Page 4 of 6 FirstFirst 123456 LastLast
Results 31 to 40 of 60

Thread: Please check my computer for sny possible further infection

  1. #31
    Member
    Join Date
    Jan 2016
    Posts
    65

    Post

    Quote Originally Posted by Juliet View Post
    I know you'll have to create a new topic in that forum or they wont know your asking a question.
    If you want to add the link to this one I'm sure it would be OK ...
    Oh well someone replied when I bumped my post.


    Quote Originally Posted by Juliet View Post
    Any time you suspect something suspicious you should consider changing passwords. I know people that change passwords every couple of weeks as a security standard.
    Right.


    Quote Originally Posted by Juliet View Post
    I would think it would.
    Ok, well you saw the screenshot, which one of those processes you think is suspicious, since you're the pro here? I would take a guess one of the unknowns since they don't tell u exactly which/what it is......


    Quote Originally Posted by Juliet View Post
    Got me. No idea why.
    So I should stop the scan(because it's still going and yes task manager still says it's running and not "Not responding" status) and ask ESET support why this is happening and link them to this thread, since it's just wasting time and power?

  2. #32
    Security Expert Juliet's Avatar
    Join Date
    Feb 2007
    Location
    Deep South
    Posts
    3,818

    Default

    So I should stop the scan(because it's still going and yes task manager still says it's running and not "Not responding" status) and ask ESET support why this is happening and link them to this thread, since it's just wasting time and power?
    You can.....

    If you like you can run Emsisoft Emergency Kit again, allow it to remove what it's finds.


    Would you like to run FRST once more?
    Windows Insider MVP Consumer Security 2009 - 2017
    Please do not PM me for Malware help, we all benefit from posting on the open board.

  3. #33
    Member
    Join Date
    Jan 2016
    Posts
    65

    Default

    Quote Originally Posted by Juliet View Post
    You can.....

    If you like you can run Emsisoft Emergency Kit again, allow it to remove what it's finds.


    Would you like to run FRST once more?
    Ok well I've stopped the ESET scan and then ran the Emsisoft kit. Found nothing, I even did a custom scan hoping it would scan all drives and apparently nothing....strange, either ESET items were false positives, or Emsisoft can't pick them up because they're probably new threats that no other anti-virus/malware programs have been updated to know about. Here's the logs:

    Code:
    Emsisoft Emergency Kit - Version 11.9
    Last update: 20/08/2016 12:06:52 AM
    User account: Raikou\Manectric
    Computer name: RAIKOU
    OS version: Windows 7x64 Service Pack 1
    
    Scan settings:
    
    Scan type: Custom Scan
    Objects: Rootkits, Memory, Traces, B:\, C:\, E:\
    
    Detect PUPs: On
    Scan archives: On
    ADS Scan: On
    File extension filter: Off
    Advanced caching: On
    Direct disk access: Off
    
    Scan start:	20/08/2016 12:08:38 AM
    
    Scanned	554385
    Found	0
    
    Scan end:	20/08/2016 12:50:15 AM
    Scan time:	0:41:37
    Code:
    Emsisoft Emergency Kit - Version 11.9
    Last update: 20/08/2016 12:06:52 AM
    User account: Raikou\Manectric
    Computer name: RAIKOU
    OS version: Windows 7x64 Service Pack 1
    
    Scan settings:
    
    Scan type: Malware Scan
    Objects: Rootkits, Memory, Traces, Files
    
    Detect PUPs: On
    Scan archives: Off
    ADS Scan: On
    File extension filter: Off
    Advanced caching: On
    Direct disk access: Off
    
    Scan start:	20/08/2016 12:08:00 AM
    
    Scanned	73178
    Found	0
    
    Scan end:	20/08/2016 12:08:11 AM
    Scan time:	0:00:11
    Here's my FRST64 logs:

    Code:
    Scan result of Farbar Recovery Scan Tool (FRST) (x64) Version: 19-08-2016
    Ran by Manectric (administrator) on RAIKOU (20-08-2016 09:55:03)
    Running from C:\Users\Electrike\Desktop
    Loaded Profiles: Manectric & Electrike (Available Profiles: Manectric & Electrike)
    Platform: Windows 7 Professional Service Pack 1 (X64) Language: English (United States)
    Internet Explorer Version 11 (Default browser: "Mozilla\Firefox" -osint -url "%1")
    Boot Mode: Safe Mode (with Networking)
    Tutorial for Farbar Recovery Scan Tool: http://www.geekstogo.com/forum/topic/335081-frst-tutorial-how-to-use-farbar-recovery-scan-tool/
    
    ==================== Processes (Whitelisted) =================
    
    (If an entry is included in the fixlist, the process will be closed. The file will not be moved.)
    
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCore64.exe
    (Microsoft Corporation) C:\Windows\System32\taskmgr.exe
    (GIGABYTE TECHNOLOGY CO., LTD.) C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe
    (NirSoft) C:\Users\Electrike\Downloads\cports-x64\cports.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Microsoft Corporation) C:\Windows\System32\dllhost.exe
    (AO Kaspersky Lab) C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe
    
    
    ==================== Registry (Whitelisted) ===========================
    
    (If an entry is included in the fixlist, the registry item will be restored to default or removed. The file will not be moved.)
    
    HKLM\...\Run: [IAStorIcon] => C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorIcon.exe [322712 2014-10-10] (Intel Corporation)
    HKLM\...\Run: [BTMTrayAgent] => C:\Program Files (x86)\Intel\Bluetooth\btmshellex.dll [7827256 2014-05-14] (Motorola Solutions, Inc.)
    HKLM\...\Run: [ETDCtrl] => C:\Program Files\Elantech\ETDCtrl.exe [3276040 2014-05-21] (ELAN Microelectronics Corp.)
    HKLM\...\Run: [RtHDVCpl] => C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [13675736 2014-08-14] (Realtek Semiconductor)
    HKLM\...\Run: [RtHDVBg_Dolby] => C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe [1396592 2014-09-01] (Realtek Semiconductor)
    HKLM-x32\...\Run: [Dolby Home Theater v4] => C:\Program Files (x86)\Dolby Home Theater v4\pcee4.exe [508656 2012-09-01] (Dolby Laboratories Inc.)
    HKLM-x32\...\Run: [USB3MON] => C:\Program Files (x86)\Intel\Intel(R) USB 3.0 eXtensible Host Controller Driver\Application\iusb3mon.exe [292848 2014-06-28] (Intel Corporation)
    HKLM-x32\...\Run: [Razer Naga Driver] => C:\Program Files (x86)\Razer\Naga\RazerNagaSysTray.exe [953232 2011-11-16] (Razer USA Ltd)
    HKLM-x32\...\Run: [IJNetworkScannerSelectorEX] => C:\Program Files (x86)\Canon\IJ Network Scanner Selector EX\CNMNSST.exe [452016 2011-01-15] (CANON INC.)
    HKLM-x32\...\RunOnce: [SmartUpdate] => C:\Program Files\GIGABYTE\Smart Update\urgent.exe [355840 2014-10-22] (GIGABYTE)
    HKLM Group Policy restriction on software: *.JSE <====== ATTENTION
    HKLM Group Policy restriction on software: *.JS <====== ATTENTION
    HKLM Group Policy restriction on software: *.VBE <====== ATTENTION
    HKLM Group Policy restriction on software: *.VBS <====== ATTENTION
    HKLM Group Policy restriction on software: *.WSF <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile% <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Windows\System32\VSSAdmin.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %appdata% <====== ATTENTION
    HKLM Group Policy restriction on software: *.WSH <====== ATTENTION
    HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRoot% <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Program Files (x86)\ProcessExplorer\ <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Users\Electrike\Desktop\Group Policy.msc <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Windows\system32\cmd.exe <====== ATTENTION
    HKLM Group Policy restriction on software: C:\Windows\system32\taskmgr.exe <====== ATTENTION
    HKLM Group Policy restriction on software: %HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ProgramFilesDir% <====== ATTENTION
    HKLM Group Policy restriction on software: %userprofile%\Downloads <====== ATTENTION
    HKLM\...\Policies\Explorer: [NoThumbnailCache] 1
    HKLM\...\Policies\Explorer: [DisableThumbnailsOnNetworkFolders] 1
    HKLM\...\Policies\Explorer: [NoCDBurning] 1
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [SpybotSD TeaTimer] => C:\Program Files (x86)\Spybot - Search & Destroy\TeaTimer.exe [2260480 2009-03-05] (Safer-Networking Ltd.)
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [SUPERAntiSpyware] => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [7943072 2016-07-06] (SUPERAntiSpyware)
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-06] (Ruiware)
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Run: [Skype] => C:\Program Files (x86)\Skype\Phone\Skype.exe [29494400 2016-07-13] (Skype Technologies S.A.)
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [SandboxieControl] => C:\Program Files\Sandboxie\SbieCtrl.exe [797328 2016-06-15] (Sandboxie Holdings, LLC)
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Run: [WinPatrol] => C:\Program Files (x86)\Ruiware\WinPatrol\winpatrol.exe [1216648 2015-08-06] (Ruiware)
    AppInit_DLLs: C:\Windows\system32\nvinitx.dll => C:\Windows\system32\nvinitx.dll [174856 2014-10-13] (NVIDIA Corporation)
    AppInit_DLLs-x32: C:\Windows\SysWOW64\nvinit.dll => C:\Windows\SysWOW64\nvinit.dll [156840 2014-10-13] (NVIDIA Corporation)
    ShellIconOverlayIdentifiers: [IDM Shell Extension] -> {CDC95B92-E27C-4745-A8C5-64A52A78855D} => C:\Program Files (x86)\Internet Download Manager\IDMShellExt64.dll [2015-08-14] (Tonec Inc.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\GBOSDV3.lnk [2014-10-30]
    ShortcutTarget: GBOSDV3.lnk -> C:\Program Files\GIGABYTE\SmartManagerV3\OSD\GBOSDV2.exe (GIGABYTE TECHNOLOGY CO., LTD.)
    Startup: C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\Welcome.lnk [2014-10-31]
    ShortcutTarget: Welcome.lnk -> C:\Program Files\GIGABYTE\Smart USB Backup\Welcome.exe ()
    GroupPolicyScripts: Restriction <======= ATTENTION
    
    ==================== Internet (Whitelisted) ====================
    
    (If an item is included in the fixlist, if it is a registry item it will be removed or restored to default.)
    
    Winsock: Catalog5 08 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
    Winsock: Catalog5 09 C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
    Winsock: Catalog5-x64 08 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
    Winsock: Catalog5-x64 09 C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDNSP.DLL No File 
    Tcpip\..\Interfaces\{19335884-B8F1-4C09-BCC6-6644B6627BFF}: [NameServer] 192.168.1.1,8.8.8.8
    Tcpip\..\Interfaces\{8ED6DA2E-8DC3-40FF-83BF-0D80A3F52055}: [NameServer] 8.8.8.8,8.8.4.4
    Tcpip\..\Interfaces\{8ED6DA2E-8DC3-40FF-83BF-0D80A3F52055}: [DhcpNameServer] 192.168.1.1
    
    Internet Explorer:
    ==================
    HKLM\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\.DEFAULT\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\SOFTWARE\Policies\Microsoft\Internet Explorer: Restriction <======= ATTENTION
    HKLM\Software\Microsoft\Internet Explorer\Main,Local Page = 
    HKLM\Software\Wow6432Node\Microsoft\Internet Explorer\Main,Local Page = 
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/?pc=SBJB
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Software\Microsoft\Internet Explorer\Main,Start Page = hxxp://localoem.msn.com/?pc=SBJB
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = hxxp://localoem.msn.com/?pc=SBJB
    SearchScopes: HKLM -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKLM-x32 -> {0633EE93-D776-472f-A0FF-E1416B8B2E3A} URL = 
    SearchScopes: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000 -> DefaultScope {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL = 
    SearchScopes: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001 -> {B0C9ACC6-6B01-470F-B98A-DCC12B58795A} URL = 
    BHO: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC64.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
    BHO: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    BHO: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
    BHO-x32: IDM integration (IDMIEHlprObj Class) -> {0055C089-8582-441B-A0BF-17B458C2A3A8} -> C:\Program Files (x86)\Internet Download Manager\IDMIECC.dll [2015-12-08] (Internet Download Manager, Tonec Inc.)
    BHO-x32: Kaspersky Protection -> {03993315-5CE9-4F00-8790-D14A94F1D91A} -> C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    BHO-x32: Spybot-S&D IE Protection -> {53707962-6F74-2D53-2644-206D7942484F} -> C:\Program Files (x86)\Spybot - Search & Destroy\SDHelper.dll [2009-01-26] (Safer Networking Limited)
    BHO-x32: No Name -> {9030D464-4C02-4ABF-8ECC-5164760863C6} -> No File
    Toolbar: HKLM - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    Toolbar: HKLM-x32 - Kaspersky Protection Toolbar - {001032CB-B0AC-4F2C-A650-AD4B2B26E5DA} - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\IEExt\ie_plugin.dll [2015-12-22] (AO Kaspersky Lab)
    
    FireFox:
    ========
    FF ProfilePath: C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default
    FF Plugin: @adobe.com/FlashPlayer -> C:\Windows\system32\Macromed\Flash\NPSWF64_22_0_0_209.dll [2016-08-06] ()
    FF Plugin: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: @adobe.com/FlashPlayer -> C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_22_0_0_209.dll [2016-08-06] ()
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI ipt;version=4.0.5 -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIIPT.dll [2014-04-30] (Intel Corporation)
    FF Plugin-x32: @intel-webapi.intel.com/Intel WebAPI updater -> C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\IPT\npIntelWebAPIUpdater.dll [2014-04-30] (Intel Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE -> disabled [No File]
    FF Plugin-x32: Adobe Reader -> C:\Program Files (x86)\Adobe\Acrobat Reader DC\Reader\AIR\nppdf32.dll [2016-06-30] (Adobe Systems Inc.)
    FF Extension: WOT - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\extensions\{a0d7ccb3-214d-498b-b4aa-0e8fda9a7bf7} [2016-01-22]
    FF Extension: TrafficLight - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\extensions\trafficlight@bitdefender.com.xpi [2016-01-22]
    FF Extension: HTTPS-Everywhere - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\extensions\https-everywhere@eff.org [2016-01-22]
    FF Extension: NoScript - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\extensions\{73a6fe31-595d-460b-a920-fcc0f8843232}.xpi [2016-06-11]
    FF Extension: Flagfox - C:\Users\Manectric\AppData\Roaming\Mozilla\Firefox\Profiles\ipvqxq4h.default\Extensions\{1018e4d6-728f-4b20-ad56-37578a4de76b}.xpi [2016-01-22]
    FF HKLM-x32\...\Firefox\Extensions: [light_plugin_ACF0E80077C511E59DED005056C00008@kaspersky.com] - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi
    FF Extension: Kaspersky Protection - C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\FFExt\light_plugin_firefox\addon.xpi [2016-08-16]
    FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    FF Extension: IDM integration - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi [2016-06-08]
    FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Manectric\AppData\Roaming\IDM\idmmzcc5
    FF Extension: IDM CC - C:\Users\Manectric\AppData\Roaming\IDM\idmmzcc5 [2016-06-16] [not signed]
    FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\Firefox\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\SeaMonkey\Extensions: [mozilla_cc@internetdownloadmanager.com] - C:\Users\Electrike\AppData\Roaming\IDM\idmmzcc5
    FF Extension: IDM CC - C:\Users\Electrike\AppData\Roaming\IDM\idmmzcc5 [2016-08-13] [not signed]
    FF HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\SeaMonkey\Extensions: [mozilla_cc2@internetdownloadmanager.com] - C:\Program Files (x86)\Internet Download Manager\idmmzcc2.xpi
    
