s) installed then update now.

Get the new version (if needed)

If your version is out of date install the newest version of the Sun Java Runtime Environment.

Note: UNCHECK any pre-checked toolbar and/or software offered with the Java update. The pre-checked toolbars/software are not part of the Java update.

Be sure to close ALL open web browsers before starting the installation.

Remove any old versions

1. Download JavaRa and unzip the file to your Desktop.
2. Open JavaRA.exe and choose Remove Older Versions
3. Once complete exit JavaRA.

Additional Note: The Java Quick Starter (JQS.exe) adds a service to improve the initial startup time of Java applets and applications. To disable the JQS service if you don't want to use it, go to Start > Control Panel > Java > Advanced > Miscellaneous and uncheck the box for Java Quick Starter. Click OK and reboot your computer.
************************************************
Download OTL to your desktop.

* Open OTL
* Copy and Paste the following text in the codebox into the Custom Scans/Fixes window.

Code: [Select]

:OTL

mURLSearchHooks: H - No File
BHO: {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - No File
TB: {9D425283-D487-4337-BAB6-AB8354A81457} - No File
TB: {A057A204-BACC-4D26-9990-79A187E2698E} - No File
mRun: [Malwarebytes Anti-Malware (reboot)] "c:\program files\malwarebytes' anti-malware\mbam.exe" /runcleanupscript
mRun: [TkBellExe] "c:\program files\real\realplayer\update\realsched.exe"  -osboot

:COMMANDS
[resethosts]
[purity]
[start explorer]

* Click Run Fix
* OTLI2 may ask to reboot the machine. Please do so if asked.
* Click OK
* A report will open. Copy and Paste that report in your next reply.
************************************************************
Download ComboFix by sUBs from one of the below links.  Be sure to save it to the Desktop.

link # 1
Link # 2
If you are using Firefox, make sure that your download settings are as follows:

* Tools->Options->Main tab
* Set to "Always ask me where to Save the files".

Close any open web browsers (Firefox, Internet Explorer, etc) before starting ComboFix.

Temporarily disable your anti-virus, and any anti-spyware real-time protection before performing a scan. Click this link to see a list of security programs that should be disabled and how to disable them.

Right-click combofix.exe and select Run as Administrator and follow the prompts.
When finished, ComboFix will produce a log for you.
Post the ComboFix login your next reply.

NOTE: Do not mouseclick ComboFix's window while it is running. That may cause it to stall.

Remember to re-enable your anti-virus and anti-spyware protection when ComboFix is complete.

[crazelion]

could not update java.  here is the error it giving me:

Java setup internal error 2753.regutils.dll

[crazelion]

JavaRa 1.16 Removal Log.

Report follows after line.

------------------------------------

The JavaRa removal process was started on Thu Sep 22 16:37:45 2011

Found and removed: C:\Program Files\Java\jre1.6.0_07

Found and removed: C:\Program Files\Java\jre1.6.0_15

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_11

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_12

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_13

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_15

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_16

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_17

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_18

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_20

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_21

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_22

Found and removed: C:\Users\adminstrator\AppData\LocalLow\Sun\Java\jre1.6.0_23

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0001-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0002-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0003-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0004-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0005-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0006-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0007-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0008-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0009-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0010-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0011-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0012-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0013-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0014-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0015-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0016-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0017-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0018-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0019-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0020-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0021-ABCDEFFDCBA}. The error returned was 124.

There was an error removing \Mozilla Firefox\extensions\{CAFEEFAC-0016-0022-ABCDEFFDCBA}. The error returned was 124.

Found and removed: Applications\java.exe

Found and removed: Applications\javaw.exe

Found and removed: JavaPlugin.FamilyVersionSupport

Found and removed: Installer\Products\8A0F842331866D117AB7000B0D610007

Found and removed: CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0013-0001-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0014-0002-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0014-0002-FFFF-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0024-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0025-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0026-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0027-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0028-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0029-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0015-0000-0030-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0011-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: JavaScript

Found and removed: JavaScript Author

Found and removed: JavaScript1.1

Found and removed: JavaScript1.1 Author

Found and removed: JavaScript1.2

Found and removed: JavaScript1.2 Author

Found and removed: Software\Classes\CLSID\{CAFEEFAC-0015-0000-FFFF-ABCDEFFEDCBA}

Found and removed: Software\Classes\CLSID\{E19F9331-3110-11D4-991C-005004D3B3DB}

Found and removed: Software\Classes\JavaPlugin.160_07

Found and removed: Software\Classes\JavaPlugin.160_24

Found and removed: Software\JavaSoft\Java Update

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: Software\JavaSoft\Java Runtime Environment\1.6.0_24

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0023-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0024-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0013-0001-0025-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0001-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0014-0002-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0011-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0015-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0000-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0001-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0002-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0003-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0004-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0005-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0006-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0008-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0009-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0010-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0012-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0014-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0015-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBB}

Found and removed: SOFTWARE\Classes\CLSID\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBC}

