Jump to content


 


Register a free account to unlock additional features at BleepingComputer.com
Welcome to BleepingComputer, a free community where people like yourself come together to discuss and learn how to use their computers. Using the site is easy and fun. As a guest, you can browse and view the various discussions in the forums, but can not create a new topic or reply to an existing one unless you are logged in. Other benefits of registering an account are subscribing to topics and forums, creating a blog, and having no ads shown anywhere on the site.


Click here to Register a free account now! or read our Welcome Guide to learn how to use this site.

Photo

Can't remove 7507 malware.


  • Please log in to reply
3 replies to this topic

#1 shamoke

shamoke

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 04 September 2011 - 06:22 PM

Did a full scan in safemode with MSE and Malwarebytes and basically this one browser hijacking malware shows up. The problem is I can't remove it even right after a restart. I did several scan attempts and still no fix.

I followed instructions here and didn't work:
http://www.microsoft.com/security/pc-security/browser-hijacking.aspx

Another thing I should note is I can't edit its registry either even when running as admin.

Here's the Malwarebytes log:
---

Malwarebytes' Anti-Malware 1.51.1.1800
www.malwarebytes.org

Database version: 7652

Windows 6.1.7600 (Safe Mode)
Internet Explorer 9.0.8112.16421

9/4/2011 6:54:03 PM
mbam-log-2011-09-04 (18-54-03).txt

Scan type: Full scan (C:\|D:\|)
Objects scanned: 325288
Time elapsed: 31 minute(s), 17 second(s)

Memory Processes Infected: 0
Memory Modules Infected: 0
Registry Keys Infected: 0
Registry Values Infected: 0
Registry Data Items Infected: 1
Folders Infected: 0
Files Infected: 0

Memory Processes Infected:
(No malicious items detected)

Memory Modules Infected:
(No malicious items detected)

Registry Keys Infected:
(No malicious items detected)

Registry Values Infected:
(No malicious items detected)

Registry Data Items Infected:
HKEY_CURRENT_USER\SOFTWARE\Microsoft\Internet Explorer\Main\Start Page (Hijack.StartPage.Gen) -> Bad: (http://www.7507.com/?dl2) Good: (http://www.google.com) -> Delete on reboot.

Folders Infected:
(No malicious items detected)

Files Infected:
(No malicious items detected)

BC AdBot (Login to Remove)

 


#2 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 04 September 2011 - 06:50 PM

Hello and welcome. lets run these and see how it after these.

Please download MiniToolBox, save it to your desktop and run it.

Checkmark the following checkboxes:
  • Flush DNS
  • Report IE Proxy Settings
  • Reset IE Proxy Settings
  • Report FF Proxy Settings
  • Reset FF Proxy Settings
  • List content of Hosts
  • List IP configuration
  • List Winsock Entries
  • List last 10 Event Viewer log
  • List Installed Programs
  • List Users, Partitions and Memory size.
  • List Minidump Files
Click Go and post the result (Result.txt). A copy of Result.txt will be saved in the same directory the tool is run.

Note: When using "Reset FF Proxy Settings" option Firefox should be closed.


<><><><><><><><><><

Download Security Check from HERE, and save it to your Desktop.

* Double-click SecurityCheck.exe
* Follow the onscreen instructions inside of the black box.
* A Notepad document should open automatically called checkup.txt; please post the contents of that document.




Reboot into Safe Mode with Networking
How to enter safe mode(XP/Vista)
Using the F8 Method
Restart your computer.
When the machine first starts again it will generally list some equipment that is installed in your machine, amount of memory, hard drives installed etc. At this point you should gently tap the F8 key repeatedly until you are presented with a Windows XP Advanced Options menu.
Select the option for Safe Mode with Networking using the arrow keys.
Then press enter on your keyboard to boot into Safe Mode
.