    Chrome: 
    =======
    CHR HKLM\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
    CHR HKLM\...\Chrome\Extension: [ngpampappnmepgilojfohadhhmbhlaek] - C:\Program Files (x86)\Internet Download Manager\IDMGCExt.crx [2016-06-10]
    CHR HKLM-x32\...\Chrome\Extension: [lpeeaghdjmhlakojjcgfdhgcejdaefmi] - hxxps://chrome.google.com/webstore/detail/lpeeaghdjmhlakojjcgfdhgcejdaefmi
    
    ==================== Services (Whitelisted) ========================
    
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    
    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [172344 2014-07-23] (SUPERAntiSpyware.com)
    S2 AVP16.0.1; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\avp.exe [236928 2015-12-22] (AO Kaspersky Lab)
    S2 ElevateService; C:\Program Files\GIGABYTE\SmartManagerV3\ElevateService.exe [14336 2014-10-29] () [File not signed]
    S2 IAStorDataMgrSvc; C:\Program Files\Intel\Intel(R) Rapid Storage Technology\IAStorDataMgrSvc.exe [18584 2014-10-10] (Intel Corporation)
    S2 igfxCUIService1.0.0.0; C:\Windows\system32\igfxCUIService.exe [318568 2014-10-04] (Intel Corporation)
    S3 Intel(R) Capability Licensing Service TCP IP Interface; C:\Program Files\Intel\iCLS Client\SocketHeciServer.exe [887232 2014-02-01] (Intel(R) Corporation)
    S2 Intel(R) ME Service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\FWService\IntelMeFWService.exe [131544 2014-04-30] (Intel Corporation)
    S3 iumsvc; C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [178312 2015-09-25] (Intel Corporation)
    S2 jhi_service; C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\DAL\jhi_service.exe [154584 2014-04-30] (Intel Corporation)
    S3 klvssbrigde64; C:\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.1\x64\vssbridge64.exe [152488 2015-12-22] (AO Kaspersky Lab)
    S2 MBAMService; C:\Program Files (x86)\Malwarebytes Anti-Malware\mbamservice.exe [1136608 2016-03-10] (Malwarebytes)
    S3 MyWiFiDHCPDNS; C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe [265936 2014-08-19] ()
    S2 NvNetworkService; C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe [1796928 2014-09-17] (NVIDIA Corporation)
    S2 SbieSvc; C:\Program Files\Sandboxie\SbieSvc.exe [197264 2016-06-15] (Sandboxie Holdings, LLC)
    S2 SBSDWSCService; C:\Program Files (x86)\Spybot - Search & Destroy\SDWinSec.exe [1153368 2009-01-26] (Safer Networking Ltd.)
    S2 Update_Service; C:\Program Files\GIGABYTE\Smart Update\Update_Service.exe [136704 2014-10-22] (GIGABYTE) [File not signed]
    S3 WinDefend; C:\Program Files\Windows Defender\mpsvc.dll [1011712 2014-09-02] (Microsoft Corporation)
    S2 ZeroConfigService; C:\Program Files\Intel\WiFi\bin\ZeroConfigService.exe [3817168 2014-08-19] (Intel® Corporation)
    
    ===================== Drivers (Whitelisted) ==========================
    
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    
    S3 btmaux; C:\Windows\System32\DRIVERS\btmaux.sys [141624 2014-05-14] (Motorola Solutions, Inc.)
    S3 btmhsf; C:\Windows\System32\DRIVERS\btmhsf.sys [1424184 2014-05-14] (Motorola Solutions, Inc.)
    S3 btmlehid; C:\Windows\system32\drivers\btmlehid.sys [83256 2014-02-04] (Motorola Solutions, Inc.)
    R0 cm_km; C:\Windows\System32\DRIVERS\cm_km.sys [389816 2015-07-06] (Kaspersky Lab ZAO)
    S3 ebdrv; C:\Windows\system32\drivers\evbda.sys [3286016 2009-06-11] (Broadcom Corporation)
    S1 epp; C:\EEK\bin64\epp.sys [116944 2016-06-30] (Emsisoft Ltd)
    R0 iaStorF; C:\Windows\System32\drivers\iaStorF.sys [30360 2014-10-09] (Intel Corporation)
    S3 ibtusb; C:\Windows\System32\DRIVERS\ibtusb.sys [210376 2014-07-04] (Intel Corporation)
    R0 kl1; C:\Windows\System32\DRIVERS\kl1.sys [478392 2015-09-11] (Kaspersky Lab ZAO)
    R0 klbackupdisk; C:\Windows\System32\DRIVERS\klbackupdisk.sys [53432 2015-06-06] (Kaspersky Lab ZAO)
    S1 klbackupflt; C:\Windows\System32\DRIVERS\klbackupflt.sys [79240 2015-12-01] (AO Kaspersky Lab)
    S2 kldisk; C:\Windows\System32\DRIVERS\kldisk.sys [78200 2015-12-02] (AO Kaspersky Lab)
    R3 klflt; C:\Windows\System32\DRIVERS\klflt.sys [182152 2015-12-11] (AO Kaspersky Lab)
    S1 klhk; C:\Windows\System32\DRIVERS\klhk.sys [236888 2016-08-16] (AO Kaspersky Lab)
    S3 klids; C:\ProgramData\Kaspersky Lab\AVP16.0.1\Bases\klids.sys [182360 2016-08-17] (AO Kaspersky Lab)
    S1 KLIF; C:\Windows\System32\DRIVERS\klif.sys [1001304 2016-08-16] (AO Kaspersky Lab)
    R1 KLIM6; C:\Windows\System32\DRIVERS\klim6.sys [50776 2016-04-29] (AO Kaspersky Lab)
    S3 klkbdflt; C:\Windows\System32\DRIVERS\klkbdflt.sys [52608 2015-11-11] (AO Kaspersky Lab)
    S3 klmouflt; C:\Windows\System32\DRIVERS\klmouflt.sys [41648 2015-06-07] (Kaspersky Lab ZAO)
    S1 klpd; C:\Windows\System32\DRIVERS\klpd.sys [45960 2015-12-07] (AO Kaspersky Lab)
    R1 kltdi; C:\Windows\System32\DRIVERS\kltdi.sys [65208 2015-06-11] (Kaspersky Lab ZAO)
    R1 Klwtp; C:\Windows\System32\DRIVERS\klwtp.sys [110424 2016-08-16] (AO Kaspersky Lab)
    S1 kneps; C:\Windows\System32\DRIVERS\kneps.sys [194440 2015-12-03] (AO Kaspersky Lab)
    S3 MBAMProtector; C:\Windows\system32\drivers\mbam.sys [27008 2016-03-10] (Malwarebytes)
    S3 MBAMSwissArmy; C:\Windows\system32\drivers\MBAMSwissArmy.sys [192216 2016-07-08] (Malwarebytes)
    S3 MBAMWebAccessControl; C:\Windows\system32\drivers\mwac.sys [64896 2016-03-10] (Malwarebytes Corporation)
    R3 MEIx64; C:\Windows\System32\DRIVERS\TeeDriverx64.sys [118272 2014-04-30] (Intel Corporation)
    R3 NETwNs64; C:\Windows\System32\DRIVERS\Netwsw02.sys [3423720 2014-08-22] (Intel Corporation)
    S3 NVSWCFilter; C:\Windows\system32\drivers\nvswcfilter.sys [19616 2014-09-05] (Windows (R) Win 7 DDK provider)
    S3 nvvad_WaveExtensible; C:\Windows\System32\drivers\nvvad64v.sys [38048 2014-09-05] (NVIDIA Corporation)
    S3 RTSPER; C:\Windows\System32\DRIVERS\RtsPer.sys [429272 2014-10-22] (Realsil Semiconductor Corporation)
    R3 RzSynapse; C:\Windows\System32\DRIVERS\RzSynapse.sys [126464 2011-11-15] (Razer USA Ltd)
    S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-23] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-13] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S3 SbieDrv; C:\Program Files\Sandboxie\SbieDrv.sys [204944 2016-06-15] (Sandboxie Holdings, LLC)
    S2 {687703DE-DC6D-4649-892B-B8497854A6AB}; C:\Program Files (x86)\CyberLink\PowerDVD15\Common\NavFilter\000.fcl [29896 2015-10-05] (CyberLink Corp.)
    S3 NvStreamKms; \??\C:\Program Files\NVIDIA Corporation\NvStreamSrv\NvStreamKms.sys [X]
    
    ==================== NetSvcs (Whitelisted) ===================
    
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    
    
    ==================== One Month Created files and folders ========
    
    (If an entry is included in the fixlist, the file/folder will be moved.)
    