Found and removed: SOFTWARE\Classes\JavaPlugin

Found and removed: SOFTWARE\Classes\JavaPlugin.160_07

Found and removed: SOFTWARE\Classes\JavaPlugin.160_15

Found and removed: SOFTWARE\Classes\JavaPlugin.160_24

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_15

Found and removed: SOFTWARE\JavaSoft\Java Plug-in\1.6.0_24

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_15

Found and removed: SOFTWARE\JavaSoft\Java Runtime Environment\1.6.0_24

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_02

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_03

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.0.1_04

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.2.0_01

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_07

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_15

Found and removed: SOFTWARE\JavaSoft\Java Web Start\1.6.0_24

Found and removed: SOFTWARE\Microsoft\Active Setup\Installed Components\{08B0E5C0-4FCB-11CF-AAA5-00401C608500}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Code Store Database\Distribution Units\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_07\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\Java\jre1.6.0_15\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\Folders\\C:\Program Files\JRE\

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B02

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062B03

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3412062F00

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B02

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062B03

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\0357E4991DA5FF14F9615B3612062F00

Found and removed: SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{4A03706F-666A-4037-7777-5F2748764D10}

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.2.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.3.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.1

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.4.2

Found and removed: SOFTWARE\MozillaPlugins\@java.com/JavaPlugin\MimeTypes\application/x-java-applet;version=1.5

[SuperDave]

I need to see the OTL script and the ComboFix logs.

[crazelion]

OTL by Oldtimer version 3.2.29.1 not responding

The OTL stops respond when it hit the firefox part on the time and gives a error of this under customs scans/fixes

mRun[TkBellExe7"c:/programfiles/real/realplayer/update/realsched.exe"-osboot

the firefox scanning part freezes every time

[crazelion]