Next run Superantisypware (SAS):

Download and scan with SUPERAntiSpyware Free for Home Users
  • Double-click SUPERAntiSpyware.exe and use the default settings for installation.
  • An icon will be created on your desktop. Double-click that icon to launch the program.
  • If asked to update the program definitions, click "Yes". If not, update the definitions before scanning by selecting "Check for Updates". (If you encounter any problems while downloading the updates, manually download them from here. Double-click on the hyperlink for Download Installer and save SASDEFINITIONS.EXE to your desktop. Then double-click on SASDEFINITIONS.EXE to install the definitions.)
  • In the Main Menu, click the Preferences... button.
  • Click the Scanning Control tab.
  • Under Scanner Options make sure the following are checked (leave all others unchecked):
    • Close browsers before scanning.
    • Scan for tracking cookies.
    • Terminate memory threats before quarantining.
  • Click the "Close" button to leave the control center screen.
  • Back on the main screen, under "Scan for Harmful Software" click Scan your computer.
  • On the left, make sure you check C:\Fixed Drive.
  • On the right, under "Complete Scan", choose Perform Complete Scan.
  • Click "Next" to start the scan. Please be patient while it scans your computer.
  • After the scan is complete, a Scan Summary box will appear with potentially harmful items that were detected. Click "OK".
  • Make sure everything has a checkmark next to it and click "Next".
  • A notification will appear that "Quarantine and Removal is Complete". Click "OK" and then click the "Finish" button to return to the main menu.
  • If asked if you want to reboot, click "Yes".
  • To retrieve the removal information after reboot, launch SUPERAntispyware again.
    • Click Preferences, then click the Statistics/Logs tab.
    • Under Scanner Logs, double-click SUPERAntiSpyware Scan Log.
    • If there are several logs, click the current dated log and press View log. A text file will open in your default text editor.
    • Please copy and paste the Scan Log results in your next reply.
  • Click Close to exit the program.
If you have a problem downloading, installing or getting SAS to run, try downloading and using the SUPERAntiSpyware Portable Scanner instead. Save the randomly named file (i.e. SAS_1710895.COM) to a usb drive or CD and transfer to the infected computer. Then double-click on it to launch and scan. The file is randomly named to help keep malware from blocking the scanner.



Finally...
I'd like us to scan your machine with ESET OnlineScan
  • Hold down Control and click on the following link to open ESET OnlineScan in a new window.
    ESET OnlineScan
  • Click the Posted Image button.
  • For alternate browsers only: (Microsoft Internet Explorer users can skip these steps)
    • Click on Posted Image to download the ESET Smart Installer. Save it to your desktop.
    • Double click on the Posted Image icon on your desktop.
  • Check Posted Image
  • Click the Posted Image button.
  • Accept any security warnings from your browser.
  • Under scan settings, check Posted Image and check Remove found threats
  • Click Advanced settings and select the following:
    • Scan potentially unwanted applications
    • Scan for potentially unsafe applications
    • Enable Anti-Stealth technology
  • ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
  • When the scan completes, push Posted Image
  • Push Posted Image, and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
  • Push the Posted Image button.
  • Push Posted Image


NOTE: In some instances if no malware is found there will be no log produced.
How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook

#3 shamoke

shamoke
  • Topic Starter

  • Members
  • 12 posts
  • OFFLINE
  •  
  • Local time:01:31 AM

Posted 16 September 2011 - 05:22 PM

minitoolbox log
MiniToolBox by Farbar 
Ran by Wing (administrator) on 16-09-2011 at 16:07:16
Windows 7 Home Premium  (X64)

***************************************************************************

========================= Flush DNS: ===================================

Windows IP Configuration

Successfully flushed the DNS Resolver Cache.

========================= IE Proxy Settings: ============================== 

Proxy is not enabled.
No Proxy Server is set.

"Reset IE Proxy Settings": IE Proxy Settings were reset.

========================= FF Proxy Settings: ============================== 


"Reset FF Proxy Settings": Firefox Proxy settings were reset.

========================= Hosts content: =================================



========================= IP Configuration: ================================

# ----------------------------------
# IPv4 Configuration
# ----------------------------------
pushd interface ipv4

reset
set global icmpredirects=enabled
add address name="Local Area Connection" address=192.168.137.1


popd
# End of IPv4 configuration



Windows IP Configuration

   Host Name . . . . . . . . . . . . : Wing-PC
   Primary Dns Suffix  . . . . . . . : 
   Node Type . . . . . . . . . . . . : Hybrid
   IP Routing Enabled. . . . . . . . : No
   WINS Proxy Enabled. . . . . . . . : No
   DNS Suffix Search List. . . . . . : home

Wireless LAN adapter Wireless Network Connection:

   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Broadcom 802.11g Network Adapter
   Physical Address. . . . . . . . . : 78-E4-00-96-34-5D
   DHCP Enabled. . . . . . . . . . . : Yes
   Autoconfiguration Enabled . . . . : Yes
   Link-local IPv6 Address . . . . . : fe80::c8dc:be5c:1b92:c072%15(Preferred) 
   IPv4 Address. . . . . . . . . . . : 192.168.1.4(Preferred) 
   Subnet Mask . . . . . . . . . . . : 255.255.255.0
   Lease Obtained. . . . . . . . . . : Thursday, September 15, 2011 9:59:28 PM
   Lease Expires . . . . . . . . . . : Saturday, September 17, 2011 4:03:43 PM
   Default Gateway . . . . . . . . . : 192.168.1.1
   DHCP Server . . . . . . . . . . . : 192.168.1.1
   DHCPv6 IAID . . . . . . . . . . . : 393798656
   DHCPv6 Client DUID. . . . . . . . : 00-01-00-01-14-09-DF-22-88-AE-1D-30-A5-7E
   DNS Servers . . . . . . . . . . . : 192.168.1.1
                                       68.237.161.12
   NetBIOS over Tcpip. . . . . . . . : Enabled

Ethernet adapter Local Area Connection:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Broadcom NetLink (TM) Fast Ethernet
   Physical Address. . . . . . . . . : 88-AE-1D-30-A5-7E
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter isatap.home:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : home
   Description . . . . . . . . . . . : Microsoft ISATAP Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Teredo Tunneling Pseudo-Interface:

   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Teredo Tunneling Pseudo-Interface
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
   IPv6 Address. . . . . . . . . . . : 2001:0:4137:9e76:1062:2e65:9f05:9796(Preferred) 
   Link-local IPv6 Address . . . . . : fe80::1062:2e65:9f05:9796%11(Preferred) 
   Default Gateway . . . . . . . . . : ::
   NetBIOS over Tcpip. . . . . . . . : Disabled

Tunnel adapter 6TO4 Adapter:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 9:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #2
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes

Tunnel adapter Local Area Connection* 11:

   Media State . . . . . . . . . . . : Media disconnected
   Connection-specific DNS Suffix  . : 
   Description . . . . . . . . . . . : Microsoft 6to4 Adapter #3
   Physical Address. . . . . . . . . : 00-00-00-00-00-00-00-E0
   DHCP Enabled. . . . . . . . . . . : No
   Autoconfiguration Enabled . . . . : Yes
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    google.com
Addresses:  74.125.226.113
	  74.125.226.114
	  74.125.226.116
	  74.125.226.112
	  74.125.226.115


Pinging google.com [74.125.226.180] with 32 bytes of data:
Reply from 74.125.226.180: bytes=32 time=8ms TTL=252
Reply from 74.125.226.180: bytes=32 time=7ms TTL=252

Ping statistics for 74.125.226.180:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 7ms, Maximum = 8ms, Average = 7ms
Server:  Wireless_Broadband_Router.home
Address:  192.168.1.1

Name:    yahoo.com
Addresses:  209.191.122.70
	  67.195.160.76
	  69.147.125.65
	  72.30.2.43
	  98.137.149.56


Pinging yahoo.com [98.137.149.56] with 32 bytes of data:
Reply from 98.137.149.56: bytes=32 time=99ms TTL=250
Reply from 98.137.149.56: bytes=32 time=90ms TTL=250

Ping statistics for 98.137.149.56:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 90ms, Maximum = 99ms, Average = 94ms

Pinging 127.0.0.1 with 32 bytes of data:
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128
Reply from 127.0.0.1: bytes=32 time<1ms TTL=128

Ping statistics for 127.0.0.1:
    Packets: Sent = 2, Received = 2, Lost = 0 (0% loss),
Approximate round trip times in milli-seconds:
    Minimum = 0ms, Maximum = 0ms, Average = 0ms
===========================================================================
Interface List
 15...78 e4 00 96 34 5d ......Broadcom 802.11g Network Adapter
 10...88 ae 1d 30 a5 7e ......Broadcom NetLink (TM) Fast Ethernet
  1...........................Software Loopback Interface 1
 17...00 00 00 00 00 00 00 e0 Microsoft ISATAP Adapter
 11...00 00 00 00 00 00 00 e0 Teredo Tunneling Pseudo-Interface
 12...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter
 13...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #2
 14...00 00 00 00 00 00 00 e0 Microsoft 6to4 Adapter #3
===========================================================================