    2016-08-20 09:55 - 2016-08-20 09:55 - 00020957 _____ C:\Users\Electrike\Desktop\FRST.txt
    2016-08-20 09:54 - 2016-08-20 09:55 - 00000000 ____D C:\FRST
    2016-08-20 00:05 - 2016-08-20 09:53 - 00000000 ____D C:\EEK
    2016-08-19 23:45 - 2016-08-19 23:45 - 02395648 _____ (Farbar) C:\Users\Electrike\Desktop\FRST64.exe
    2016-08-19 23:42 - 2016-08-19 23:53 - 247661272 _____ C:\Users\Electrike\Desktop\EmsisoftEmergencyKit.exe
    2016-08-18 09:23 - 2016-08-18 09:26 - 00071387 _____ C:\Windows\system32\activity.txt
    2016-08-18 09:20 - 2016-08-18 10:01 - 00000000 ____D C:\Users\Electrike\Downloads\cports-x64
    2016-08-18 09:19 - 2016-08-18 09:19 - 00113711 _____ C:\Users\Electrike\Downloads\cports-x64.zip
    2016-08-18 09:15 - 2016-08-18 09:15 - 00000000 _____ C:\Users\Electrike\test.txt
    2016-08-17 13:08 - 2016-08-17 13:08 - 00000144 _____ C:\Windows\system32\{A6D608F0-0BDE-491A-97AE-5C4B05D86E01}.bat
    2016-08-17 12:41 - 2016-08-17 12:41 - 00003536 _____ C:\bootsqm.dat
    2016-08-17 12:26 - 2016-08-17 12:29 - 00000000 ____D C:\Users\Electrike\Downloads\Tweaking.com - Windows Repair
    2016-08-17 12:23 - 2016-08-17 12:24 - 27326629 _____ C:\Users\Electrike\Downloads\tweaking.com_windows_repair_aio.zip
    2016-08-17 12:21 - 2016-08-17 12:21 - 06761600 _____ (ESET spol. s r.o.) C:\Users\Electrike\Downloads\esetonlinescanner_enu.exe
    2016-08-14 16:09 - 2016-08-14 16:09 - 00002697 _____ C:\Users\Public\Desktop\Skype.lnk
    2016-08-14 16:09 - 2016-08-14 16:09 - 00000000 ___RD C:\Program Files (x86)\Skype
    2016-08-14 16:09 - 2016-08-14 16:09 - 00000000 ____D C:\ProgramData\Skype
    2016-08-14 16:09 - 2016-08-14 16:09 - 00000000 ____D C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Skype
    2016-08-14 00:10 - 2016-08-14 00:10 - 00076653 _____ C:\Users\Electrike\Desktop\Group Policy.msc
    2016-08-13 10:46 - 2016-08-14 18:22 - 00021280 __RSH C:\ProgramData\ntuser.pol
    2016-08-13 09:34 - 2016-08-13 09:51 - 00000000 ____D C:\Users\Electrike\Downloads\CrystalDiskMark5_1_2Shizuku
    2016-08-13 09:32 - 2016-08-13 09:32 - 00000201 _____ C:\Users\Electrike\Downloads\CrystalDiskMark5_1_2Shizuku.zip.txt
    2016-08-13 09:30 - 2016-08-13 09:30 - 17699182 _____ C:\Users\Electrike\Downloads\CrystalDiskMark5_1_2Shizuku.zip
    2016-08-13 09:21 - 2016-08-13 09:21 - 00003148 _____ C:\Windows\System32\Tasks\FRAPS
    2016-08-10 09:37 - 2016-08-02 22:54 - 00394440 _____ (Microsoft Corporation) C:\Windows\system32\iedkcs32.dll
    2016-08-10 09:37 - 2016-08-02 22:08 - 00346312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iedkcs32.dll
    2016-08-10 09:37 - 2016-08-02 14:54 - 25808384 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2016-08-10 09:37 - 2016-08-02 14:47 - 02724864 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2016-08-10 09:37 - 2016-08-02 14:47 - 00004096 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollectorres.dll
    2016-08-10 09:37 - 2016-08-02 14:32 - 02894336 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2016-08-10 09:37 - 2016-08-02 14:32 - 00066560 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2016-08-10 09:37 - 2016-08-02 14:31 - 00572416 _____ (Microsoft Corporation) C:\Windows\system32\vbscript.dll
    2016-08-10 09:37 - 2016-08-02 14:31 - 00417792 _____ (Microsoft Corporation) C:\Windows\system32\html.iec
    2016-08-10 09:37 - 2016-08-02 14:31 - 00088064 _____ (Microsoft Corporation) C:\Windows\system32\MshtmlDac.dll
    2016-08-10 09:37 - 2016-08-02 14:31 - 00048640 _____ (Microsoft Corporation) C:\Windows\system32\ieetwproxystub.dll
    2016-08-10 09:37 - 2016-08-02 14:24 - 00054784 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2016-08-10 09:37 - 2016-08-02 14:23 - 00034304 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2016-08-10 09:37 - 2016-08-02 14:20 - 00615936 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2016-08-10 09:37 - 2016-08-02 14:19 - 00144384 _____ (Microsoft Corporation) C:\Windows\system32\ieUnatt.exe
    2016-08-10 09:37 - 2016-08-02 14:19 - 00114688 _____ (Microsoft Corporation) C:\Windows\system32\ieetwcollector.exe
    2016-08-10 09:37 - 2016-08-02 14:18 - 06047744 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2016-08-10 09:37 - 2016-08-02 14:18 - 00817664 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2016-08-10 09:37 - 2016-08-02 14:18 - 00814080 _____ (Microsoft Corporation) C:\Windows\system32\jscript9diag.dll
    2016-08-10 09:37 - 2016-08-02 14:11 - 00969216 _____ (Microsoft Corporation) C:\Windows\system32\MsSpellCheckingFacility.exe
    2016-08-10 09:37 - 2016-08-02 14:08 - 00489984 _____ (Microsoft Corporation) C:\Windows\system32\dxtmsft.dll
    2016-08-10 09:37 - 2016-08-02 14:03 - 02724864 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2016-08-10 09:37 - 2016-08-02 14:00 - 00077824 _____ (Microsoft Corporation) C:\Windows\system32\JavaScriptCollectionAgent.dll
    2016-08-10 09:37 - 2016-08-02 13:59 - 00107520 _____ (Microsoft Corporation) C:\Windows\system32\inseng.dll
    2016-08-10 09:37 - 2016-08-02 13:56 - 00199680 _____ (Microsoft Corporation) C:\Windows\system32\msrating.dll
    2016-08-10 09:37 - 2016-08-02 13:55 - 00092160 _____ (Microsoft Corporation) C:\Windows\system32\mshtmled.dll
    2016-08-10 09:37 - 2016-08-02 13:54 - 20343808 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2016-08-10 09:37 - 2016-08-02 13:53 - 00315392 _____ (Microsoft Corporation) C:\Windows\system32\dxtrans.dll
    2016-08-10 09:37 - 2016-08-02 13:51 - 00497664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\vbscript.dll
    2016-08-10 09:37 - 2016-08-02 13:51 - 00341504 _____ (Microsoft Corporation) C:\Windows\SysWOW64\html.iec
    2016-08-10 09:37 - 2016-08-02 13:51 - 00152064 _____ (Microsoft Corporation) C:\Windows\system32\occache.dll
    2016-08-10 09:37 - 2016-08-02 13:51 - 00062464 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2016-08-10 09:37 - 2016-08-02 13:51 - 00047616 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieetwproxystub.dll
    2016-08-10 09:37 - 2016-08-02 13:50 - 00064000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\MshtmlDac.dll
    2016-08-10 09:37 - 2016-08-02 13:47 - 02286592 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2016-08-10 09:37 - 2016-08-02 13:45 - 00047104 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2016-08-10 09:37 - 2016-08-02 13:44 - 00030720 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2016-08-10 09:37 - 2016-08-02 13:42 - 00476160 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2016-08-10 09:37 - 2016-08-02 13:41 - 00663552 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2016-08-10 09:37 - 2016-08-02 13:41 - 00620032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9diag.dll
    2016-08-10 09:37 - 2016-08-02 13:41 - 00115712 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieUnatt.exe
    2016-08-10 09:37 - 2016-08-02 13:40 - 00262144 _____ (Microsoft Corporation) C:\Windows\system32\webcheck.dll
    2016-08-10 09:37 - 2016-08-02 13:38 - 00806400 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2016-08-10 09:37 - 2016-08-02 13:38 - 00724992 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2016-08-10 09:37 - 2016-08-02 13:37 - 01359360 _____ (Microsoft Corporation) C:\Windows\system32\mshtmlmedia.dll
    2016-08-10 09:37 - 2016-08-02 13:36 - 02131456 _____ (Microsoft Corporation) C:\Windows\system32\inetcpl.cpl
    2016-08-10 09:37 - 2016-08-02 13:33 - 00416256 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtmsft.dll
    2016-08-10 09:37 - 2016-08-02 13:29 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\JavaScriptCollectionAgent.dll
    2016-08-10 09:37 - 2016-08-02 13:28 - 15412224 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2016-08-10 09:37 - 2016-08-02 13:28 - 00091136 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inseng.dll
    2016-08-10 09:37 - 2016-08-02 13:26 - 00168960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msrating.dll
    2016-08-10 09:37 - 2016-08-02 13:25 - 00076288 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmled.dll
    2016-08-10 09:37 - 2016-08-02 13:24 - 00279040 _____ (Microsoft Corporation) C:\Windows\SysWOW64\dxtrans.dll
    2016-08-10 09:37 - 2016-08-02 13:23 - 02868224 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2016-08-10 09:37 - 2016-08-02 13:22 - 00130048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\occache.dll
    2016-08-10 09:37 - 2016-08-02 13:21 - 04608000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2016-08-10 09:37 - 2016-08-02 13:16 - 00230400 _____ (Microsoft Corporation) C:\Windows\SysWOW64\webcheck.dll
    2016-08-10 09:37 - 2016-08-02 13:15 - 00692736 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2016-08-10 09:37 - 2016-08-02 13:14 - 02055680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\inetcpl.cpl
    2016-08-10 09:37 - 2016-08-02 13:14 - 01155072 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtmlmedia.dll
    2016-08-10 09:37 - 2016-08-02 13:11 - 13808128 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2016-08-10 09:37 - 2016-08-02 13:10 - 01550848 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2016-08-10 09:37 - 2016-08-02 12:59 - 00800768 _____ (Microsoft Corporation) C:\Windows\system32\ieapfltr.dll
    2016-08-10 09:37 - 2016-08-02 12:56 - 02393088 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2016-08-10 09:37 - 2016-08-02 12:53 - 01316352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2016-08-10 09:37 - 2016-08-02 12:51 - 00710144 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieapfltr.dll
    2016-08-10 09:37 - 2016-07-08 23:37 - 00154856 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecpkg.sys
    2016-08-10 09:37 - 2016-07-08 23:37 - 00095464 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ksecdd.sys
    2016-08-10 09:37 - 2016-07-08 23:32 - 01464320 _____ (Microsoft Corporation) C:\Windows\system32\lsasrv.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 01212928 _____ (Microsoft Corporation) C:\Windows\system32\rpcrt4.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00730624 _____ (Microsoft Corporation) C:\Windows\system32\kerberos.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00690688 _____ (Microsoft Corporation) C:\Windows\system32\adtschema.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00463872 _____ (Microsoft Corporation) C:\Windows\system32\certcli.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00343552 _____ (Microsoft Corporation) C:\Windows\system32\schannel.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00316416 _____ (Microsoft Corporation) C:\Windows\system32\msv1_0.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00312320 _____ (Microsoft Corporation) C:\Windows\system32\ncrypt.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00210432 _____ (Microsoft Corporation) C:\Windows\system32\wdigest.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00190464 _____ (Microsoft Corporation) C:\Windows\system32\rpchttp.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00146432 _____ (Microsoft Corporation) C:\Windows\system32\msaudite.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00135680 _____ (Microsoft Corporation) C:\Windows\system32\sspicli.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00086528 _____ (Microsoft Corporation) C:\Windows\system32\TSpkg.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00060416 _____ (Microsoft Corporation) C:\Windows\system32\msobjs.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\cryptbase.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00028672 _____ (Microsoft Corporation) C:\Windows\system32\sspisrv.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00028160 _____ (Microsoft Corporation) C:\Windows\system32\secur32.dll
    2016-08-10 09:37 - 2016-07-08 23:32 - 00022016 _____ (Microsoft Corporation) C:\Windows\system32\credssp.dll
    2016-08-10 09:37 - 2016-07-08 23:17 - 00666112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpcrt4.dll
    2016-08-10 09:37 - 2016-07-08 23:17 - 00096768 _____ (Microsoft Corporation) C:\Windows\SysWOW64\sspicli.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\adtschema.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00553472 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kerberos.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00342528 _____ (Microsoft Corporation) C:\Windows\SysWOW64\certcli.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00260608 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msv1_0.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00251392 _____ (Microsoft Corporation) C:\Windows\SysWOW64\schannel.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00223232 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ncrypt.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00172032 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wdigest.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00146432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msaudite.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00141312 _____ (Microsoft Corporation) C:\Windows\SysWOW64\rpchttp.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00065536 _____ (Microsoft Corporation) C:\Windows\SysWOW64\TSpkg.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00060416 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msobjs.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00022016 _____ (Microsoft Corporation) C:\Windows\SysWOW64\secur32.dll
    2016-08-10 09:37 - 2016-07-08 23:16 - 00017408 _____ (Microsoft Corporation) C:\Windows\SysWOW64\credssp.dll
    2016-08-10 09:37 - 2016-07-08 23:03 - 00064000 _____ (Microsoft Corporation) C:\Windows\system32\auditpol.exe
    2016-08-10 09:37 - 2016-07-08 22:57 - 00159744 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb.sys
    2016-08-10 09:37 - 2016-07-08 22:56 - 00291328 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb10.sys
    2016-08-10 09:37 - 2016-07-08 22:56 - 00129536 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\mrxsmb20.sys
    2016-08-10 09:37 - 2016-07-08 22:55 - 00050176 _____ (Microsoft Corporation) C:\Windows\SysWOW64\auditpol.exe
    2016-08-10 09:37 - 2016-07-08 22:55 - 00030720 _____ (Microsoft Corporation) C:\Windows\system32\lsass.exe
    2016-08-10 09:37 - 2016-07-08 22:50 - 00036352 _____ (Microsoft Corporation) C:\Windows\SysWOW64\cryptbase.dll
    2016-08-10 09:35 - 2016-07-08 23:01 - 03218944 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2016-08-08 20:01 - 2016-08-08 20:01 - 00000000 ____D C:\Users\Manectric\AppData\Local\CrashDumps
    2016-08-08 20:01 - 2016-08-08 20:01 - 00000000 ____D C:\Users\Electrike\AppData\Local\ESET
    2016-08-08 18:57 - 2016-08-08 18:57 - 00000000 ____D C:\Users\Manectric\AppData\Local\ESET
    2016-08-07 13:14 - 2016-08-07 13:14 - 00000207 _____ C:\Windows\tweaking.com-regbackup-RAIKOU-Windows-7-Professional-(64-bit).dat
    2016-08-07 13:13 - 2016-08-07 13:13 - 00018139 _____ C:\Windows\Tweaking.com - Registry Backup Setup Log.txt
    2016-08-07 09:01 - 2016-08-17 13:07 - 00084896 _____ C:\Users\Electrike\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-08-06 15:26 - 2016-08-06 15:27 - 00000000 ____D C:\Users\Electrike\AppData\Local\tkdata
    2016-08-06 15:25 - 2016-08-07 09:00 - 00000000 ____D C:\Program Files\Common Files\McAfee
    2016-08-06 15:25 - 2016-08-06 19:56 - 00000000 ____D C:\ProgramData\McAfee
    2016-08-06 09:44 - 2016-08-06 10:09 - 01125745 _____ C:\Users\Electrike\Downloads\Trainer for Oil Rush.zip
    2016-08-03 05:57 - 2016-08-13 23:43 - 00000892 _____ C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job
    2016-08-03 05:57 - 2016-08-03 05:57 - 00003890 _____ C:\Windows\System32\Tasks\Adobe Flash Player PPAPI Notifier
    2016-07-28 23:16 - 2016-07-28 23:16 - 00000000 ____D C:\Windows\EOONotify
    
    ==================== One Month Modified files and folders ========
    
    (If an entry is included in the fixlist, the file/folder will be moved.)
    
    2016-08-20 09:55 - 2016-01-19 13:47 - 00000000 ____D C:\ProgramData\Kaspersky Lab
    2016-08-20 00:08 - 2016-06-26 17:21 - 00000000 ____D C:\Program Files (x86)\Mozilla Firefox
    2016-08-18 09:15 - 2016-01-23 11:54 - 00000000 ____D C:\Users\Electrike
    2016-08-18 09:07 - 2016-07-06 15:25 - 00000000 ____D C:\Users\Electrike\Downloads\Trainer for Oil Rush
    2016-08-17 14:00 - 2009-07-14 13:13 - 00779996 _____ C:\Windows\system32\PerfStringBackup.INI
    2016-08-17 14:00 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\inf
    2016-08-17 13:54 - 2016-07-07 16:17 - 00084896 _____ C:\Users\Manectric\AppData\Local\GDIPFONTCACHEV1.DAT
    2016-08-17 13:54 - 2015-01-12 17:26 - 00180174 _____ C:\Users\Electrike\Documents\%$##!!@.TXT
    2016-08-17 13:31 - 2016-03-06 10:01 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2016-08-17 13:16 - 2009-07-14 12:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2016-08-17 13:16 - 2009-07-14 12:45 - 00016976 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2016-08-17 13:08 - 2014-10-22 14:52 - 00000300 _____ C:\Windows\Tasks\RtlLanOptimizerVistaStart.job
    2016-08-17 13:08 - 2009-07-14 13:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2016-08-17 13:07 - 2016-07-07 19:02 - 00335928 _____ C:\Windows\system32\FNTCACHE.DAT
    2016-08-17 13:06 - 2016-01-20 02:57 - 00000000 ____D C:\Windows\CSC
    2016-08-17 13:01 - 2009-07-14 10:34 - 00000722 _____ C:\Windows\win.ini
    2016-08-17 12:42 - 2016-01-22 11:27 - 00000000 ____D C:\Program Files (x86)\Razer
    2016-08-16 18:41 - 2016-06-16 15:04 - 01001304 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klif.sys
    2016-08-16 18:41 - 2016-04-29 06:12 - 00236888 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klhk.sys
    2016-08-16 18:41 - 2015-12-03 11:10 - 00110424 _____ (AO Kaspersky Lab) C:\Windows\system32\Drivers\klwtp.sys
    2016-08-15 09:41 - 2016-04-30 09:15 - 00000000 ____D C:\Program Files (x86)\Mozilla Maintenance Service
    2016-08-14 23:09 - 2016-06-23 22:12 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\Skype
    2016-08-14 18:19 - 2016-01-23 16:45 - 00001157 _____ C:\Users\Public\Desktop\Mozilla Firefox.lnk
    2016-08-14 18:17 - 2016-01-23 16:45 - 00001071 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mozilla Firefox.lnk
    2016-08-13 09:21 - 2016-01-22 17:01 - 00000000 ____D C:\Fraps
    2016-08-12 12:14 - 2009-07-14 11:20 - 00000000 ____D C:\Windows\rescache
    2016-08-11 21:52 - 2009-07-14 11:20 - 00000000 ____D C:\Program Files\Common Files\Microsoft Shared
    2016-08-11 11:30 - 2016-01-22 11:28 - 00009896 _____ C:\Windows\Sandboxie.ini
    2016-08-11 00:18 - 2016-01-22 20:48 - 00000000 ____D C:\Windows\system32\MRT
    2016-08-11 00:16 - 2016-01-22 20:48 - 147640136 ____C (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2016-08-08 11:58 - 2016-01-22 17:02 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2016-08-08 11:37 - 2016-04-29 15:47 - 00000000 ____D C:\Users\Electrike\AppData\Local\CrashDumps
    2016-08-07 09:00 - 2014-10-22 13:35 - 00000000 ____D C:\Program Files\Intel
    2016-08-06 15:26 - 2014-10-22 13:37 - 00000000 ____D C:\ProgramData\Intel
    2016-08-06 15:22 - 2016-03-06 10:01 - 00796352 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2016-08-06 15:22 - 2016-03-06 10:01 - 00142528 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2016-08-06 15:22 - 2016-03-06 10:01 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2016-08-06 15:20 - 2016-01-31 11:21 - 00000000 ____D C:\Users\Electrike\AppData\Local\Adobe
    2016-08-06 15:20 - 2016-01-22 23:34 - 00000000 ____D C:\Users\Manectric\AppData\Local\Adobe
    2016-08-06 15:18 - 2016-07-17 00:50 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\WinPatrol
    2016-08-05 17:34 - 2016-01-22 11:24 - 00003832 _____ C:\Windows\System32\Tasks\Opera scheduled Autoupdate 1453433047
    2016-08-05 17:34 - 2016-01-22 11:24 - 00000000 ____D C:\Program Files (x86)\Opera
    2016-08-05 16:48 - 2016-01-23 17:21 - 00000000 ____D C:\Users\Electrike\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Steam
    2016-08-03 16:00 - 2016-03-11 08:40 - 00002441 _____ C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Acrobat Reader DC.lnk
    2016-08-01 13:06 - 2014-10-22 14:49 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2016-07-28 23:16 - 2016-01-22 21:14 - 00000000 ___SD C:\Windows\SysWOW64\GWX
    2016-07-28 23:16 - 2016-01-22 21:14 - 00000000 ___SD C:\Windows\system32\GWX
    
    ==================== Files in the root of some directories =======
    
    2016-01-19 10:59 - 2016-01-22 17:20 - 0000020 _____ () C:\Users\Manectric\AppData\Roaming\db.ini
    2014-08-20 12:06 - 2014-08-20 12:06 - 0000020 _____ () C:\ProgramData\db.ini
    2014-10-22 13:49 - 2014-10-22 13:49 - 0000000 ____H () C:\ProgramData\DP45977C.lfl
    
    Some files in TEMP:
    ====================
    C:\Users\Electrike\AppData\Local\Temp\procexp64.exe
    
    
    ==================== Bamital & volsnap =================
    
    (There is no automatic fix for files that do not pass verification.)
    