ComboFix 11-09-26.01 - adminstrator 09/26/2011   0:03.1.2 - x86
Microsoft® Windows Vista™ Ultimate   6.0.6002.2.1252.1.1033.18.2046.869 [GMT -4:00]
Running from: c:\users\adminstrator\Downloads\ComboFix.exe
AV: avast! Antivirus *Disabled/Updated* {2B2D1395-420B-D5C9-657E-930FE358FC3C}
FW: ZoneAlarm Firewall *Enabled* {D17DF357-CFF5-F001-D1C1-FCD21DFE3D5E}
SP: avast! Antivirus *Disabled/Updated* {904CF271-6431-DA47-5FCE-A87D98DFB681}
SP: Spy Sweeper *Disabled/Updated* {E840FC75-2A0B-9A7C-D915-4D1380A5C223}
SP: Windows Defender *Enabled/Updated* {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
.
.
(((((((((((((((((((((((((((((((((((((((   Other Deletions   )))))))))))))))))))))))))))))))))))))))))))))))))
.
.
C:\install.exe
c:\program files\Search Toolbar
c:\program files\Search Toolbar\icon.ico
c:\program files\Search Toolbar\SearchToolbarUninstall.exe
c:\program files\Search Toolbar\SearchToolbarUpdater.exe
c:\windows\HPCPCUninstaller-6.3.2.139-6811507.exe
.
.
(((((((((((((((((((((((((   Files Created from 2011-08-26 to 2011-09-26  )))))))))))))))))))))))))))))))
.
.
2011-09-26 03:08 . 2011-09-26 03:19   56200   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{4349A41C-63FF-4D85-870E-000B32F5ED27}\offreg.dll
2011-09-23 13:47 . 2011-09-12 23:14   7269712   ----a-w-   c:\programdata\Microsoft\Windows Defender\Definition Updates\{4349A41C-63FF-4D85-870E-000B32F5ED27}\mpengine.dll
2011-09-20 19:09 . 2011-09-20 19:09   --------   d-----w-   c:\users\adminstrator\AppData\Roaming\f-secure
2011-09-20 19:08 . 2011-09-20 19:08   --------   d-----w-   c:\programdata\F-Secure
2011-09-20 17:24 . 2011-09-20 17:24   --------   d-----w-   c:\program files\Common Files\xing shared
2011-09-19 01:09 . 2011-09-19 01:09   388096   ----a-r-   c:\users\adminstrator\AppData\Roaming\Microsoft\Installer\{45A66726-69BC-466B-A7A4-12FCBA4883D7}\HiJackThis.exe
2011-09-19 01:09 . 2011-09-19 01:09   --------   d-----w-   c:\program files\Trend Micro
2011-09-15 20:02 . 2011-08-10 12:14   2409784   ----a-w-   c:\program files\Windows Mail\OESpamFilter.dat
.
.
.
((((((((((((((((((((((((((((((((((((((((   Find3M Report   ))))))))))))))))))))))))))))))))))))))))))))))))))))
.
2011-09-20 17:20 . 2007-03-20 18:18   348160   ----a-w-   c:\windows\system32\msvcr71.dll
2011-09-20 17:20 . 2003-03-19 03:14   499712   ----a-w-   c:\windows\system32\msvcp71.dll
2011-09-07 03:29 . 2011-05-13 14:44   404640   ----a-w-   c:\windows\system32\FlashPlayerCPLApp.cpl
2011-09-06 20:45 . 2010-11-08 19:05   41184   ----a-w-   c:\windows\avastSS.scr
2011-09-06 20:45 . 2010-11-08 19:05   199304   ----a-w-   c:\windows\system32\aswBoot.exe
2011-09-06 20:38 . 2011-05-24 21:02   442200   ----a-w-   c:\windows\system32\drivers\aswSnx.sys
2011-09-06 20:37 . 2010-11-08 19:06   320856   ----a-w-   c:\windows\system32\drivers\aswSP.sys
2011-09-06 20:36 . 2010-11-08 19:06   34392   ----a-w-   c:\windows\system32\drivers\aswRdr.sys
2011-09-06 20:36 . 2010-11-08 19:06   52568   ----a-w-   c:\windows\system32\drivers\aswTdi.sys
2011-09-06 20:36 . 2010-11-08 19:06   54616   ----a-w-   c:\windows\system32\drivers\aswMonFlt.sys
2011-09-06 20:36 . 2010-11-08 19:06   20568   ----a-w-   c:\windows\system32\drivers\aswFsBlk.sys
2011-08-31 21:00 . 2010-02-09 23:54   22216   ----a-w-   c:\windows\system32\drivers\mbam.sys
2011-07-22 02:54 . 2011-08-11 04:51   1797632   ----a-w-   c:\windows\system32\jscript9.dll
2011-07-22 02:48 . 2011-08-11 04:51   1126912   ----a-w-   c:\windows\system32\wininet.dll
2011-07-22 02:44 . 2011-08-11 04:51   2382848   ----a-w-   c:\windows\system32\mshtml.tlb
2011-07-11 13:25 . 2011-08-24 15:04   2048   ----a-w-   c:\windows\system32\tzres.dll
2011-07-06 15:31 . 2011-08-11 02:23   214016   ----a-w-   c:\windows\system32\drivers\mrxsmb10.sys
2011-09-03 06:01 . 2011-09-20 17:41   134104   ----a-w-   c:\program files\mozilla firefox\components\browsercomps.dll
.
.
(((((((((((((((((((((((((((((((((((((   Reg Loading Points   ))))))))))))))))))))))))))))))))))))))))))))))))))
.
.
*Note* empty entries & legit default entries are not shown
REGEDIT4
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\URLSearchHooks]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\prxtbSwa2.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{30F9B915-B755-4826-820B-08FBA6BD249D}]
2011-01-17 14:54   175912   ----a-w-   c:\program files\ConduitEngine\prxConduitEngine.dll
.
[HKEY_LOCAL_MACHINE\~\Browser Helper Objects\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
2011-01-17 14:54   175912   ----a-w-   c:\program files\Swag_Bucks\prxtbSwa2.dll
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
"{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}"= "c:\program files\Swag_Bucks\prxtbSwa2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Toolbar\Webbrowser]
"{8BDEA9D6-6F62-45EB-8EE9-8A81AF0D2F94}"= "c:\program files\Swag_Bucks\prxtbSwa2.dll" [2011-01-17 175912]
"{30F9B915-B755-4826-820B-08FBA6BD249D}"= "c:\program files\ConduitEngine\prxConduitEngine.dll" [2011-01-17 175912]
.
[HKEY_CLASSES_ROOT\clsid\{8bdea9d6-6f62-45eb-8ee9-8a81af0d2f94}]
.
[HKEY_CLASSES_ROOT\clsid\{30f9b915-b755-4826-820b-08fba6bd249d}]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\00avast]
@="{472083B0-C522-11CF-8763-00608CC02F24}"
[HKEY_CLASSES_ROOT\CLSID\{472083B0-C522-11CF-8763-00608CC02F24}]
2011-09-06 20:45   122512   ----a-w-   c:\program files\Alwil Software\Avast5\ashShell.dll