IPv4 Route Table
===========================================================================
Active Routes:
Network Destination        Netmask          Gateway       Interface  Metric
          0.0.0.0          0.0.0.0      192.168.1.1      192.168.1.4     25
        127.0.0.0        255.0.0.0         On-link         127.0.0.1    306
        127.0.0.1  255.255.255.255         On-link         127.0.0.1    306
  127.255.255.255  255.255.255.255         On-link         127.0.0.1    306
      192.168.1.0    255.255.255.0         On-link       192.168.1.4    281
      192.168.1.4  255.255.255.255         On-link       192.168.1.4    281
    192.168.1.255  255.255.255.255         On-link       192.168.1.4    281
        224.0.0.0        240.0.0.0         On-link         127.0.0.1    306
        224.0.0.0        240.0.0.0         On-link       192.168.1.4    281
  255.255.255.255  255.255.255.255         On-link         127.0.0.1    306
  255.255.255.255  255.255.255.255         On-link       192.168.1.4    281
===========================================================================
Persistent Routes:
  None

IPv6 Route Table
===========================================================================
Active Routes:
 If Metric Network Destination      Gateway
 11     58 ::/0                     On-link
  1    306 ::1/128                  On-link
 11     58 2001::/32                On-link
 11    306 2001:0:4137:9e76:1062:2e65:9f05:9796/128
                                    On-link
 15    281 fe80::/64                On-link
 11    306 fe80::/64                On-link
 11    306 fe80::1062:2e65:9f05:9796/128
                                    On-link
 15    281 fe80::c8dc:be5c:1b92:c072/128
                                    On-link
  1    306 ff00::/8                 On-link
 11    306 ff00::/8                 On-link
 15    281 ff00::/8                 On-link
===========================================================================
Persistent Routes:
  None
========================= Winsock entries =====================================

Catalog5 01 C:\Windows\SysWOW64\NLAapi.dll [51712] (Microsoft Corporation)
Catalog5 02 C:\Windows\SysWOW64\napinsp.dll [52224] (Microsoft Corporation)
Catalog5 03 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 04 C:\Windows\SysWOW64\pnrpnsp.dll [65024] (Microsoft Corporation)
Catalog5 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog5 06 C:\Windows\SysWOW64\winrnr.dll [20992] (Microsoft Corporation)
Catalog9 01 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 02 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 03 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 04 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 05 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 06 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 07 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 08 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 09 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
Catalog9 10 C:\Windows\SysWOW64\mswsock.dll [232448] (Microsoft Corporation)
x64-Catalog5 01 C:\Windows\System32\NLAapi.dll [70144] (Microsoft Corporation)
x64-Catalog5 02 C:\Windows\System32\napinsp.dll [68096] (Microsoft Corporation)
x64-Catalog5 03 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 04 C:\Windows\System32\pnrpnsp.dll [86016] (Microsoft Corporation)
x64-Catalog5 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog5 06 C:\Windows\System32\winrnr.dll [28672] (Microsoft Corporation)
x64-Catalog9 01 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 02 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 03 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 04 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 05 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 06 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 07 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 08 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 09 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)
x64-Catalog9 10 C:\Windows\System32\mswsock.dll [320000] (Microsoft Corporation)

========================= Event log errors: ===============================

Application errors:
==================
Error: (09/04/2011 06:56:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/04/2011 06:56:06 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/04/2011 06:56:06 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/04/2011 05:36:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/04/2011 05:36:21 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/04/2011 04:54:36 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/04/2011 04:54:34 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/03/2011 06:20:10 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.

Error: (09/03/2011 06:20:03 PM) (Source: SideBySide) (User: )
Description: Activation context generation failed for "assemblyIdentity1".Error in manifest or policy file "assemblyIdentity2" on line assemblyIdentity3.
The value "*" of attribute "language" in element "assemblyIdentity" is invalid.

Error: (09/03/2011 06:18:41 PM) (Source: Microsoft-Windows-CAPI2) (User: )
Description: Failed extract of third-party root list from auto update cab at: <http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cab> with error: A required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.
.


System errors:
=============
Error: (09/16/2011 11:28:00 AM) (Source: NetBT) (User: )
Description: The name "WORKGROUP      :1d" could not be registered on the interface with IP address 192.168.1.4.
The computer with the IP address 192.168.1.3 did not allow the name to be claimed by
this computer.

Error: (09/15/2011 09:59:46 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/12/2011 03:25:07 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/11/2011 11:55:49 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/10/2011 11:07:03 PM) (Source: bowser) (User: )
Description: The master browser has received a server announcement from the computer NY-T420
that believes that it is the master browser for the domain on transport NetBT_Tcpip_{1E40930E-9AF1-4986-A8D8-8C6DF04AB6D2}.
The master browser is stopping or an election is being forced.