    C:\Windows\system32\winlogon.exe => File is digitally signed
    C:\Windows\system32\wininit.exe => File is digitally signed
    C:\Windows\SysWOW64\wininit.exe => File is digitally signed
    C:\Windows\explorer.exe => File is digitally signed
    C:\Windows\SysWOW64\explorer.exe => File is digitally signed
    C:\Windows\system32\svchost.exe => File is digitally signed
    C:\Windows\SysWOW64\svchost.exe => File is digitally signed
    C:\Windows\system32\services.exe => File is digitally signed
    C:\Windows\system32\User32.dll => File is digitally signed
    C:\Windows\SysWOW64\User32.dll => File is digitally signed
    C:\Windows\system32\userinit.exe => File is digitally signed
    C:\Windows\SysWOW64\userinit.exe => File is digitally signed
    C:\Windows\system32\rpcss.dll => File is digitally signed
    C:\Windows\system32\dnsapi.dll => File is digitally signed
    C:\Windows\SysWOW64\dnsapi.dll => File is digitally signed
    C:\Windows\system32\Drivers\volsnap.sys => File is digitally signed
    
    
    LastRegBack: 2016-08-09 15:03
    
    ==================== End of FRST.txt ============================
    Code:
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 19-08-2016
    Ran by Manectric (20-08-2016 09:55:16)
    Running from C:\Users\Electrike\Desktop
    Windows 7 Professional Service Pack 1 (X64) (2016-01-19 02:59:00)
    Boot Mode: Safe Mode (with Networking)
    ==========================================================
    
    
    ==================== Accounts: =============================
    
    Administrator (S-1-5-21-2798084944-1211984927-2140173799-500 - Administrator - Disabled)
    Electrike (S-1-5-21-2798084944-1211984927-2140173799-1001 - Limited - Enabled) => C:\Users\Electrike
    Guest (S-1-5-21-2798084944-1211984927-2140173799-501 - Limited - Disabled)
    Manectric (S-1-5-21-2798084944-1211984927-2140173799-1000 - Administrator - Enabled) => C:\Users\Manectric
    
    ==================== Security Center ========================
    
    (If an entry is included in the fixlist, it will be removed.)
    
    AS: Kaspersky Internet Security (Enabled - Up to date) {3D579475-6DDE-A186-1569-44B9F9DE8725}
    AS: Windows Defender (Disabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    FW: Kaspersky Internet Security (Enabled) {BE0DF4B4-018B-AF50-0486-D6FE7C8A8AE3}
    
    ==================== Installed Programs ======================
    
    (Only the adware programs with "Hidden" flag could be added to the fixlist to unhide them. The adware programs should be uninstalled manually.)
    
    3DMark (HKLM-x32\...\Steam App 223850) (Version:  - Futuremark)
    8BitBoy (HKLM-x32\...\Steam App 296910) (Version:  - AwesomeBlade)
    Absconding Zatwor (HKLM-x32\...\Steam App 385200) (Version:  - Zonitron Productions)
    Adobe Acrobat Reader DC (HKLM-x32\...\{AC76BA86-7AD7-1033-7B44-AC0F074E4100}) (Version: 15.017.20053 - Adobe Systems Incorporated)
    Adobe Flash Player 22 NPAPI (HKLM-x32\...\Adobe Flash Player NPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    Adobe Flash Player 22 PPAPI (HKLM-x32\...\Adobe Flash Player PPAPI) (Version: 22.0.0.209 - Adobe Systems Incorporated)
    AmCap version 9.01 (HKLM-x32\...\{0F45BECF-4C85-4301-A8A4-D2E2AE2A2C08}_is1) (Version: 9.01 - Gigabyte, Inc.)
    Auslogics BoostSpeed 7 (HKLM-x32\...\{7216871F-869E-437C-B9BF-2A13F2DCE63F}_is1) (Version: 7.9.0.0 - Auslogics Labs Pty Ltd)
    BioShock (HKLM-x32\...\Steam App 7670) (Version:  - 2K Boston)
    Blaster Shooter GunGuy! (HKLM-x32\...\Steam App 391740) (Version:  - Adam DeLease)
    Breakout Invaders (HKLM-x32\...\Steam App 366700) (Version:  - DreamsSoftGames)
    Canon Easy-PhotoPrint EX - Additional Materials DL_AN1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN1) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_AN2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN2) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_AN3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN3) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_AN4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN4) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_AN5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_AN5) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_FA1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA1) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_FA2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA2) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_FA3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA3) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_FA4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA4) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_FA5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_FA5) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST1 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST1) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST2 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST2) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST3 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST3) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST4 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST4) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST5 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST5) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST6 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST6) (Version:  - )
    Canon Easy-PhotoPrint EX - Additional Materials DL_ST7 (HKLM-x32\...\Easy-PhotoPrint EX - DL_ST7) (Version:  - )
    Canon Easy-PhotoPrint EX (HKLM-x32\...\Easy-PhotoPrint EX) (Version: 4.1.6 - Canon Inc.)
    Canon IJ Network Scanner Selector EX (HKLM-x32\...\Canon_IJ_Network_Scanner_Selector_EX) (Version:  - )
    Canon IJ Network Tool (HKLM-x32\...\Canon_IJ_Network_UTILITY) (Version: 3.1.1 - Canon Inc.)
    Canon MG6200 series MP Drivers (HKLM\...\{1199FAD5-9546-44f3-81CF-FFDB8040B7BF}_Canon_MG6200_series) (Version:  - Canon Inc.)
    CCleaner (HKLM\...\CCleaner) (Version: 5.13 - Piriform)
    Chivalry: Medieval Warfare (HKLM-x32\...\Steam App 219640) (Version:  - Torn Banner Studios)
    CONSORTIUM (HKLM-x32\...\Steam App 264240) (Version:  - Interdimensional Games Inc)
    Counter-Strike: Global Offensive (HKLM-x32\...\Steam App 730) (Version:  - Valve)
    Counter-Strike: Source (HKLM-x32\...\Steam App 240) (Version:  - Valve)
    CyberLink PowerDVD 15 (HKLM-x32\...\{DE85B8F3-D088-4D6E-A970-EE0BC7883A66}) (Version: 15.0.2205.58 - CyberLink Corp.)
    DayZ (HKLM-x32\...\Steam App 221100) (Version:  - Bohemia Interactive)
    Dolby Home Theater v4 (HKLM-x32\...\{B26438B4-BF51-49C3-9567-7F14A5E40CB9}) (Version: 7.2.8000.17 - Dolby Laboratories Inc)
    Edge of Space (HKLM-x32\...\Steam App 238240) (Version:  - Handyman Studios)
    ELAN Touchpad 11.14.7.1_X64_WHQL (HKLM\...\Elantech) (Version: 11.14.7.1 - ELAN Microelectronic Corp.)
    FaeVerse Alchemy (HKLM\...\Steam App 282880) (Version:  - Subsoap)
    FileZilla Client 3.18.0 (HKLM-x32\...\FileZilla Client) (Version: 3.18.0 - Tim Kosse)
    Fraps (remove only) (HKLM-x32\...\Fraps) (Version:  - )
    Game Dev Tycoon version 1.5.24 (HKLM-x32\...\{5BBB8682-1335-410F-A79F-8E5611A54BD0}_is1) (Version: 1.5.24 - Greenheart Games Pty. Ltd.)
    GIGABYTE Smart USB Backup 2.0.20141014 (HKLM-x32\...\GIGABYTE Smart USB Backup) (Version: 2.0.20141014 - GIGABYTE TECHNOLOGY CO.,LTD.)
    Hell Yeah! (HKLM-x32\...\Steam App 205230) (Version:  - Arkedo)
    Hyperdimension Neptunia Re;Birth1 (HKLM-x32\...\Steam App 282900) (Version:  - Idea Factory, Inc.)
    Hyperdimension Neptunia Re;Birth2 Sisters Generation (HKLM-x32\...\Steam App 351710) (Version:  - Compile Heart)
    Intel(R) Chipset Device Software (x32 Version: 10.0.22 - Intel(R) Corporation) Hidden
    Intel(R) Management Engine Components (HKLM\...\{1CEAC85D-2590-4760-800F-8DE5E91F3700}) (Version: 10.0.2.1000 - Intel Corporation)
    Intel(R) Processor Graphics (HKLM-x32\...\{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}) (Version: 10.18.10.3958 - Intel Corporation)
    Intel(R) Rapid Storage Technology (HKLM\...\{409CB30E-E457-4008-9B1A-ED1B9EA21140}) (Version: 13.5.0.1056 - Intel Corporation)
    Intel(R) Update Manager (HKLM-x32\...\{B991A1BC-DE0F-41B3-9037-B2F948F706EC}) (Version: 3.1.1228 - Intel Corporation)
    Intel(R) USB 3.0 eXtensible Host Controller Driver (HKLM-x32\...\{240C3DDD-C5E9-4029-9DF7-95650D040CF2}) (Version: 3.0.0.34 - Intel Corporation)
    Intel(R) Wireless Bluetooth(R)(patch version 17.0.1427.2) (HKLM\...\{302600C1-6BDF-4FD1-1406-148929CC1385}) (Version: 17.1.1406.0472 - Intel Corporation)
    Intel® PROSet/Wireless Software (HKLM-x32\...\{7991b5ae-96d7-4df2-97fb-a605b7cb638b}) (Version: 17.12.0 - Intel Corporation)
    Internet Download Manager (HKLM-x32\...\Internet Download Manager) (Version:  - Tonec Inc.)
    Jet Set Radio (HKLM-x32\...\Steam App 205950) (Version:  - Blit Software)
    Kaspersky Internet Security (HKLM-x32\...\InstallWIX_{F575F386-57EF-4943-B003-A13F13B05EEB}) (Version: 16.0.1.445 - Kaspersky Lab)
    Kaspersky Internet Security (x32 Version: 16.0.1.445 - Kaspersky Lab) Hidden
    Killing Floor (HKLM-x32\...\Steam App 1250) (Version:  - Tripwire Interactive)
    Killing Floor 2 (HKLM-x32\...\Steam App 232090) (Version:  - Tripwire Interactive)
    Killing Floor SDK (HKLM\...\Steam App 1260) (Version:  - Tripwire Interactive)
    Kingdom Wars (HKLM\...\Steam App 227180) (Version:  - Reverie World Studios, INC)
    LanOptimizer (HKLM-x32\...\{B416A23D-C2BD-4956-8BAE-5C3BAFF1AC1E}) (Version: 1.00.0000 - Realtek)
    Left 4 Dead (HKLM-x32\...\Steam App 500) (Version:  - Valve)
    Left 4 Dead 2 (HKLM-x32\...\Steam App 550) (Version:  - Valve)
    LIMBO (HKLM\...\Steam App 48000) (Version:  - Playdead)
    Malwarebytes Anti-Malware version 2.2.1.1043 (HKLM-x32\...\Malwarebytes Anti-Malware_is1) (Version: 2.2.1.1043 - Malwarebytes)
    MediaInfo 0.7.78 (HKLM\...\MediaInfo) (Version: 0.7.78 - MediaArea.net)
    Microsoft .NET Framework 4.6.1 (HKLM\...\{92FB6C44-E685-45AD-9B20-CADF4CABA132} - 1033) (Version: 4.6.01055 - Microsoft Corporation)
    Microsoft Office (HKLM-x32\...\{90150000-0138-0409-0000-0000000FF1CE}) (Version: 15.0.4569.1506 - Microsoft Corporation)
    Microsoft Office 2007 Service Pack 3 (SP3) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{6E107EB7-8B55-48BF-ACCB-199F86A2CD93}) (Version:  - Microsoft)
    Microsoft Office File Validation Add-In (HKLM-x32\...\{90140000-2005-0000-0000-0000000FF1CE}) (Version: 14.0.5130.5003 - Microsoft Corporation)
    Microsoft Office Professional 2007 (HKLM-x32\...\PROR) (Version: 12.0.6612.1000 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}) (Version: 8.0.61001 - Microsoft Corporation)
    Microsoft Visual C++ 2005 Redistributable (HKLM-x32\...\{7299052b-02a4-4627-81f2-1818da5d550d}) (Version: 8.0.56336 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.21022 (HKLM\...\{350AA351-21FA-3270-8B7A-835434E766AD}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729 (HKLM\...\{14297226-E0A0-3781-8911-E9D529552663}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (HKLM\...\{5FCE6D76-F5DC-37AB-B2B8-22AB8CEDB1D4}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.21022 (HKLM-x32\...\{FF66E9F6-83E7-3A3E-AF14-8DE9A809A6A4}) (Version: 9.0.21022 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17 (HKLM-x32\...\{9A25302D-30C0-39D9-BD6F-21E6EC160475}) (Version: 9.0.30729 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.4148 (HKLM-x32\...\{1F1C2DFC-2D24-3E06-BCB8-725134ADF989}) (Version: 9.0.30729.4148 - Microsoft Corporation)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (HKLM-x32\...\{9BE518E6-ECC6-35A9-88E4-87755C07200F}) (Version: 9.0.30729.6161 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x64 Redistributable - 10.0.40219 (HKLM\...\{1D8E6291-B0D5-35EC-8441-6616F567A0F7}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2010  x86 Redistributable - 10.0.40219 (HKLM-x32\...\{F0C3E5D1-1ADE-321E-8167-68EF0DE699A5}) (Version: 10.0.40219 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x64) - 11.0.61030 (HKLM-x32\...\{ca67548a-5ebe-413a-b50c-4b9ceb6d66c6}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2012 Redistributable (x86) - 11.0.61030 (HKLM-x32\...\{33d1fd90-4274-48a1-9bc1-97e33d9c2d6f}) (Version: 11.0.61030.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x64) - 12.0.30501 (HKLM-x32\...\{050d4fc8-5d48-4b8f-8972-47c82c46020f}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2013 Redistributable (x86) - 12.0.30501 (HKLM-x32\...\{f65db027-aff3-4070-886a-0d87064aabb1}) (Version: 12.0.30501.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x64) - 14.0.23918 (HKLM-x32\...\{dab68466-3a7d-41a8-a5cf-415e3ff8ef71}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Microsoft Visual C++ 2015 Redistributable (x86) - 14.0.23918 (HKLM-x32\...\{2e085fd2-a3e4-4b39-8e10-6b8d35f55244}) (Version: 14.0.23918.0 - Microsoft Corporation)
    Mozilla Firefox 45.3.0 ESR (x86 en-US) (HKLM-x32\...\Mozilla Firefox 45.3.0 ESR (x86 en-US)) (Version: 45.3.0 - Mozilla)
    Mozilla Maintenance Service (HKLM-x32\...\MozillaMaintenanceService) (Version: 45.3.0 - Mozilla)
    MSXML 4.0 SP3 Parser (KB2721691) (HKLM-x32\...\{355B5AC0-CEEE-42C5-AD4D-7F3CFD806C36}) (Version: 4.30.2114.0 - Microsoft Corporation)
    MSXML 4.0 SP3 Parser (KB2758694) (HKLM-x32\...\{1D95BA90-F4F8-47EC-A882-441C99D30C1E}) (Version: 4.30.2117.0 - Microsoft Corporation)
    NVIDIA Graphics Driver 344.42 (HKLM\...\{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver) (Version: 344.42 - NVIDIA Corporation)
    Omikron - The Nomad Soul (HKLM-x32\...\Steam App 243000) (Version:  - Quantic Dream)
    OpenAL (HKLM-x32\...\OpenAL) (Version:  - )
    Opera Stable 39.0.2256.48 (HKLM-x32\...\Opera 39.0.2256.48) (Version: 39.0.2256.48 - Opera Software)
    ORION: Prelude (HKLM-x32\...\Steam App 104900) (Version:  - Spiral Game Studios)
    Razer Naga (HKLM-x32\...\{ED4108A9-60FD-4F18-AF42-122219977773}) (Version: 3.03.01 - Razer USA Ltd.)
    Realtek Card Reader (HKLM-x32\...\{5BC2B5AB-80DE-4E83-B8CF-426902051D0A}) (Version: 6.2.9200.21239 - Realtek Semiconductor Corp.)
    Realtek Ethernet Controller Driver (HKLM-x32\...\{8833FFB6-5B0C-4764-81AA-06DFEED9A476}) (Version: 7.82.317.2014 - Realtek)
    Realtek High Definition Audio Driver (HKLM-x32\...\{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}) (Version: 6.0.1.7348 - Realtek Semiconductor Corp.)
    Renegade Ops (HKLM-x32\...\Steam App 99300) (Version:  - Avalanche Studios)
    Revo Uninstaller Pro 3.1.6 (HKLM\...\{67579783-0FB7-4F7B-B881-E5BE47C9DBE0}_is1) (Version: 3.1.6 - VS Revo Group, Ltd.)
    Sandboxie 5.12 (64-bit) (HKLM\...\Sandboxie) (Version: 5.12 - Sandboxie Holdings, LLC)
    Savage: The Battle For Newerth (Version: 1.0RC3) (HKLM-x32\...\{ABDEBB00-96E9-47A2-94CC-BB0CCC4630DE}_is1) (Version:  - Newerth.com)
    SEGA Genesis & Mega Drive Classics (HKLM-x32\...\Steam App 34270) (Version:  - Sega)
    Skype™ 7.26 (HKLM-x32\...\{FC965A47-4839-40CA-B618-18F486F042C6}) (Version: 7.26.101 - Skype Technologies S.A.)
    Smart Manager V3 Ver 4.4.3 (HKLM\...\Smart Manager V3) (Version: Ver 4.4.3 - GIGABYTE)
    Smart Update v2.3.5 (HKLM-x32\...\Smart Update) (Version: v2.3.5 - GIGABYTE TECHNOLOGY CO.,LTD.)
    Sniper Elite: Nazi Zombie Army 2 (HKLM-x32\...\Steam App 247910) (Version:  - )
    Soulbringer (HKLM-x32\...\Steam App 283310) (Version:  - Infogames Europe SA)
    Spybot - Search & Destroy (HKLM-x32\...\{B4092C6D-E886-4CB2-BA68-FE5A88D31DE6}_is1) (Version: 1.6.2 - Safer Networking Limited)
    SpywareBlaster 5.5 (HKLM-x32\...\SpywareBlaster_is1) (Version: 5.5.0 - BrightFort LLC)
    Star Wars - Battlefront II (HKLM-x32\...\Steam App 6060) (Version:  - Pandemic Studios)
    Starbound - Unstable (HKLM\...\Steam App 367540) (Version:  - )
    Starbound (HKLM-x32\...\Steam App 211820) (Version:  - )
    State of Decay (HKLM-x32\...\Steam App 241540) (Version:  - Undead Labs)
    Steam (HKLM-x32\...\Steam) (Version: 2.10.91.91 - Valve Corporation)
    Street Racing Syndicate (HKLM-x32\...\Steam App 292410) (Version:  - Eutechnyx)
    Super Meat Boy (HKLM-x32\...\Steam App 40800) (Version:  - Team Meat)
    SUPERAntiSpyware (HKLM\...\{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}) (Version: 6.0.1212 - SUPERAntiSpyware.com)
    Team Fortress 2 (HKLM-x32\...\Steam App 440) (Version:  - Valve)
    Terraria (HKLM-x32\...\Steam App 105600) (Version:  - Re-Logic)
    The Ship (HKLM-x32\...\Steam App 2400) (Version:  - Outerlight Ltd.)
    UE3Redist (HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\InstallShield_{6530FDAA-5B1F-4830-95BB-650E9804D239}) (Version: 1.00.0000 - Epic Games)
    UE3Redist (x32 Version: 1.00.0000 - Epic Games) Hidden
    Update for 2007 Microsoft Office System (KB967642) (HKLM-x32\...\{91120000-0014-0000-0000-0000000FF1CE}_PROR_{C444285D-5E4F-48A4-91DD-47AAAA68E92D}) (Version:  - Microsoft)
    Viking: Battle for Asgard (HKLM-x32\...\Steam App 211160) (Version:  - Creative Assembly, PC Port - Hardlight)
    WinPatrol (HKLM-x32\...\{6A206A04-6BC1-411B-AA04-4E52EDEEADF2}) (Version: 33.6.2015.18 - Ruiware)
    WinRAR 5.30 (64-bit) (HKLM\...\WinRAR archiver) (Version: 5.30.0 - win.rar GmbH)
    