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\explorer\shelliconoverlayidentifiers\BackupIconOverlayId]
@="{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}"
[HKEY_CLASSES_ROOT\CLSID\{2EE61E5C-8F94-4AAB-8A80-D2A8CD1FEDAD}]
2009-04-06 17:26   238968   ----a-w-   c:\program files\Webroot\Spy Sweeper\Backup\CtxMenu_1_0_0_10.dll
.
[HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"Sidebar"="c:\program files\Windows Sidebar\sidebar.exe" [2009-04-11 1233920]
"ehTray.exe"="c:\windows\ehome\ehTray.exe" [2008-01-19 125952]
"swg"="c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe" [2007-07-18 68856]
"Advanced SystemCare 4"="c:\program files\IObit\Advanced SystemCare 4\ASCTray.exe" [2011-04-21 402832]
"WMPNSCFG"="c:\program files\Windows Media Player\WMPNSCFG.exe" [2008-01-19 202240]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Run]
"CCUTRAYICON"="FactoryMode" [X]
"hpsysdrv"="c:\hp\support\hpsysdrv.exe" [2006-09-28 65536]
"OsdMaestro"="c:\program files\Hewlett-Packard\On-Screen OSD Indicator\OSD.exe" [2006-11-20 155648]
"RtHDVCpl"="RtHDVCpl.exe" [2008-01-15 4874240]
"HP Health Check Scheduler"="c:\program files\Hewlett-Packard\HP Health Check\HPHC_Scheduler.exe" [2007-03-12 50696]
"NvSvc"="c:\windows\system32\nvsvc.dll" [2007-03-13 90191]
"NvCplDaemon"="c:\windows\system32\NvCpl.dll" [2007-03-13 7770112]
"NvMediaCenter"="c:\windows\system32\NvMcTray.dll" [2007-03-13 81920]
"IAAnotif"="c:\program files\Intel\Intel Matrix Storage Manager\Iaanotif.exe" [2008-06-02 178712]
"ZoneAlarm Client"="c:\program files\Zone Labs\ZoneAlarm\zlclient.exe" [2010-06-23 1043968]
"ISW"="c:\program files\CheckPoint\ZAForceField\ForceField.exe" [2010-05-26 730600]
"Adobe Reader Speed Launcher"="c:\program files\Adobe\Reader 9.0\Reader\Reader_sl.exe" [2011-09-07 37296]
"Adobe ARM"="c:\program files\Common Files\Adobe\ARM\1.0\AdobeARM.exe" [2011-03-30 937920]
"Microsoft Default Manager"="c:\program files\Microsoft\Search Enhancement Pack\Default Manager\DefMgr.exe" [2010-05-10 439568]
"HP Software Update"="c:\program files\HP\HP Software Update\HPWuSchd2.exe" [2011-02-18 49208]
"Malwarebytes Anti-Malware (reboot)"="c:\program files\Malwarebytes' Anti-Malware\mbam.exe" [2011-08-31 1047208]
"TkBellExe"="c:\program files\real\realplayer\update\realsched.exe" [2011-09-20 273528]
"SpySweeper"="c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe" [2011-04-20 6515800]
.
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\RunOnce]
"Launcher"="c:\windows\SMINST\launcher.exe" [2006-11-24 44136]
.
c:\users\adminstrator\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\
OneNote 2007 Screen Clipper and Launcher.lnk - c:\program files\Microsoft Office\Office12\ONENOTEM.EXE [2009-2-26 97680]
.
c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\
HP Digital Imaging Monitor.lnk - c:\program files\Hewlett-Packard\Digital Imaging\bin\hpqtra08.exe [2007-10-14 214360]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows\currentversion\policies\system]
"EnableUIADesktopToggle"= 0 (0x0)
.
[hkey_local_machine\software\microsoft\windows\currentversion\explorer\ShellExecuteHooks]
"{5AE067D3-9AFB-48E0-853A-EBB7F4A000DA}"= "c:\program files\SUPERAntiSpyware\SASSEH.DLL" [2011-09-20 113024]
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\drivers32]
"aux"=wdmaud.drv
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\!SASCORE]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdauxservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\sdcoreservice]
@=""
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WebrootSpySweeperService]
@="Service"
.
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WRConsumerService]
@="Service"
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^HP Digital Imaging Monitor.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\HP Digital Imaging Monitor.lnk
backup=c:\windows\pss\HP Digital Imaging Monitor.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKLM\~\startupfolder\C:^ProgramData^Microsoft^Windows^Start Menu^Programs^Startup^ymetray.lnk]
path=c:\programdata\Microsoft\Windows\Start Menu\Programs\Startup\ymetray.lnk
backup=c:\windows\pss\ymetray.lnk.CommonStartup
backupExtension=.CommonStartup
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\HPADVISOR]
2009-08-05 15:27   1644088   ----a-w-   c:\program files\Hewlett-Packard\HP Advisor\HPAdvisor.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SpybotSD TeaTimer]
2009-03-05 20:07   2260480   --sha-r-   c:\program files\Spybot - Search & Destroy\TeaTimer.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\SUPERAntiSpyware]
2011-09-20 16:45   4603264   ----a-w-   c:\program files\SUPERAntiSpyware\SUPERANTISPYWARE.EXE
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\swg]
2007-07-18 23:55   68856   ----a-w-   c:\program files\Google\GoogleToolbarNotifier\GoogleToolbarNotifier.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\shared tools\msconfig\startupreg\WinampAgent]
2008-08-03 23:02   36352   ----a-w-   c:\program files\Winamp\winampa.exe
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecAntiVirus]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\SymantecFirewall]
"DisableMonitoring"=dword:00000001
.
[HKEY_LOCAL_MACHINE\software\microsoft\security center\Monitoring\ZoneLabsFirewall]
"DisableMonitoring"=dword:00000001
.
R0 Lbd;Lbd;c:\windows\system32\DRIVERS\Lbd.sys