Error: (09/10/2011 11:51:35 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/09/2011 09:09:01 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/07/2011 10:55:36 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/07/2011 01:11:18 AM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842

Error: (09/04/2011 08:05:36 PM) (Source: Microsoft Antimalware) (User: )
Description: %%860 Real-Time Protection feature has encountered an error and failed.

	Feature: %%835

	Error Code: 0x80004005

	Error description: Unspecified error 

	Reason: %%842


Microsoft Office Sessions:
=========================
Error: (09/04/2011 06:56:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/04/2011 06:56:06 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/04/2011 06:56:06 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/04/2011 05:36:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/04/2011 05:36:21 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/04/2011 04:54:36 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/04/2011 04:54:34 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/03/2011 06:20:10 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.

Error: (09/03/2011 06:20:03 PM) (Source: SideBySide)(User: )
Description: assemblyIdentitylanguage*c:\program files (x86)\spybot - search & destroy\DelZip179.dllc:\program files (x86)\spybot - search & destroy\DelZip179.dll8

Error: (09/03/2011 06:18:41 PM) (Source: Microsoft-Windows-CAPI2)(User: )
Description: http://www.download.windowsupdate.com/msdownload/update/v3/static/trustedr/en/authrootstl.cabA required certificate is not within its validity period when verifying against the current system clock or the timestamp in the signed file.


=========================== Installed Programs ============================

??à×7
Adobe AIR (Version: 2.5.1.17730)
Adobe Flash Player 10 ActiveX (Version: 10.2.159.1)
Adobe Flash Player 10 Plugin (Version: 10.2.153.1)
Adobe Reader X (Version: 10.0.0)
Adobe Shockwave Player 11.5 (Version: 11.5.9.615)
ALPS Touch Pad Driver
CCleaner (Version: 2.35)
Conexant HD Audio (Version: 4.119.0.60)
EasyCapture (Version: V4.0.09.0731)
Energy Management (Version: 4.4.1.0)
Feedback Tool (Version: 1.1.0)
Foxit Reader (Version: 4.1.1.805)
HiJackThis (Version: 1.0.0)
ImgBurn (Version: 2.5.5.0)
League of Legends (Version: 1.0020)
Malwarebytes' Anti-Malware version 1.51.1.1800 (Version: 1.51.1.1800)
Media Player Classic - Home Cinema v1.5.0.2827 x64 (Version: 1.5.0.2827)
Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
Microsoft Antimalware (Version: 3.0.8402.2)
Microsoft Security Client (Version: 2.1.1116.0)
Microsoft Security Essentials (Version: 2.1.1116.0)
Microsoft Silverlight (Version: 4.0.60531.0)
Microsoft Visual C++ 2005 Redistributable (Version: 8.0.61001)
Mozilla Firefox 6.0.2 (x86 en-US) (Version: 6.0.2)
Notepad++ (Version: 5.7)
PPSó??· V1.0.1.270 (Version: 1.0.1.270)
PPStream V2.7.0.1246 Final (Version: 2.7.0.1246)
QQ工具栏 (Version: 4.1.5.21)
QQ拼音输入法3.5 (Version: 3.5)
QQ音乐2010 (Version: 2010)
Spybot - Search & Destroy (Version: 1.6.2)
TuneUp Utilities (Version: 9.0.4600.3)
TuneUp Utilities Language Pack (en-US) (Version: 9.0.4600.3)
Windows Driver Package - Lenovo (ACPIVPC) System  (05/19/2009 4.4.0.1) (Version: 05/19/2009 4.4.0.1)
Windows Resource Kit Tools - SubInAcl.exe (Version: 5.2.3790.1164)
WinRAR archiver
Yahoo! Messenger
Yahoo! Software Update
腾讯QQ2011(安全防护) (Version: 1.65.2257.0)
腾讯中文搜搜 (Version: 5.0.2.16)
腾讯视频 (Version: 2011(8.35.5779.0))
词霸2011  (Version: 2011.02.22.020)
谷歌拼音输入法 2.3

========================= Memory info: ===================================

Percentage of memory in use: 29%
Total physical RAM: 4028.6 MB
Available physical RAM: 2820.34 MB
Total Pagefile: 8055.35 MB
Available Pagefile: 6707.69 MB
Total Virtual: 4095.88 MB
Available Virtual: 3916.8 MB