    ==================== Custom CLSID (Whitelisted): ==========================
    
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    
    CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{162C6FB5-44D3-435B-903D-E613FA093FB5}\InprocServer32 -> C:\Users\Electrike\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\amd64\FileCoAuthLib64.dll => No F (the data entry has 3 more characters).
    CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{71DCE5D6-4B57-496B-AC21-CD5B54EB93FD}\localserver32 -> C:\Users\Electrike\AppData\Local\Microsoft\OneDrive\17.3.6281.1202\FileCoAuth.exe => No File
    CustomCLSID: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001_Classes\CLSID\{869C14C8-1830-491F-B575-5F9AB40D2B42}\InprocServer32 -> C:\Program Files\MediaInfo\MediaInfo_InfoTip.dll (MediaArea.net)
    
    ==================== Scheduled Tasks (Whitelisted) =============
    
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    
    Task: {0F31E738-83EC-40CD-A7C2-F7CEF30EC5D6} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473-Logon => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
    Task: {281FAFD2-11AC-46FE-B3D7-74FFC96FCB60} - System32\Tasks\RtlLanOptimizerVistaStart => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe [2013-01-18] (Realtek Semiconductor)
    Task: {34744266-050D-465A-AEDC-071063F1F8C6} - System32\Tasks\Opera scheduled Autoupdate 1453433047 => C:\Program Files (x86)\Opera\launcher.exe [2016-08-03] (Opera Software)
    Task: {88C14B97-48EB-43EE-9F66-AA4268FA32FE} - System32\Tasks\IUM-F1E24CA0-B63E-4F13-A9E3-4ADE3BFF3473 => C:\Program Files (x86)\Intel\Intel(R) Update Manager\bin\iumsvc.exe [2015-09-25] (Intel Corporation)
    Task: {AE144BC0-4C06-4EDB-A9D6-64B7E80EFCC1} - System32\Tasks\FRAPS => C:\Fraps\fraps.exe [2015-09-05] (Beepa P/L)
    Task: {D2443CEE-28E7-4E8E-B014-09D96E0D998C} - System32\Tasks\CCleanerSkipUAC => C:\Program Files\CCleaner\CCleaner.exe [2015-12-09] (Piriform Ltd)
    Task: {E1B701B4-8889-46F5-A1E8-6226A5212985} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2016-08-06] (Adobe Systems Incorporated)
    Task: {EAAE9075-97CB-4D2F-9372-8DD858214FBB} - System32\Tasks\Adobe Acrobat Update Task => C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2016-06-25] (Adobe Systems Incorporated)
    Task: {FFE4DF80-8C39-4568-8C64-A70E97751AF6} - System32\Tasks\Adobe Flash Player PPAPI Notifier => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe [2016-08-03] (Adobe Systems Incorporated)
    
    (If an entry is included in the fixlist, the task (.job) file will be moved. The file which is running by the task will not be moved.)
    
    Task: C:\Windows\Tasks\Adobe Flash Player PPAPI Notifier.job => C:\Windows\SysWOW64\Macromed\Flash\FlashUtil32_22_0_0_209_pepper.exe
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\RtlLanOptimizerVistaStart.job => C:\Program Files (x86)\Realtek\LanOptimizer\LanOptimizer.exe
    
    ==================== Shortcuts =============================
    
    (The entries could be listed to be restored or removed.)
    
    ==================== Loaded Modules (Whitelisted) ==============
    
    2016-05-27 20:19 - 2016-05-27 20:19 - 00052912 _____ () C:\Program Files\FileZilla FTP Client\fzshellext_64.dll
    2014-10-29 15:06 - 2014-10-29 15:06 - 00434688 _____ () C:\Program Files\GIGABYTE\SmartManagerV3\OSD\Skin\OSD_Skin.dll
    
    ==================== Alternate Data Streams (Whitelisted) =========
    
    (If an entry is included in the fixlist, only the ADS will be removed.)
    
    AlternateDataStreams: C:\ProgramData\Temp:5C321E34 [125]
    
    ==================== Safe Mode (Whitelisted) ===================
    
    (If an entry is included in the fixlist, it will be removed from the registry. The "AlternateShell" will be restored.)
    
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\92888469.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BFE => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\MpsSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\SharedAccess => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Minimal\WSService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\92888469.sys => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\AppXSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\BITS => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\ClipSvc => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\msiserver => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\SamSs => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srv2 => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\srvnet => ""="Driver"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\TweakingRemoveSafeBoot => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\vss => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Network\WSService => ""="Service"
    HKLM\SYSTEM\CurrentControlSet\Control\SafeBoot\Option => "OptionValue"="2"
    
    ==================== Association (Whitelisted) ===============
    
    (If an entry is included in the fixlist, the registry item will be restored to default or removed.)
    
    
    ==================== Internet Explorer trusted/restricted ===============
    
    (If an entry is included in the fixlist, it will be removed from the registry.)
    
    IE restricted site: HKU\.DEFAULT\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\.DEFAULT\...\008i.com -> 008i.com
    IE restricted site: HKU\.DEFAULT\...\008k.com -> www.008k.com
    IE restricted site: HKU\.DEFAULT\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\.DEFAULT\...\010402.com -> 010402.com
    IE restricted site: HKU\.DEFAULT\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\.DEFAULT\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\.DEFAULT\...\1-2005-search.com -> www.1-2005-search.com
    IE restricted site: HKU\.DEFAULT\...\1-domains-registrations.com -> www.1-domains-registrations.com
    IE restricted site: HKU\.DEFAULT\...\1000gratisproben.com -> www.1000gratisproben.com
    IE restricted site: HKU\.DEFAULT\...\1001namen.com -> www.1001namen.com
    IE restricted site: HKU\.DEFAULT\...\100888290cs.com -> mir.100888290cs.com
    IE restricted site: HKU\.DEFAULT\...\100sexlinks.com -> www.100sexlinks.com
    IE restricted site: HKU\.DEFAULT\...\10sek.com -> www.10sek.com
    IE restricted site: HKU\.DEFAULT\...\12-26.net -> user1.12-26.net
    IE restricted site: HKU\.DEFAULT\...\12-27.net -> user1.12-27.net
    IE restricted site: HKU\.DEFAULT\...\123fporn.info -> www.123fporn.info
    IE restricted site: HKU\.DEFAULT\...\123haustiereundmehr.com -> www.123haustiereundmehr.com
    IE restricted site: HKU\.DEFAULT\...\123moviedownload.com -> www.123moviedownload.com
    IE restricted site: HKU\.DEFAULT\...\123simsen.com -> www.123simsen.com
    
    There are 7908 more sites.
    
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\...\1-2005-search.com -> www.1-2005-search.com
    
    There are 12725 more sites.
    
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\007guard.com -> install.007guard.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\008i.com -> 008i.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\008k.com -> www.008k.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\00hq.com -> www.00hq.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\010402.com -> 010402.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0190-dialers.com -> 0190-dialers.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\01i.info -> 01i.info
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\02pmnzy5eo29bfk4.com -> 02pmnzy5eo29bfk4.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\032439.com -> 80gw6ry3i3x3qbrkwhxhw.032439.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0411dd.com -> 0411dd.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0511zfhl.com -> 0511zfhl.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\05p.com -> 05p.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0632qyw.com -> 0632qyw.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\07ic5do2myz3vzpk.com -> 07ic5do2myz3vzpk.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\08nigbmwk43i01y6.com -> 08nigbmwk43i01y6.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\093qpeuqpmz6ebfa.com -> 093qpeuqpmz6ebfa.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0calories.net -> 0calories.net
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0cj.net -> 0cj.net
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\0scan.com -> www.0scan.com
    IE restricted site: HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\...\1-2005-search.com -> www.1-2005-search.com
    
    There are 12685 more sites.
    