R2 AVGIDSAgent;AVGIDSAgent;c:\program files\AVG\AVG10\Identity Protection\Agent\Bin\AVGIDSAgent.exe

R2 clr_optimization_v4.0.30319_32;Microsoft .NET Framework NGEN v4.0.30319_X86;c:\windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe [2010-03-18 130384]
R2 gupdate1c9899ef02088a2;Google Update Service (gupdate1c9899ef02088a2);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
R2 IntelDHSvcConf;Intel DH Service;c:\program files\Intel\IntelDH\Intel Media Server\Tools\IntelDHSvcConf.exe [2006-05-10 29696]
R3 gupdatem;Google Update Service (gupdatem);c:\program files\Google\Update\GoogleUpdate.exe [2009-02-11 133104]
R3 pcouffin;VSO Software pcouffin;c:\windows\system32\Drivers\pcouffin.sys [2008-12-21 47360]
R3 vsdatant7;vsdatant7;c:\windows\system32\drivers\vsdatant.win7.sys

R3 WPFFontCache_v0400;Windows Presentation Foundation Font Cache 4.0.0.0;c:\windows\Microsoft.NET\Framework\v4.0.30319\WPF\WPFFontCache_v0400.exe [2010-03-18 753504]
S0 SmartDefragDriver;SmartDefragDriver;c:\windows\System32\Drivers\SmartDefragDriver.sys [2011-02-23 16184]
S0 ssfs0bbc;ssfs0bbc;c:\windows\system32\DRIVERS\ssfs0bbc.sys [2011-03-22 29832]
S1 aswSnx;aswSnx;

S1 aswSP;aswSP;

S1 SASDIFSV;SASDIFSV;c:\program files\SUPERAntiSpyware\SASDIFSV.SYS [2011-09-20 12880]
S1 SASKUTIL;SASKUTIL;c:\program files\SUPERAntiSpyware\SASKUTIL.SYS [2011-09-20 67664]
S2 !SASCORE;SAS Core Service;c:\program files\SUPERAntiSpyware\SASCORE.EXE [2011-09-20 116608]
S2 {22D78859-9CE9-4B77-BF18-AC83E81A9263};{22D78859-9CE9-4B77-BF18-AC83E81A9263};c:\program files\HP\DVDPlay\000.fcl [2007-12-18 39408]
S2 AdvancedSystemCareService;Advanced SystemCare Service;c:\program files\IObit\Advanced SystemCare 4\ASCService.exe [2011-04-21 352656]
S2 aswFsBlk;aswFsBlk;