========================= Partitions: =====================================

1 Drive c: () (Fixed) (Total:187.69 GB) (Free:141.36 GB) NTFS
2 Drive d: (Lenovo) (Fixed) (Total:30.25 GB) (Free:29.48 GB) NTFS

========================= Users: ========================================

User accounts for \\WING-PC

Administrator            Guest                    Wing                     

========================= Minidump Files ==================================

No minidump file found

**** End of log ****

Results of screen317's Security Check version 0.99.7  
 Windows 7  [color=red][b](UAC is disabled!)[/b][/color] 
 Internet Explorer 8  
[b]`````````````````````````````` 
[u]Antivirus/Firewall Check:[/u][/b] 
 Windows Firewall Enabled!  
 [size=1]WMI entry may not exist for antivirus; attempting automatic update.[/size] 
[b]``````````````````````````````` 
[u]Anti-malware/Other Utilities Check:[/u][/b] 
 Malwarebytes' Anti-Malware    
 TuneUp Utilities    
 TuneUp Utilities Language Pack (en-US) 
 CCleaner     
 Adobe Flash Player 10.2.153.1  
Adobe Reader X 
 Mozilla Firefox (x86 en-US..) [color=red][b]Firefox Out of Date![/b][/color]  
[b]```````````````````````````````` 
Process Check:  
[u]objlist.exe by Laurent[/u][/b] 
 Windows Defender MSMpEng.exe 
 Microsoft Security Essentials msseces.exe 
 Microsoft Security Client Antimalware MsMpEng.exe  
 Microsoft Security Client Antimalware NisSrv.exe  
[b]``````````End of Log````````````[/b] 

Super Antispyware log
]SUPERAntiSpyware Scan Log
http://www.superantispyware.com

Generated 09/16/2011 at 05:10 PM

Application Version : 5.0.1118

Core Rules Database Version : 7701
Trace Rules Database Version: 5513

Scan type : Complete Scan
Total Scan Time : 00:44:24

Operating System Information
Windows 7 Home Premium 64-bit (Build 6.01.7600)
UAC Off - Administrator

Memory items scanned : 383
Memory threats detected : 0
Registry items scanned : 68089
Registry threats detected : 208
File items scanned : 180291
File threats detected : 631

Adware.Tracking Cookie
C:\Users\Wing\AppData\Roaming\Microsoft\Windows\Cookies\F60A8KR0.txt
C:\Users\Wing\AppData\Roaming\Microsoft\Windows\Cookies\UQ45YTDY.txt
va.px.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
g-pixel.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.imrworldwide.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mmstat.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
track.ra.icast.cn [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fedex.122.2o7.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.apmebf.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.thinkmedia.cn [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserv.rotator.hadj7.adjuggler.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adserv.rotator.hadj7.adjuggler.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.3dclicktracker.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediabrandsww.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ru4.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.yieldmanager.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.smartmedia.allyes.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.insightexpressai.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.jobmarket.com.hk [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
banner.jobmarket.com.hk [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.linksynergy.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.ads.pointroll.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mm.chitika.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.xm.xtendmedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.azjmp.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.azjmp.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.azjmp.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.target.db.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hertz.122.2o7.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.realmedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.doubleclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.2o7.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.zedo.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.anrtx.tacoda.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.networldmedia.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.hotwire.db.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adbrite.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.a1.interclick.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.adserver.adtechus.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tribalfusion.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
fls.doubleclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlview--atdmt--com.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlbp--specificclick--net.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlleadback--advertising--com.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlsmp--specificmedia--com.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlwww--googleadservices--com.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlace-tag--advertising--com.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlmpp--specificclick--net.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
urlgoogleads--g--doubleclick--net.reachlocal.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.statcounter.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
web4.realtracker.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.specificclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.stat.youku.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lstat.youku.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lstat.youku.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.googleads.g.doubleclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.bs.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.interclick.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.trafficmp.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.lucidmedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
server.iad.liveperson.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.liveperson.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.atdmt.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.questionmarket.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.www.burstnet.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
tw.skyscanner.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.skyscanner.com.tw [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.skyscanner.com.tw [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.skyscanner.com.tw [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.skyscanner.com.tw [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.skyscanner.com.tw [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.skyscanner.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.revsci.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.traveladvertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.skyscanner.com.tw [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.advertising.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.tacoda.at.atwola.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.at.atwola.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
cn.clickable.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
www.googleadservices.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
ad.yieldmanager.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.media6degrees.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.nextag.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediav.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediav.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.invitemedia.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
adsys.sinovision.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.collective-media.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.serving-sys.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.fastclick.net [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.mediaplex.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
.kontera.com [ C:\USERS\WING\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
material.mediav.com [ C:\USERS\WING\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WVLSN2ME ]
smmedia.allyes.com.cn [ C:\USERS\WING\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WVLSN2ME ]
track2.ra.icast.cn [ C:\USERS\WING\APPDATA\ROAMING\MACROMEDIA\FLASH PLAYER\#SHAREDOBJECTS\WVLSN2ME ]
statse.webtrendslive.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
track.ra.icast.cn [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.mmstat.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
pixel-hk.pixelinteractivemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
track.ra.icast.cn [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
va.px.invitemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
segment-pixel.invitemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.atdmt.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.sitebro.com.tw [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.sitebro.com.tw [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.smartmedia.allyes.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.thinkmedia.cn [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
count.bingtuannet.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.zh.sitebro.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.plattformad.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.dmtracker.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.legolas-media.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.adultsearch.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.adultsearch.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.virginia.adultsearch.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.virginia.adultsearch.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.virginia.adultsearch.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.chinese.soifind.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.chinese.soifind.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.chinese.soifind.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
track.acclaimnetwork.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
track.acclaimnetwork.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
pixel-hk.pixelinteractivemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.microsoftwlmessengermkt.112.2o7.net [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.radiofreeasia.122.2o7.net [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
wstat.wibiya.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.efeducationfirst.112.2o7.net [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.overture.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.tracking.pcschool.com.tw [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.tracking.pcschool.com.tw [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.pcschool.com.tw [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.pcschool.com.tw [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.zh.sitebro.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
flagcounter.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.statcounter.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
tracking.zh.sitebro.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.112.2o7.net [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
pixel-hk.pixelinteractivemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.mediav.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.mediav.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.mediav.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.mediav.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.imrworldwide.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]
.invitemedia.com [ C:\USERS\WING\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\WB34AN2M.DEFAULT\COOKIES.SQLITE ]