    
    ==================== Hosts content: ===============================
    
    (If needed Hosts: directive could be included in the fixlist to reset Hosts.)
    
    2009-07-14 10:34 - 2016-08-17 13:02 - 00000855 ____A C:\Windows\system32\Drivers\etc\hosts
    
    127.0.0.1       localhost
    
    ==================== Other Areas ============================
    
    (Currently there is no automatic fix for this section.)
    
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1000\Control Panel\Desktop\\Wallpaper -> C:\Users\Manectric\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    HKU\S-1-5-21-2798084944-1211984927-2140173799-1001\Control Panel\Desktop\\Wallpaper -> C:\Users\Electrike\AppData\Roaming\Microsoft\Windows\Themes\TranscodedWallpaper.jpg
    DNS Servers: 192.168.1.1 - 8.8.8.8
    HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Policies\System => (ConsentPromptBehaviorAdmin: 5) (ConsentPromptBehaviorUser: 3) (EnableLUA: 1)
    Windows Firewall is enabled.
    
    ==================== MSCONFIG/TASK MANAGER disabled items ==
    
    (Currently there is no automatic fix for this section.)
    
    
    ==================== FirewallRules (Whitelisted) ===============
    
    (If an entry is included in the fixlist, it will be removed from the registry. The file will not be moved unless listed separately.)
    
    FirewallRules: [SPPSVC-In-TCP] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [SPPSVC-In-TCP-NoScope] => (Allow) %SystemRoot%\system32\sppsvc.exe
    FirewallRules: [{ED44402E-6B9E-4DB1-B967-E19AA4AE59D5}] => (Allow) C:\Program Files\Intel\WiFi\bin\PanDhcpDns.exe
    FirewallRules: [{975A9371-4FC5-4492-A0FA-31983D49C1F5}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{46B1C078-AFED-45D5-926D-B400B0762AEA}] => (Allow) C:\Program Files (x86)\NVIDIA Corporation\NetService\NvNetworkService.exe
    FirewallRules: [{8AA98205-C1F8-4F48-929E-28A6F5C66746}] => (Allow) E:\Steam\Steam.exe
    FirewallRules: [{218FBBB7-0A07-424B-9DBA-25DEE324042F}] => (Allow) E:\Steam\Steam.exe
    FirewallRules: [{2CEB3727-6E0E-474B-BEDB-55CD6FA31863}] => (Allow) E:\Steam\bin\steamwebhelper.exe
    FirewallRules: [{0E988A6F-1597-434D-8FDF-ACCAC6D3BABA}] => (Allow) E:\Steam\bin\steamwebhelper.exe
    FirewallRules: [{BA275EC0-0E29-4CB2-851E-0DF94DD3B256}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD.exe
    FirewallRules: [{D7B7FE81-F7C1-4CC2-9A5D-3BFBC4F8B092}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Kernel\DMS\CLMSServerPDVD15.exe
    FirewallRules: [{158CD4F6-032B-4273-826C-217282EBB367}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\PowerDVD15Agent.exe
    FirewallRules: [{1923CDDD-D237-42FD-8C23-BC5FB283A78E}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVDMovie.exe
    FirewallRules: [{AE2A9A89-B88B-4683-B869-8B2EF65AD275}] => (Allow) C:\Program Files (x86)\CyberLink\PowerDVD15\Movie\PowerDVD Cinema\PowerDVDCinema.exe
    FirewallRules: [{23E604FA-4DDA-45B1-9908-9EBFB959E3DF}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{1B14BB29-0D4F-4A8C-8ABC-6888D216BD83}] => (Allow) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    FirewallRules: [{42E4617A-5FCA-4251-8EFB-91382308D1CF}] => (Allow) E:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
    FirewallRules: [{5915F504-940F-4CF9-8851-E2D9D34CCF8B}] => (Allow) E:\Steam\steamapps\common\3DMark\3DMarkLauncher.exe
    FirewallRules: [{977B611B-A28C-4028-B3BC-1039ED8857E6}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
    FirewallRules: [{6E11EF2F-6830-49D3-BD5C-667A4C9A40F6}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win64\CMW.exe
    FirewallRules: [{19406A0C-DDD7-46E7-A82F-38E6F9627D2A}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
    FirewallRules: [{2513EA08-BD87-41FE-A41B-2C727C0E0AA2}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win64\CDW.exe
    FirewallRules: [{31FED2C9-495D-4342-8B10-7966E278394C}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
    FirewallRules: [{61BC3A19-BF39-4DD6-A1A6-0D58AEE19178}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\Binaries\Win32\CMW.exe
    FirewallRules: [{106113F8-9421-4270-820D-CC76EEA2A2B3}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
    FirewallRules: [{DBF93726-DD05-4DD9-BC9F-9948951E75B1}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\CDW\Binaries\Win32\CDW.exe
    FirewallRules: [{D0CE9C82-7250-46DC-94CF-0CA3B4E0A5AC}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
    FirewallRules: [{B70D3706-95ED-49E3-AF67-CBE783281915}] => (Allow) E:\Steam\steamapps\common\chivalrymedievalwarfare\ChivLauncher.exe
    FirewallRules: [{B7138CFE-00E4-4F1A-B081-EAF371CC90C5}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{2DC418BB-D092-44D7-B9D5-2AAF21966D87}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Global Offensive\csgo.exe
    FirewallRules: [{080F40DB-3587-4EB6-818C-FE2225702188}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{441B589F-AC8B-4E86-9F8A-536B5BB1D1BB}] => (Allow) E:\Steam\steamapps\common\Counter-Strike Source\hl2.exe
    FirewallRules: [{1AC40D78-85FC-44D5-97B1-05DE752CE4AB}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
    FirewallRules: [{16E5442B-B244-434D-89BC-122C4DC23666}] => (Allow) E:\Steam\steamapps\common\DayZ\DayZ_BE.exe
    FirewallRules: [{0659532C-2FC0-41DE-A1FE-F884355EFCA2}] => (Allow) E:\Steam\steamapps\common\Edge of Space\Launcher.exe
    FirewallRules: [{E7546CF8-5893-4099-B834-70CE3F0A815D}] => (Allow) E:\Steam\steamapps\common\Edge of Space\Launcher.exe
    FirewallRules: [{827ABB98-CC0A-4987-990F-859B67A93BE4}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
    FirewallRules: [{6F18E829-CE8B-4EFC-96F4-B0EE1D357AB4}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KillingFloor.exe
    FirewallRules: [{0E8AC9E3-CCC1-4B56-A403-CAF7318C1872}] => (Allow) E:\Steam\steamapps\common\left 4 dead\left4dead.exe
    FirewallRules: [{0B8EAF10-34D3-4982-97C4-7B8909D7ABA1}] => (Allow) E:\Steam\steamapps\common\left 4 dead\left4dead.exe
    FirewallRules: [{4B4DA01D-819F-4EFF-A0FD-2C0BE6406682}] => (Allow) E:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{54884BF2-8338-451F-B9E7-46AB96619750}] => (Allow) E:\Steam\steamapps\common\Star Wars Battlefront II\GameData\BattlefrontII.exe
    FirewallRules: [{E61D0B2A-5D79-4977-AF7D-2F0B7106C268}] => (Allow) E:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
    FirewallRules: [{3DCB6A24-1389-4942-92D5-3843075404E4}] => (Allow) E:\Steam\steamapps\common\Super Meat Boy\SuperMeatBoy.exe
    FirewallRules: [{DBA18D9C-8ACA-49E2-AAC4-3562035A8C57}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{BBEFBE26-BED3-48B4-B121-E489A3ADF5B1}] => (Allow) E:\Steam\steamapps\common\Left 4 Dead 2\left4dead2.exe
    FirewallRules: [{33926AC4-D51F-4479-8FC0-6A47B2055EEF}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
    FirewallRules: [{1C996CF8-6816-406F-B0E0-7F5346B9A085}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth1\NeptuniaReBirth1.exe
    FirewallRules: [{8EB3D9BC-0F02-45D3-9DAB-C24D00AB72C1}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{11A7FAF0-73F9-4D6F-BE83-AE1B847685DE}] => (Allow) E:\Steam\steamapps\common\Team Fortress 2\hl2.exe
    FirewallRules: [{9BD875E2-2851-4332-AE83-1C609C0F596E}] => (Allow) E:\Steam\steamapps\common\The Ship\ship.exe
    FirewallRules: [{B64A9B7C-6C69-4C35-B792-9697435EB025}] => (Allow) E:\Steam\steamapps\common\The Ship\ship.exe
    FirewallRules: [{C7B05986-D0C4-4108-BF55-AA0DB2F9B964}] => (Allow) E:\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [{86B27BFA-B00C-4819-AC2E-2698A8D1D867}] => (Allow) E:\Steam\steamapps\common\Orion Dino Beatdown\Binaries\Win32\DinoHordeGame.exe
    FirewallRules: [{0CB72F27-4441-44FA-9C5A-5441E38EE959}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
    FirewallRules: [{1D8F9B21-75A4-4095-925D-37EF588122EC}] => (Allow) E:\Steam\steamapps\common\Terraria\Terraria.exe
    FirewallRules: [{D1FBB2F4-3AEB-4A10-B314-1997BF169FD9}] => (Allow) E:\Steam\steamapps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
    FirewallRules: [{746B90D7-A441-49B8-9D00-634C77BA026A}] => (Allow) E:\Steam\steamapps\common\Sniper Elite Nazi Zombie Army 2\bin\NZA2.exe
    FirewallRules: [{DBE2503B-EFAA-4652-A651-B03A21CBF6F6}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth2\NeptuniaReBirth2.exe
    FirewallRules: [{2DF07BBF-0773-4A95-9F7F-1E5853B86F17}] => (Allow) E:\Steam\steamapps\common\Neptunia Rebirth2\NeptuniaReBirth2.exe
    FirewallRules: [{3A9F16C0-CD27-4147-9FB4-5A1298898CE0}] => (Allow) E:\Steam\steamapps\common\Absconding Zatwor\AbscondingZatwor.exe
    FirewallRules: [{071E8CC3-0D48-4F22-9580-C472D454D7C9}] => (Allow) E:\Steam\steamapps\common\Absconding Zatwor\AbscondingZatwor.exe
    FirewallRules: [{53DFE6F9-4512-43A8-9878-0A28C814363E}] => (Allow) E:\Steam\steamapps\common\8BitBoy\8bitboy.exe
    FirewallRules: [{79D7B79F-14C8-41B4-AF2B-E5A83CD0A94E}] => (Allow) E:\Steam\steamapps\common\8BitBoy\8bitboy.exe
    FirewallRules: [{BE1625A0-5C22-4012-B36E-CBEB9D1D0B44}] => (Allow) E:\Steam\steamapps\common\Soulbringer\Soulbringer.exe
    FirewallRules: [{732E4072-52AD-437F-832B-8788A54BC722}] => (Allow) E:\Steam\steamapps\common\Soulbringer\Soulbringer.exe
    FirewallRules: [{B8112D4F-B895-48FD-A761-07233224E301}] => (Allow) E:\Steam\steamapps\common\Soulbringer\SBLang.exe
    FirewallRules: [{7B73DB18-60C1-48C2-8BC7-EDB9EA198B1A}] => (Allow) E:\Steam\steamapps\common\Soulbringer\SBLang.exe
    FirewallRules: [{DBB54C42-A404-4750-9EA6-CE7EC5EBF23F}] => (Allow) E:\Steam\steamapps\common\Omikron\Runtime.exe
    FirewallRules: [{4394EE80-8ACE-407E-952B-CC4B6719971F}] => (Allow) E:\Steam\steamapps\common\Omikron\Runtime.exe
    FirewallRules: [{FEB10303-05F6-449E-A3CF-ACCB9CCA8B02}] => (Allow) E:\Steam\steamapps\common\Blaster Shooter GunGuy!\BlasterShooterGunGuy.exe
    FirewallRules: [{1EF7DA4A-1823-4F8D-9155-BEA31FD22B5E}] => (Allow) E:\Steam\steamapps\common\Blaster Shooter GunGuy!\BlasterShooterGunGuy.exe
    FirewallRules: [{ACA46DCF-C461-4ED4-BED5-2C3C4850A8F3}] => (Allow) E:\Steam\steamapps\common\State of Decay\StateOfDecay.exe
    FirewallRules: [{273E2CC8-617A-48CB-9CCF-B94AA9D96ECD}] => (Allow) E:\Steam\steamapps\common\State of Decay\StateOfDecay.exe
    FirewallRules: [{172E3FBA-DEE4-43F4-8A2D-B9B8D68CACA0}] => (Allow) E:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
    FirewallRules: [{E94AD05B-C733-4A92-B5A2-BD09EB05A410}] => (Allow) E:\Steam\steamapps\common\Bioshock\Builds\Release\Bioshock.exe
    FirewallRules: [{00AC840B-80A1-4336-88EE-248DC558DC8E}] => (Allow) E:\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE
    FirewallRules: [{B21938C0-9E93-436B-AFD1-BE72C9E048AF}] => (Allow) E:\Steam\steamapps\common\Street Racing Syndicate\Bin\SRS.EXE
    FirewallRules: [{0604D7D5-CE4B-40F0-8844-36D0181A3D33}] => (Allow) E:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
    FirewallRules: [{B257BEA4-3A33-4DDE-A96D-9442D2C7C6A8}] => (Allow) E:\Steam\steamapps\common\Hell Yeah\HELLYEAH.exe
    FirewallRules: [{D5FD205B-7422-4B63-9C42-2C284F7A5357}] => (Allow) E:\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
    FirewallRules: [{2CB6CF4F-6F0E-4F3A-B7BA-0878C855956C}] => (Allow) E:\Steam\steamapps\common\Jet Set Radio\jsrsetup.exe
    FirewallRules: [{AF18B0FD-32DD-40CD-9EF0-A41F3EBD6195}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
    FirewallRules: [{6B2D4BD6-6BE2-4027-97BB-CABBCD2940F0}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGenesisClassics.exe
    FirewallRules: [{E378E1DC-8AEA-4A0D-AC1D-1222A117A1C6}] => (Allow) E:\Steam\steamapps\common\Renegade Ops\RenegadeOps.exe
    FirewallRules: [{81BCE8BE-6B13-4ADF-A0CD-0C5ACCEF2E15}] => (Allow) E:\Steam\steamapps\common\Renegade Ops\RenegadeOps.exe
    FirewallRules: [{0101F286-11E3-44C1-B549-C2065BD8AAE6}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\viking.exe
    FirewallRules: [{5E4891E6-CA93-4429-B4F7-B2B650E4D791}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\viking.exe
    FirewallRules: [{37DBD26C-BB32-49F8-9A7D-167AE3B772CA}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\ConfigTool.exe
    FirewallRules: [{4C1DAB79-D364-4727-A421-F26F7AF3442B}] => (Allow) E:\Steam\steamapps\common\Viking Battle for Asgard\ConfigTool.exe
    FirewallRules: [{DF112BDD-C962-4B16-9F8F-FF4A26DDCCE9}] => (Allow) E:\Steam\steamapps\common\Breakout Invaders\Breakout Invaders.exe
    FirewallRules: [{DA48FB98-14F8-49EF-8ED7-6940578C2D5D}] => (Allow) E:\Steam\steamapps\common\Breakout Invaders\Breakout Invaders.exe
    FirewallRules: [{CCF81E90-D5FA-4A26-8642-90A9613C7AD8}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Dof.exe
    FirewallRules: [{F145CB47-1CA1-40B7-9699-5EFBA332DE3C}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Dof.exe
    FirewallRules: [{44CF666E-77CD-4F57-A70C-E9F1C612782D}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\dof_options.exe
    FirewallRules: [{52A5BE11-5E01-4B08-B08B-852ED99BD5C0}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\dof_options.exe
    FirewallRules: [{6419C5BC-EF54-466F-994F-CEC4BA1FA469}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Editor.exe
    FirewallRules: [{F9E29DF7-450C-41C3-BC16-5136E441DF43}] => (Allow) E:\Steam\steamapps\common\Dawn of Fantasy\Editor.exe
    FirewallRules: [{A2F07D3A-76E2-4EAF-B45C-A52BC59EE74E}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
    FirewallRules: [{F8EC441D-3F40-4788-A95F-21BF6ED19202}] => (Allow) E:\Steam\steamapps\common\Sega Classics\SEGAGameRoom.exe
    FirewallRules: [{E3DAC1B9-43BF-4EB8-94FC-48EEB9AC8F9F}] => (Allow) E:\Steam\steamapps\common\FaeVerseAlchemy\FaeVerseAlchemy.exe
    FirewallRules: [{439F11BE-2C0F-4ACD-9C6D-3598C7352FBB}] => (Allow) E:\Steam\steamapps\common\FaeVerseAlchemy\FaeVerseAlchemy.exe
    FirewallRules: [{17E95339-3EF6-4626-9A5D-EB3522338690}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KFEd.exe
    FirewallRules: [{B7A6306D-3CD2-4D06-94F9-58BAB76BD903}] => (Allow) E:\Steam\steamapps\common\KillingFloor\System\KFEd.exe
    FirewallRules: [{53B34361-08C1-428A-A1B6-CCF0D371D5B9}] => (Allow) E:\Steam\steamapps\common\Limbo\limbo.exe
    FirewallRules: [{F263328F-E5C4-478C-B00B-080E494827EB}] => (Allow) E:\Steam\steamapps\common\Limbo\limbo.exe
    FirewallRules: [{53B56E07-3523-4C42-9C68-2B075C2E0A4A}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
    FirewallRules: [{949ECB15-C111-47AD-9B56-EB7CF5F04070}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x86\3DMark.exe
    FirewallRules: [{D71B24E8-A218-49A1-9C40-5B3F74EC8755}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
    FirewallRules: [{E0026D43-5EFA-44A5-B3D1-0A038B1FB885}] => (Allow) E:\Steam\steamapps\common\3DMark\bin\x64\3DMark.exe
    FirewallRules: [{7095CF9D-D5D4-4787-AD5F-0C05D92F4C75}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
    FirewallRules: [{62CEF1C9-E199-443D-8B32-0B16DE0A7869}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\mod_uploader.exe
    FirewallRules: [{BBE098F3-917B-40CC-8B4C-9232B9CAF868}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
    FirewallRules: [{6A219DDF-FA22-40B0-BCDA-02972DFDB946}] => (Allow) E:\Steam\steamapps\common\killingfloor2\Binaries\Win64\KFGame.exe
    FirewallRules: [{F46EED8E-922E-4129-981A-A5BCFAEBA239}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\mod_uploader.exe
    FirewallRules: [{5E3C4E03-8EBA-45A2-AA19-343991C46DB3}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\mod_uploader.exe
    FirewallRules: [{E31810B6-E548-42A2-9556-FF063CE58EEE}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound.exe
    FirewallRules: [{324C0FC5-F91F-4F4C-9322-58E7A4FE1E57}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound.exe
    FirewallRules: [{E88CA193-08F8-44F9-AAC7-0D1A5E0EFA7A}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{3D8A4B1F-ADC2-46F3-A493-530D3910871B}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\starbound_server.exe
    FirewallRules: [{511B82B9-0A56-4D98-ABBB-362CBC278DE1}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{162A06FA-0FC2-4ADF-84D1-6730D6CF7E42}] => (Allow) E:\Steam\steamapps\common\Starbound\win64\mod_uploader.exe
    FirewallRules: [{89521BB0-DF55-46CF-9E62-C41CA967AD29}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\starbound.exe
    FirewallRules: [{7322A81B-A789-4BFA-A332-9F8203F4A46B}] => (Allow) E:\Steam\steamapps\common\Starbound\win32\starbound.exe
    FirewallRules: [{F066C9B0-764E-43CD-8CA6-1DF4F261ED18}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
    FirewallRules: [{EAE6118B-AB2E-4477-A927-15B50748608B}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound.exe
    FirewallRules: [{719A00C5-AE92-4F00-A83A-ED29E6DBCD90}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
    FirewallRules: [{D2A77B95-EE45-49E5-85F2-9D0927111C25}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\starbound_server.exe
    FirewallRules: [{6707124E-3B27-45CA-B2B0-873B942957F5}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
    FirewallRules: [{BE081998-A33C-4B93-AD8B-6AD6D3668860}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win64\mod_uploader.exe
    FirewallRules: [{AC96E2B3-3FB2-423C-91BA-B4335C6626BB}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
    FirewallRules: [{8D1D9C45-AE7F-4813-8962-56FBCC94A1FA}] => (Allow) E:\Steam\steamapps\common\Starbound - Unstable\win32\starbound.exe
    FirewallRules: [{C13F76AF-605C-4D49-BD78-3EA278F093ED}] => (Allow) C:\Program Files (x86)\Skype\Phone\Skype.exe
    