S2 aswMonFlt;aswMonFlt;c:\windows\system32\drivers\aswMonFlt.sys [2011-09-06 54616]
S2 DQLWinService;DQLWinService;c:\program files\Common Files\Intel\IntelDH\NMS\AdpPlugins\DQLWinService.exe [2006-09-03 208896]
S2 ISWKL;ZoneAlarm Toolbar ISWKL;c:\program files\CheckPoint\ZAForceField\ISWKL.sys [2010-05-26 26352]
S2 IswSvc;ZoneAlarm Toolbar IswSvc;c:\program files\CheckPoint\ZAForceField\IswSvc.exe [2010-05-26 493032]
S2 WRConsumerService;Webroot Client Service;c:\program files\Webroot\Spy Sweeper\WRConsumerService.exe [2011-04-29 1201656]
S3 hcw18bda;Hauppauge WinTV 418 Driver;c:\windows\system32\drivers\hcw18bda.sys [2007-04-18 366080]
.
.
[HKEY_LOCAL_MACHINE\software\microsoft\windows nt\currentversion\svchost]
HPZ12   REG_MULTI_SZ      Pml Driver HPZ12 Net Driver HPZ12
getPlusHelper   REG_MULTI_SZ      getPlusHelper
LocalServiceAndNoImpersonation   REG_MULTI_SZ      FontCache
hpdevmgmt   REG_MULTI_SZ      hpqcxs08 hpqddsvc
.
[HKEY_LOCAL_MACHINE\software\microsoft\active setup\installed components\{7070D8E0-650A-46b3-B03C-9497582E6A74}]
2008-04-11 21:23   38400   ----a-w-   c:\windows\System32\SoundSchemes.exe
.
Contents of the 'Scheduled Tasks' folder
.
2011-09-26 c:\windows\Tasks\AutoSmartDefrag.job
- c:\program files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe [2010-10-25 22:08]
.
2011-09-26 c:\windows\Tasks\Google Software Updater.job
- c:\program files\Google\Common\Google Updater\GoogleUpdaterService.exe [2007-07-18 00:57]
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineCore.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 15:38]
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskMachineUA.job
- c:\program files\Google\Update\GoogleUpdate.exe [2009-02-08 15:38]
.
2011-09-22 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2596742343-1259861082-2517923452-1001Core.job
- c:\users\adminstrator\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-18 02:32]
.
2011-09-26 c:\windows\Tasks\GoogleUpdateTaskUserS-1-5-21-2596742343-1259861082-2517923452-1001UA.job
- c:\users\adminstrator\AppData\Local\Google\Update\GoogleUpdate.exe [2008-12-18 02:32]
.
2011-09-08 c:\windows\Tasks\HPCeeScheduleForadminstrator.job
- c:\program files\hewlett-packard\sdp\ceement\HPCEE.exe [2007-03-20 22:04]
.
2011-09-25 c:\windows\Tasks\wrSpySweeper_LDBA3F6AB342B40F2A61414ECFC23DCCE.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-06-26 13:33]
.
2011-09-25 c:\windows\Tasks\wrSpySweeper_LDBA3F6AB342B40F2A61414ECFC23DCCE.job
- c:\program files\Webroot\Spy Sweeper\SpySweeperUI.exe [2007-06-26 13:33]
.
.
------- Supplementary Scan -------
.
uStart Page = hxxp://toolbar.discoverbing.com/toolbar/en-us.html
mStart Page = hxxp://ie.redirect.hp.com/svs/rdr?TYPE=3&tp=iehome&locale=EN_US&c=71&bd=Pavilion&pf=desktop
IE: Add to Google Photos Screensa&ver - c:\windows\system32\GPhotos.scr/200
TCP: DhcpNameServer = 205.152.150.23 205.152.37.23
DPF: {A906CBEA-6FAF-43B8-AE2F-857C5A21884C} - hxxp://mediadownloads.walmart.com/mmce/resources/walmartcheck2.cab
FF - ProfilePath - c:\users\adminstrator\AppData\Roaming\Mozilla\Firefox\Profiles\eo1s6xms.default\
FF - prefs.js: browser.search.defaulturl - hxxp://search.conduit.com/ResultsExt.aspx?ctid=CT2260173&SearchSource=3&q={searchTerms}
FF - prefs.js: browser.search.selectedEngine - Search the Web
FF - prefs.js: browser.startup.homepage - hxxp://www.google.com/
FF - prefs.js: keyword.URL - chrome://browser-region/locale/region.properties
FF - user.js: general.useragent.extra.brc - BRI/1
.
- - - - ORPHANS REMOVED - - - -
.
HKLM-Run-hpqSRMon - (no file)
MSConfigStartUp-Ad-Watch - c:\program files\Lavasoft\Ad-Aware\AAWTray.exe
MSConfigStartUp-TkBellExe - c:\program files\Common Files\Real\Update_OB\realsched.exe
MSConfigStartUp-Uniblue RegistryBooster 2 - c:\program files\uniblue\registrybooster 2\StartRegistryBooster.exe
.
.
.
**************************************************************************
.
catchme 0.3.1398 W2K/XP/Vista - rootkit/stealth malware detector by Gmer, http://www.gmer.net
Rootkit scan 2011-09-26 00:20
Windows 6.0.6002 Service Pack 2 NTFS
.
scanning hidden processes ... 
.
scanning hidden autostart entries ...
.
scanning hidden files ... 
.
scan completed successfully
hidden files: 0
.
**************************************************************************
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\{22D78859-9CE9-4B77-BF18-AC83E81A9263}]
"ImagePath"="\??\c:\program files\HP\DVDPlay\000.fcl"
.
--------------------- LOCKED REGISTRY KEYS ---------------------
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Control\Class\{4D36E96D-E325-11CE-BFC1-08002BE10318}\0000\AllUserSettings]
@Denied: (A) (Users)
@Denied: (A) (Everyone)
@Allowed: (B 1 2 3 4 5) (S-1-5-20)
"BlindDial"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{1cd3ddf1-3a71-4fe8-a363-037c4b9f780c}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0900c0a8
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{6c699874-32a1-49a9-b308-f678e8eb0b24}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:06001422
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{8ea85454-c854-4b96-891a-f200e66cb6c3}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:14020054
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{ee7ca0e6-e377-4523-a2b3-257de88ade5c}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:07001422
"Dhcpv6State"=dword:00000000
.
[HKEY_LOCAL_MACHINE\SYSTEM\ControlSet001\Services\Tcpip6\Parameters\Interfaces\{fa6cabb0-a5b5-4c78-8cae-8e90d4d6f951}]
@DACL=(02 0000)
"Dhcpv6Iaid"=dword:0c00112f
"Dhcpv6State"=dword:00000000
.
--------------------- DLLs Loaded Under Running Processes ---------------------
.
- - - - - - - > 'lsass.exe'(736)
c:\program files\CheckPoint\ZAForceField\Plugins\ISWSHEX.dll
.
Completion time: 2011-09-26  00:24:37
ComboFix-quarantined-files.txt  2011-09-26 04:24
.
Pre-Run: 373,193,863,168 bytes free
Post-Run: 373,110,665,216 bytes free
.
- - End Of File - - 7E4FE46C63C016C57E0EDBE813FCA90F

[SuperDave]

SysProt Antirootkit

Download
SysProt Antirootkit from the link below (you will find it at the bottom
of the page under attachments, or you can get it from one of the
mirrors).

http://sites.google.com/site/sysprotantirootkit/

Unzip it into a folder on your desktop.

• Double click Sysprot.exe to start the program.
• Click on the Log tab.
• In the Write to log box select the following items.
• Process << Selected
  
• Kernel Modules << Selected
  
• SSDT << Selected
  
• Kernel Hooks << Selected
  
• IRP Hooks << NOT Selected
  
• Ports << NOT Selected
  
• Hidden Files << Selected
  
• At the bottom of the page
• Hidden Objects Only << Selected
  
• Click on the Create Log button on the bottom right.
• After a few seconds a new window should appear.
• Select Scan Root Drive. Click on the Start button.
• When it is complete a new window will appear to indicate that the scan is finished.
• The log will be saved automatically in the same folder Sysprot.exe was extracted to. Open the text file and copy/paste the log here.