Adware.Tencent
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{D9EBCF5D-3F8F-4b6a-89BA-70577BE73C62}
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}#AppID
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}\InprocServer32
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}\ProgID
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}\Programmable
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}\TypeLib
(x86) HKCR\CLSID\{D9EBCF5D-3F8F-4B6A-89BA-70577BE73C62}\VersionIndependentProgID
(x86) HKCR\QQLive.Application.1
(x86) HKCR\QQLive.Application.1\CLSID
(x86) HKCR\QQLive.Application
(x86) HKCR\QQLive.Application\CLSID
(x86) HKCR\QQLive.Application\CurVer
(x86) HKCR\TypeLib\{071AC612-2B4F-413F-9EFC-897B61F3F3BA}
(x86) HKCR\TypeLib\{071AC612-2B4F-413F-9EFC-897B61F3F3BA}\1.0
(x86) HKCR\TypeLib\{071AC612-2B4F-413F-9EFC-897B61F3F3BA}\1.0\0
(x86) HKCR\TypeLib\{071AC612-2B4F-413F-9EFC-897B61F3F3BA}\1.0\0\win32
(x86) HKCR\TypeLib\{071AC612-2B4F-413F-9EFC-897B61F3F3BA}\1.0\FLAGS
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEAPI.DLL
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{11F2A418-94B2-4e16-9B0C-B00C0435F903}
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}#AppID
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\Control
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\InprocServer32
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\Insertable
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\MiscStatus
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\MiscStatus\1
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\ProgID
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\Programmable
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\ToolboxBitmap32
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\TypeLib
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\Version
(x86) HKCR\CLSID\{11F2A418-94B2-4E16-9B0C-B00C0435F903}\VersionIndependentProgID
(x86) HKCR\LiveMedia.Player.1
(x86) HKCR\LiveMedia.Player.1\CLSID
(x86) HKCR\LiveMedia.Player.1\Insertable
(x86) HKCR\LiveMedia.Player
(x86) HKCR\LiveMedia.Player\CLSID
(x86) HKCR\LiveMedia.Player\CurVer
(x86) HKCR\TypeLib\{525E9FD5-DD7B-4BF5-BC5D-0277117BD4AE}
(x86) HKCR\TypeLib\{525E9FD5-DD7B-4BF5-BC5D-0277117BD4AE}\1.0
(x86) HKCR\TypeLib\{525E9FD5-DD7B-4BF5-BC5D-0277117BD4AE}\1.0\0
(x86) HKCR\TypeLib\{525E9FD5-DD7B-4BF5-BC5D-0277117BD4AE}\1.0\0\win32
(x86) HKCR\TypeLib\{525E9FD5-DD7B-4BF5-BC5D-0277117BD4AE}\1.0\FLAGS
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEMEDIA.DLL
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{6B232760-90F1-41c3-9902-C8552C1D8A72}
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}#AppID
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\Control
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\InprocServer32
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\MiscStatus
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\MiscStatus\1
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\ProgID
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\Programmable
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\ToolboxBitmap32
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\TypeLib
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\Version
(x86) HKCR\CLSID\{6B232760-90F1-41C3-9902-C8552C1D8A72}\VersionIndependentProgID
(x86) HKCR\FileVersion.QQLiveFile.1
(x86) HKCR\FileVersion.QQLiveFile.1\CLSID