    ==================== Restore Points =========================
    
    17-08-2016 12:47:40 Tweaking.com - Windows Repair
    
    ==================== Faulty Device Manager Devices =============
    
    Name: Microsoft Virtual WiFi Miniport Adapter #7
    Description: Microsoft Virtual WiFi Miniport Adapter
    Class Guid: {4d36e972-e325-11ce-bfc1-08002be10318}
    Manufacturer: Microsoft
    Service: vwifimp
    Problem: : This device is disabled. (Code 22)
    Resolution: In Device Manager, click "Action", and then click "Enable Device". This starts the Enable Device wizard. Follow the instructions.
    
    Name: Security Processor Loader Driver
    Description: Security Processor Loader Driver
    Class Guid: {8ECC055D-047F-11D1-A537-0000F8753ED1}
    Manufacturer: 
    Service: spldr
    Problem: : This device is not present, is not working properly, or does not have all its drivers installed. (Code 24)
    Resolution: The device is installed incorrectly. The problem could be a hardware failure, or a new driver might be needed.
    Devices stay in this state if they have been prepared for removal.
    After you remove the device, this error disappears.Remove the device, and this error should be resolved.
    
    Name: Kaspersky Lab power events provider
    Description: Kaspersky Lab power events provider
    Class Guid: {4d36e97d-e325-11ce-bfc1-08002be10318}
    Manufacturer: KL
    Service: klhk
    Problem: : Windows cannot initialize the device driver for this hardware. (Code 37)
    Resolution: The driver returned failure from its DriverEntry routine. Uninstall the driver, and then click "Scan for hardware changes" to reinstall or upgrade the driver.
    
    
    ==================== Event log errors: =========================
    
    Application errors:
    ==================
    Error: (08/17/2016 01:08:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
    
    Error: (08/17/2016 01:08:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
    
    Error: (08/17/2016 01:08:11 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
    
    Error: (08/17/2016 01:07:10 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_64) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
    
    Error: (08/17/2016 01:07:10 PM) (Source: .NET Runtime Optimization Service) (EventID: 1103) (User: )
    Description: .NET Runtime Optimization Service (clr_optimization_v2.0.50727_32) - Tried to start a service that wasn't the latest version of CLR Optimization service. Will shutdown
    
    Error: (08/17/2016 01:07:10 PM) (Source: Microsoft-Windows-CAPI2) (EventID: 257) (User: )
    Description: The Cryptographic Services service failed to initialize the Catalog Database. The ESENT error was: -528.
    
    Error: (08/17/2016 01:07:10 PM) (Source: ESENT) (EventID: 455) (User: )
    Description: Catalog Database (1576) Catalog Database: Error -1811 (0xfffff8ed) occurred while opening logfile C:\Windows\system32\CatRoot2\edb.log.
    
    Error: (08/17/2016 01:07:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=43, authorId=9, vendorId=0, vendorType=0
    
    Error: (08/17/2016 01:07:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=25, authorId=9, vendorId=0, vendorType=0
    
    Error: (08/17/2016 01:07:06 PM) (Source: Microsoft-Windows-EapHost) (EventID: 2002) (User: NT AUTHORITY)
    Description: Skipping: Eap method DLL path name validation failed. Error: typeId=17, authorId=9, vendorId=0, vendorType=0
    
    
    System errors:
    =============
    Error: (08/19/2016 11:47:05 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{9E175B6D-F52A-11D8-B9A5-505054503030}
    
    Error: (08/19/2016 11:47:04 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}
    
    Error: (08/19/2016 11:46:29 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084Bluetooth Device Monitor{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
    
    Error: (08/19/2016 01:56:46 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
    
    Error: (08/19/2016 12:01:50 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1068stisvc{A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Error: (08/19/2016 12:00:26 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084WSearch{7D096C5F-AC08-4F1F-BEB7-5C22C517CE39}
    
    Error: (08/18/2016 01:56:44 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084ShellHWDetection{DD522ACC-F821-461A-A407-50B198B896DC}
    
    Error: (08/18/2016 08:36:12 AM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1068stisvc{A1F4E726-8CF1-11D1-BF92-0060081ED811}
    
    Error: (08/17/2016 01:57:18 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084NVSvc{DCAB0989-1301-4319-BE5F-ADE89F88581C}
    
    Error: (08/17/2016 01:57:17 PM) (Source: DCOM) (EventID: 10005) (User: )
    Description: 1084Bluetooth Device Monitor{DABF28BE-F6B4-4E40-8F40-C4FB26F3116C}
    
    
    CodeIntegrity:
    ===================================
      Date: 2016-01-22 13:37:14.199
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
    
      Date: 2016-01-22 13:37:14.198
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
    
      Date: 2016-01-22 13:37:14.196
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Windows\ELAMBKUP\klelam.sys because the set of per-page image hashes could not be found on the system.
    
      Date: 2016-01-22 13:37:14.194
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
    
      Date: 2016-01-22 13:37:14.193
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
    
      Date: 2016-01-22 13:37:14.192
      Description: Code Integrity is unable to verify the image integrity of the file \Device\HarddiskVolume4\Program Files (x86)\Kaspersky Lab\Kaspersky Internet Security 16.0.0\KLELAMX64\klelam.sys because the set of per-page image hashes could not be found on the system.
    
    
    ==================== Memory info =========================== 
    
    Processor: Intel(R) Core(TM) i7-4710HQ CPU @ 2.50GHz
    Percentage of memory in use: 16%
    Total physical RAM: 16302.39 MB
    Available physical RAM: 13555.11 MB
    Total Virtual: 16300.58 MB
    Available Virtual: 14029.34 MB
    
    ==================== Drives ================================
    
    Drive b: (FRAPS) (Fixed) (Total:931.51 GB) (Free:931.42 GB) NTFS
    Drive c: (SYSTEM) (Fixed) (Total:103.99 GB) (Free:52.31 GB) NTFS
    Drive e: (Game Drive) (Fixed) (Total:1863.01 GB) (Free:1624.45 GB) NTFS
    
    ==================== MBR & Partition Table ==================
    
    ========================================================
    Disk: 0 (Size: 1863 GB) (Disk ID: E71727C5)
    Partition 1: (Not Active) - (Size=1863 GB) - (Type=07 NTFS)
    
    ========================================================
    Disk: 1 (MBR Code: Windows 7 or 8) (Size: 119.2 GB) (Disk ID: AEFDE666)
    Partition 1: (Not Active) - (Size=15 GB) - (Type=27)
    Partition 2: (Active) - (Size=260 MB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=104 GB) - (Type=07 NTFS)
    
    ========================================================
    Disk: 2 (MBR Code: Windows 7 or 8) (Size: 931.5 GB) (Disk ID: 69318C77)
    Partition 1: (Not Active) - (Size=931.5 GB) - (Type=07 NTFS)
    
    ==================== End of Addition.txt ============================

  4. #34
    Member
    Join Date
    Jan 2016
    Posts
    65

    Post

    Hm I guess you don't know enough to tell me which of those processes from Currports look suspicious...

    I also tried running KIS 2016 last night to do a full scan but it appears it's now morning and is taking its sweet ass time to load because I can see the load mouse cursor, but where's KIS 2016?? Checking Task manager, I see that AVP.exe *32 has loaded, but where's the GUI?

    As I was saying about ESET picking up said items and other's not pick jack(since I can't edit my previous post), assuming these aren't false positive, then ESET is the only program(that we've tried so far) to detect these new threats but for some reason or another, ESET fails to complete the scan and show us what it found......coincident that I happen to be scanning for malware/viruses and ESET fails, no? I will contact ESET now to see what the problem is, and also link them to this thread.

    Oh, this is new: Untitled.png How unfortunate that Malwarebytes' Anti-rootkit engine is not functioning in the times of need. Well, looks like I need to look elsewhere for a rootkit scanner then, since Malwarebytes can no longer do this. Perhaps Rkill and TDSKK? I will try them now to see if they also fail or not......

  5. #35
    Member
    Join Date
    Jan 2016
    Posts
    65

    Default

    Rkill log:

    Code:
    Rkill 2.8.4 by Lawrence Abrams (Grinler)
    http://www.bleepingcomputer.com/
    Copyright 2008-2016 BleepingComputer.com
    More Information about Rkill can be found at this link:
     http://www.bleepingcomputer.com/forums/topic308364.html
    
    Program started at: 08/20/2016 10:25:14 AM in x64 mode. (Safe Mode)
    Windows Version: Windows 7 Professional Service Pack 1
    
    Checking for Windows services to stop:
    
     * No malware services found to stop.
    
    Checking for processes to terminate:
    
     * No malware processes found to kill.
    
    Checking Registry for malware related settings:
    
     * No issues found in the Registry.
    
    Resetting .EXE, .COM, & .BAT associations in the Windows Registry.
    