[crazelion]

I had run twice and both twice it did a memory dump on me.  But here is the report that I recover.

SysProt AntiRootkit v1.0.1.0
by swatkat
*****************************************************************************
*****************************************************************************

No Hidden Processes found

*****************************************************************************
*****************************************************************************
Kernel Modules:
Module Name: \SystemRoot\System32\Drivers\dump_iaStor.sys
Service Name: ---
Module Base: 96EDB000
Module End: 96FA2000
Hidden: Yes

Module Name: \SystemRoot\System32\Drivers\dump_dumpfve.sys
Service Name: ---
Module Base: 96FA2000
Module End: 96FB3000
Hidden: Yes

****************************************************************************
****************************************************************************
SSDT:
Function Name: ZwAddBootEntry
Address: 91F77374
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwAllocateVirtualMemory
Address: 889D9FA8
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateEvent
Address: 91F79996
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateEventPair
Address: 91F799EE
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateFile
Address: 96A7E884
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwCreateIoCompletion
Address: 91F79B04
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateKey
Address: 96A9FFA8
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwCreateMutant
Address: 91F798EC
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateProcess
Address: 96A99E42
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwCreateProcessEx
Address: 96A9A26A
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwCreateSection
Address: 96AA46FE
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwCreateSemaphore
Address: 91F79940
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwCreateThread
Address: 87C963B0
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateTimer
Address: 91F79AB2
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDeleteBootEntry
Address: 91F77398
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwDeleteFile
Address: 96A7F5B4
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwDeleteKey
Address: 96AA1A50
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwDeleteValueKey
Address: 96AA1346
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwDuplicateObject
Address: 96A98C26
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwLoadDriver
Address: 91F77162
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwLoadKey
Address: 96AA241A
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwLoadKey2
Address: 96AA2658
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwLoadKeyEx
Address: 96AA2B0A
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwModifyBootEntry
Address: 91F773BC
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwNotifyChangeKey
Address: 91F79EFC
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwNotifyChangeMultipleKeys
Address: 91F77E54
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenEvent
Address: 91F799C6
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenEventPair
Address: 91F79A16
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenFile
Address: 96A7F16C
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwOpenIoCompletion
Address: 91F79B2E
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenMutant
Address: 91F79918
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenProcess
Address: 96A9C358
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwOpenSection
Address: 91F79A7E
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenSemaphore
Address: 91F7996E
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwOpenThread
Address: 96A9BF46
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwOpenTimer
Address: 91F79ADC
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwQueryObject
Address: 91F77D1A
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwQueueApcThread
Address: 889D9020
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwReadVirtualMemory
Address: 889D9EB8
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwRenameKey
Address: 96AA34E0
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwReplaceKey
Address: 96AA2DD4
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwRestoreKey
Address: 96AA3F40
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwSecureConnectPort
Address: 96A85292
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwSetBootEntryOrder
Address: 91F773E0
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetBootOptions
Address: 91F77404
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetContextThread
Address: 87C96248
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetInformationFile
Address: 96A7F9BE
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwSetInformationProcess
Address: 87C964A0
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetInformationThread
Address: 87C962C0
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSetSecurityObject
Address: 96AA3A68
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwSetSystemInformation
Address: 91F771BC
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetSystemPowerState
Address: 91F772F8
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSetValueKey
Address: 96AA0A6A
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwShutdownSystem
Address: 91F772D4
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwSuspendProcess
Address: 87C96428
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSuspendThread
Address: 87C961D0
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwSystemDebugControl
Address: 96A9AF66
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwTerminateProcess
Address: 96A9AC96
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

Function Name: ZwTerminateThread
Address: 87C96338
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwVdmControl
Address: 91F77428
Driver Base: 91F64000
Driver End: 91FD4000
Driver Name: \SystemRoot\System32\Drivers\aswSnx.SYS

Function Name: ZwWriteVirtualMemory
Address: 889D9F30
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateThreadEx
Address: 889D9DC8
Driver Base: 0
Driver End: 0
Driver Name: _unknown_

Function Name: ZwCreateUserProcess
Address: 96A9A6DE
Driver Base: 96A59000
Driver End: 96AE4000
Driver Name: \SystemRoot\system32\DRIVERS\vsdatant.sys

**************************************************************************
**************************************************************************
ernel Hooks:
Hooked Function: ObMakeTemporaryObject
At Address: 85C2562F
Jump To: 96E9C3DE
Module Name: C:\Windows\System32\Drivers\aswSP.SYS

Hooked Function: ObInsertObject
At Address: 85C7E543
Jump To: 96E9DE84
Module Name: C:\Windows\System32\Drivers\aswSP.SYS