    Performing miscellaneous checks:
    
     * Windows Defender Disabled
    
       [HKLM\SOFTWARE\Microsoft\Windows Defender]
       "DisableAntiSpyware" = dword:00000001
    
    Checking Windows Service Integrity: 
    
     * COM+ Event System (EventSystem) is not Running.
       Startup Type set to: Automatic
    
     * Windows Defender (WinDefend) is not Running.
       Startup Type set to: Manual
    
     * Security Center (wscsvc) is not Running.
       Startup Type set to: Automatic
    
     * Windows Update (wuauserv) is not Running.
       Startup Type set to: Automatic (Delayed Start)
    
     * TBS [Missing Service]
    
    Searching for Missing Digital Signatures: 
    
     * No issues found.
    
    Checking HOSTS File: 
    
     * HOSTS file entries found: 
    
      127.0.0.1       localhost
    
    Program finished at: 08/20/2016 10:25:20 AM
    Execution time: 0 hours(s), 0 minute(s), and 6 seconds(s)
    And TDSSK scan: Untitled.png It found three items but reasons for them were that they weren't signed, and not actually infected with anything.....hmmm, perhaps this could be the exact same three that ESET found?

    Well if Rkill and TDSSK don't find anything then I guess I appear to be rootkit free.....I'll just need to fix up that Anti-Rootkit engine scanner for Malwarebytes and I'm good.....

    Ah yes, I could run Tweak again with the fixes, to see if it will fix all this up.....

  6. #36
    Member
    Join Date
    Jan 2016
    Posts
    65

    Default

    Tweak logs:
    Code:
    ┌────────────────────────────────────────────────────────────────────────────────┐
    │ Tweaking.com - Windows Repair v3.9.9 - Pre-Scan
    │ Computer: RAIKOU (Windows 7 Professional 6.1.7601 Service Pack 1) (64-bit)
    │ [Started Scan - 20/08/2016 10:40:42 AM]
    └────────────────────────────────────────────────────────────────────────────────┘
    ┌────────────────────────────────────────────────────────────────────────────────┐
    │ Scanning Windows Packages Files.
    │ Started at (20/08/2016 10:40:42 AM)
    │ 
    │ No problems were found with the Packages Files.
    │ 
    │ Files Checked & Verified: 5,591
    │ 
    │ Done Scanning Windows Packages Files.(20/08/2016 10:41:07 AM)
    └────────────────────────────────────────────────────────────────────────────────┘
    ┌────────────────────────────────────────────────────────────────────────────────┐
    │ Scanning Reparse Points.
    │ Started at (20/08/2016 10:41:07 AM)
    │ 
    │ Reparse Points are OK!.
    │ 
    │ Files & Folders Searched: 191,866
    │ Reparse Points Found: 60
    │ 
    │ Done Scanning Reparse Points.(20/08/2016 10:41:11 AM)
    └────────────────────────────────────────────────────────────────────────────────┘
    ┌────────────────────────────────────────────────────────────────────────────────┐
    │ Checking Environment Variables.
    │ Started at (20/08/2016 10:41:11 AM)
    │ 
    │ No problems were found with the Environment Variables.
    │ 
    │ Done Checking Environment Variables. (20/08/2016 10:41:11 AM)
    └────────────────────────────────────────────────────────────────────────────────┘
    ┌────────────────────────────────────────────────────────────────────────────────┐
    │ [Finished Scan - 20/08/2016 10:41:11 AM]
    │ 
    │ [x] Scan Complete - No Problems Found!
    └────────────────────────────────────────────────────────────────────────────────┘
    Code:
    Microsoft Windows [Version 6.1.7601]
    Copyright (c) 2009 Microsoft Corporation.  All rights reserved.
    
    C:\Users\Electrike\Downloads\Tweaking.com - Windows Repair>CD /D C:\
    
    C:\>set path=%SystemRoot%\system32;%SystemRoot%;%SystemRoot%\System32\Wbem;%SystemRoot%\System32\WindowsPowerShell\v1.0
    
    C:\>chkdsk C:
    The type of the file system is NTFS.
    The volume is in use by another process. Chkdsk
    might report errors when no corruption is present.
    Volume label is SYSTEM.
    
    WARNING!  F parameter not specified.
    Running CHKDSK in read-only mode.
    
    CHKDSK is verifying files (stage 1 of 3)...
    9 percent complete. (159207 of 176896 file records processed)     
    176896 file records processed.                                         
    
    File verification completed.
      573 large file records processed.                                   
    
      0 bad file records processed.                                     
    
      2 EA records processed.                                           
    
      60 reparse records processed.                                      
    
    CHKDSK is verifying indexes (stage 2 of 3)...
    48 percent complete. (203946 of 233998 index entries processed)    
    233998 index entries processed.                                        
    
    Index verification completed.
    0 unindexed files scanned.                                        
    
      0 unindexed files recovered.                                      
    
    CHKDSK is verifying security descriptors (stage 3 of 3)...
    64 percent complete. (167725 of 176896 file SDs/SIDs processed)    
    176896 file SDs/SIDs processed.                                        
    
    Security descriptor verification completed.
    28552 data files processed.                                           
    
    CHKDSK is verifying Usn Journal...
    100 percent complete. (36052992 of 36061048 USN bytes processed)        
      36061048 USN bytes processed.                                            
    
    Usn Journal verification completed.
    The master file table's (MFT) BITMAP attribute is incorrect.
    Windows found problems with the file system.
    Run CHKDSK with the /F (fix) option to correct these.
    
     109037567 KB total disk space.
      53863420 KB in 141161 files.
         90628 KB in 28553 indexes.
             0 KB in bad sectors.
        284991 KB in use by the system.
         65536 KB occupied by the log file.
      54798528 KB available on disk.
    
          4096 bytes in each allocation unit.
      27259391 total allocation units on disk.
      13699632 allocation units available on disk.
    
    C:\>
    Untitled.png

  7. #37
    Member
    Join Date
    Jan 2016
    Posts
    65

    Post

    Oh that's interesting, I see Tweak has purge the hosts file so all those IPs that were set by Spybot and Spyware Blaster are gone. Guess I'll need to re-immunize the system.

    Also, I'm not even gonna bother uploading the Tweak logs one by one again so instead I've uploaded them onto a file hosting service and here it is: http://s000.tinyupload.com/index.php?file_id=02324336235524793043 and here's the delete link once you're done with it: http://s000.tinyupload.com/index.php?del_id=07012334514769442031

  8. #38
    Member
    Join Date
    Jan 2016
    Posts
    65

    Default

    Ok, rebooted, and got into normal mode, got KIS 2016 to scan, then Malwarebytes Anti-Malware, then SUPERAntiSpyware, then Spybot Search and Destroy. They all came clean, here's my log from Malwarebytes:

    Code:
    Malwarebytes Anti-Malware
    www.malwarebytes.org
    
    Scan Date: 20/08/2016
    Scan Time: 12:58 PM
    Logfile: malwarebytes og.txt
    Administrator: Yes
    
    Version: 2.2.1.1043
    Malware Database: v2016.08.20.02
    Rootkit Database: v2016.08.15.01
    License: Free
    Malware Protection: Disabled
    Malicious Website Protection: Disabled
    Self-protection: Disabled
    
    OS: Windows 7 Service Pack 1
    CPU: x64
    File System: NTFS
    User: Manectric
    
    Scan Type: Custom Scan
    Result: Completed
    Objects Scanned: 822558
    Time Elapsed: 1 hr, 46 min, 19 sec
    
    Memory: Enabled
    Startup: Enabled
    Filesystem: Enabled
    Archives: Enabled
    Rootkits: Enabled
    Heuristics: Enabled
    PUP: Enabled
    PUM: Enabled
    
    Processes: 0
    (No malicious items detected)
    
    Modules: 0
    (No malicious items detected)
    
    Registry Keys: 0
    (No malicious items detected)
    
    Registry Values: 0
    (No malicious items detected)
    
    Registry Data: 0
    (No malicious items detected)
    
    Folders: 0
    (No malicious items detected)
    
    Files: 0
    (No malicious items detected)
    
    Physical Sectors: 0
    (No malicious items detected)
    
    
    (end)
    SUPERAntiSpyware:
    Code:
    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com
    
    Generated 08/20/2016 at 04:26 PM
    
    Application Version : 6.0.1222
    Database Version : 12956
    
    Scan type       : Complete Scan
    Total Scan Time : 01:36:01
    
    Operating System Information
    Windows 7 Professional 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC Off - Limited User
    
    Memory items scanned      : 668
    Memory threats detected   : 0
    Registry items scanned    : 65623
    Registry threats detected : 0
    File items scanned        : 400948
    File threats detected     : 342
    
    Adware.Tracking Cookie
    	.abmr.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	www.w3counter.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.serving-sys.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	m.webtrends.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	statse.webtrendslive.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	www.qsstats.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	click.e.jbhifi.com.au [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	click.e.jbhifi.com.au [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.googleadservices.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.atdmt.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	s.opendsp.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.btrll.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.casalemedia.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.casalemedia.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.casalemedia.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.casalemedia.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.casalemedia.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scorecardresearch.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	www.googleadservices.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.histats.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.exelator.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.doubleclick.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.eqads.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.doubleclick.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.imrworldwide.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adtech.de [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adtechjp.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adtechus.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.pubmatic.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.pubmatic.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.revsci.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	cdn.firstimpression.io [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.pubmatic.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.swid.switchads.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.gwallet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.smaato.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adsrvr.org [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adsrvr.org [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tapad.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tapad.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.smartadserver.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scorecardresearch.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scorecardresearch.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.videohub.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.videohub.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.contextweb.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	www.qsstats.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adzerk.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.statcounter.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.w3counter.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.eyeviewads.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adsby.bidtheatre.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	i.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.1rx.io [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rhythmxchange.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tubemogul.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.amazon-adsystem.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.amazon-adsystem.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adap.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adaptv.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	engine.adzerk.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	engine.adzerk.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidr.io [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bluekai.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bluekai.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adhigh.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.6241190602.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bitrix.info [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidswitch.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.stats.paypal.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ctnsnet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rlcdn.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.collective-media.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.smartadserver.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adaptv.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.demdex.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rlcdn.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.dpm.demdex.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	tap.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.dyntrk.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.1475410895.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.262855726.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.554924358.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.6198013023.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.6241190602.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.717623550.log.optimizely.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.everesttech.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.everesttech.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adhigh.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.openx.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.doubleclick.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mookie1.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rlcdn.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.statcounter.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.geo-um.btrll.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.geo-um.btrll.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	x.bidswitch.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.liverail.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.liverail.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.w55c.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mookie1.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adap.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mxptint.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.nexac.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.netseer.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.opendsp.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ctnsnet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.spotxchange.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.contextweb.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.openx.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.smartadserver.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.revsci.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.gwallet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.gwallet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.gwallet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.gwallet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.gwallet.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rlcdn.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.pixel.rubiconproject.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adaptv.advertising.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rlcdn.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.revsci.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.2o7.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.2o7.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.2o7.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.2o7.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.2o7.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.omtrdc.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.2o7.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.sociomantic.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.sociomantic.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.sundaysky.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.contextweb.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	d.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tidaltv.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scanscout.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.teads.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.teads.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidswitch.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.company-target.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	ad.360yield.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	d.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidswitch.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	d.liadm.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tremorhub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rfihub.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.serving-sys.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.linksynergy.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scanscout.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.simpli.fi [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.turn.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.videohub.tv [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	ad.360yield.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	ad.360yield.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.w55c.net [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mookie1.com [ C:\USERS\ELECTRIKE\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.abmr.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	click.paypal-exchanges.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	click.paypal-exchanges.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.googleadservices.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.btrll.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.ads.linkedin.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.imrworldwide.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scorecardresearch.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.intergi.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.dotomi.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.imrworldwide.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adtechus.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.intergi.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.pubmatic.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	va.v.liveperson.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	ads.stickyadstv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	bs.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scorecardresearch.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.scorecardresearch.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.contextweb.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	i.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.marinsm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.1rx.io [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rhythmxchange.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.solvemedia.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.solvemedia.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.solvemedia.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.fwmrm.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.amazon-adsystem.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.amazon-adsystem.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adap.tv [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tidaltv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mmstat.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bluekai.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bluekai.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.1369090036.log.optimizely.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidswitch.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.stats.paypal.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mmstat.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	tap.rubiconproject.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.1369090036.log.optimizely.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.232614688.log.optimizely.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.openx.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mookie1.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	x.bidswitch.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.liverail.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.liverail.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mookie1.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adap.tv [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.dsply.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tidaltv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.rubiconproject.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.pixel.rubiconproject.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.contextweb.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	trc.taboola.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tidaltv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tidaltv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.tidaltv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidswitch.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	d.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.bidswitch.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	d.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	p.liadm.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.agkn.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.serving-sys.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.dsply.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.criteo.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.turn.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	ads.stickyadstv.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.agkn.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.innovid.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.adnxs.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.mathtag.com [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.effectivemeasure.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.effectivemeasure.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    	.w55c.net [ E:\SANDBOX\STEAMBOX\USER\CURRENT\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\QS9WAMD0.DEFAULT\COOKIES.SQLITE ]
    
    ============
     End of Log 
    ============
    I don't know where Kaskpersky and Spybot keep their logs...

    After all that, I reloaded Spyware Blaster and protected myself from everything there after an update of course.

  9. #39
    Member
    Join Date
    Jan 2016
    Posts
    65

    Default

    Ok, so I've contacte ESET about our problem and now awaiting their reply.

    Hm, I think I might have DNS poisoning, by the looks of this HTML report from Currports: (And of course your uploader doesn't accept HTML files.....) http://s000.tinyupload.com/index.php...08477844134657 and delete link: http://s000.tinyupload.com/index.php...37138580580258

    As you can see, AVP.exe, which is KIS 2016, is reporting to a site called www.xxokoriq.cn:53607? So is Firefox here: www.xxokoriq.cn:49156 but I haven't even been on that site before nor heard of it................why are either of them trying to report to that site? I didn't tell them to....looks like I'm still in this and not out yet....

  10. #40
    Member
    Join Date
    Jan 2016
    Posts
    65

    Default

    Quote Originally Posted by Nnewb View Post
    Ok, so I've contacte ESET about our problem and now awaiting their reply.

    Hm, I think I might have DNS poisoning, by the looks of this HTML report from Currports: (And of course your uploader doesn't accept HTML files.....) http://s000.tinyupload.com/index.php...08477844134657 and delete link: http://s000.tinyupload.com/index.php...37138580580258

    As you can see, AVP.exe, which is KIS 2016, is reporting to a site called www.xxokoriq.cn:53607? So is Firefox here: www.xxokoriq.cn:49156 but I haven't even been on that site before nor heard of it................why are either of them trying to report to that site? I didn't tell them to....looks like I'm still in this and not out yet....
    However since the address is looped back to the host computer, that would presume Spybot(with its immunization) or Spyware Blaster has saved me for the time being....

Posting Permissions

  • You may not post new threads
  • You may not post replies
  • You may not post attachments
  • You may not edit your posts
  •