**************************************************************************
***************************************************************************
orts:
Local Address: ADMINSTRATOR-PC:49468
Remote Address: GX-IN-F138.1E100.NET:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49417
Remote Address: IP-68-71-250-25.HOSTS.ZEROLAG.COM:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49416
Remote Address: IP-68-71-250-25.HOSTS.ZEROLAG.COM:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49411
Remote Address: 64.211.203.107:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49407
Remote Address: YI-IN-F139.1E100.NET:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49393
Remote Address: 69.31.74.113:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49391
Remote Address: 69.31.74.113:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49372
Remote Address: WWW-14-01-PRN1.FACEBOOK.COM:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49363
Remote Address: IP-68-71-250-25.HOSTS.ZEROLAG.COM:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49275
Remote Address: 216-139-226-19.AUS.US.SITEPROTECT.COM:HTTP
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:49269
Remote Address: YI-IN-F139.1E100.NET:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49245
Remote Address: GW-IN-F105.1E100.NET:HTTP
Type: TCP
Process: [System Idle Process]
State: TIME_WAIT

Local Address: ADMINSTRATOR-PC:49157
Remote Address: 62.109.145.104:HTTP
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:NETBIOS-SSN
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: ADMINSTRATOR-PC:49265
Remote Address: LOCALHOST:12080
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:49188
Remote Address: LOCALHOST:49187
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:49187
Remote Address: LOCALHOST:49188
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:49186
Remote Address: LOCALHOST:49185
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:49185
Remote Address: LOCALHOST:49186
Type: TCP
Process: C:\Program Files\Mozilla Firefox\firefox.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:27015
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Common Files\Apple\Mobile Device Support\bin\AppleMobileDeviceService.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12995
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12993
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12563
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12465
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12143
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12119
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12110
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12080
Remote Address: LOCALHOST:49265
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: ESTABLISHED

Local Address: ADMINSTRATOR-PC:12080
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:12025
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Alwil Software\Avast5\AvastSvc.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:5354
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49171
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\services.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49159
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\svchost.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49158
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\spoolsv.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49155
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\svchost.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49154
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\lsass.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49153
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\svchost.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:49152
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\wininit.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:10243
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: ADMINSTRATOR-PC:5357
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: ADMINSTRATOR-PC:ICSLAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: ADMINSTRATOR-PC:RTSP
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Program Files\Windows Media Player\wmpnetwk.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:MICROSOFT-DS
Remote Address: 0.0.0.0:0
Type: TCP
Process: System
State: LISTENING

Local Address: ADMINSTRATOR-PC:EPMAP
Remote Address: 0.0.0.0:0
Type: TCP
Process: C:\Windows\System32\svchost.exe
State: LISTENING

Local Address: ADMINSTRATOR-PC:50718
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:5353
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: ADMINSTRATOR-PC:SSDP
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:138
Remote Address: NA
Type: UDP
Process: System
State: NA

Local Address: ADMINSTRATOR-PC:NETBIOS-NS
Remote Address: NA
Type: UDP
Process: System
State: NA

Local Address: ADMINSTRATOR-PC:64781
Remote Address: NA
Type: UDP
Process: C:\Program Files\Windows Sidebar\sidebar.exe
State: NA

Local Address: ADMINSTRATOR-PC:63418
Remote Address: NA
Type: UDP
Process: C:\Program Files\IObit\IObit SmartDefrag\IObit SmartDefrag.exe
State: NA

Local Address: ADMINSTRATOR-PC:50720
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:50719
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:SSDP
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:63416
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: ADMINSTRATOR-PC:63414
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:54285
Remote Address: NA
Type: UDP
Process: C:\Program Files\Bonjour\mDNSResponder.exe
State: NA

Local Address: ADMINSTRATOR-PC:LLMNR
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:5005
Remote Address: NA
Type: UDP
Process: C:\Program Files\Windows Media Player\wmpnetwk.exe
State: NA

Local Address: ADMINSTRATOR-PC:5004
Remote Address: NA
Type: UDP
Process: C:\Program Files\Windows Media Player\wmpnetwk.exe
State: NA

Local Address: ADMINSTRATOR-PC:IPSEC-MSFT
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:UPNP-DISCOVERY
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:UPNP-DISCOVERY
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:500
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

Local Address: ADMINSTRATOR-PC:123
Remote Address: NA
Type: UDP
Process: C:\Windows\System32\svchost.exe
State: NA

*********************************************************************
***********************************************************************

[SuperDave]

I'd like to scan your machine with ESET OnlineScan

•Hold down Control and click on the following link to open ESET OnlineScan in a new window.
ESET OnlineScan
•Click the button.
•For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)

• Click on to download the ESET Smart Installer. Save it to your desktop.
  
• Double click on the icon on your desktop.
  

•Check
•Click the button.
•Accept any security warnings from your browser.
•Check
•Push the Start button.
•ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
•When the scan completes, push
•Push , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
•Push the button.
•Push
A log file will be saved here: C:\Program Files\ESET\ESET Online Scanner\log.txt

[crazelion]

I scanned using ESET OnlineScan but it did not come with a List of threats at all.  Or did I see the list of threats button.  The scan came up cleaned with zero threats both times i did it. 

But I know the problem is still there because it in firefox ABP part when I open that up.  Plus it doing strange things in firefox when I go to some websites.