(x86) HKCR\FileVersion.QQLiveFile
(x86) HKCR\FileVersion.QQLiveFile\CLSID
(x86) HKCR\FileVersion.QQLiveFile\CurVer
(x86) HKCR\TypeLib\{BFBE8026-4C26-4D27-B6D9-5FCDE5B619BB}
(x86) HKCR\TypeLib\{BFBE8026-4C26-4D27-B6D9-5FCDE5B619BB}\1.0
(x86) HKCR\TypeLib\{BFBE8026-4C26-4D27-B6D9-5FCDE5B619BB}\1.0\0
(x86) HKCR\TypeLib\{BFBE8026-4C26-4D27-B6D9-5FCDE5B619BB}\1.0\0\win32
(x86) HKCR\TypeLib\{BFBE8026-4C26-4D27-B6D9-5FCDE5B619BB}\1.0\FLAGS
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\FILEVERSION.DLL
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5EF7B131-C278-4034-BC88-2CE28B128681}
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}#AppID
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\Control
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\InprocServer32
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\MiscStatus
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\MiscStatus\1
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\ProgID
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\Programmable
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\ToolboxBitmap32
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\TypeLib
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\Version
(x86) HKCR\CLSID\{5EF7B131-C278-4034-BC88-2CE28B128681}\VersionIndependentProgID
(x86) HKCR\LiveOcx.QQLiveOcx.1
(x86) HKCR\LiveOcx.QQLiveOcx.1\CLSID
(x86) HKCR\LiveOcx.QQLiveOcx
(x86) HKCR\LiveOcx.QQLiveOcx\CLSID
(x86) HKCR\LiveOcx.QQLiveOcx\CurVer
(x86) HKCR\TypeLib\{33EAEB3F-610C-42F7-B036-2A11BB5CDB21}
(x86) HKCR\TypeLib\{33EAEB3F-610C-42F7-B036-2A11BB5CDB21}\1.0
(x86) HKCR\TypeLib\{33EAEB3F-610C-42F7-B036-2A11BB5CDB21}\1.0\0
(x86) HKCR\TypeLib\{33EAEB3F-610C-42F7-B036-2A11BB5CDB21}\1.0\0\win32
(x86) HKCR\TypeLib\{33EAEB3F-610C-42F7-B036-2A11BB5CDB21}\1.0\FLAGS
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\LIVEOCX.DLL
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{F7E55BDF-9528-46ba-B550-777859627591}
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}#AppID
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\Control
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\InprocServer32
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\MiscStatus
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\MiscStatus\1
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\ProgID
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\Programmable
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\ToolboxBitmap32
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\TypeLib
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\Version
(x86) HKCR\CLSID\{F7E55BDF-9528-46BA-B550-777859627591}\VersionIndependentProgID
(x86) HKCR\LiveOcx.QQLiveOcxShell.1
(x86) HKCR\LiveOcx.QQLiveOcxShell.1\CLSID
(x86) HKCR\LiveOcx.QQLiveOcxShell
(x86) HKCR\LiveOcx.QQLiveOcxShell\CLSID
(x86) HKCR\LiveOcx.QQLiveOcxShell\CurVer
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{5052B4D0-9DF7-45ef-88EF-F42C0EA33A43}
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}#AppID
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}\InprocServer32
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}\ProgID
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}\Programmable
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}\TypeLib
(x86) HKCR\CLSID\{5052B4D0-9DF7-45EF-88EF-F42C0EA33A43}\VersionIndependentProgID
(x86) HKCR\QQPYSetupChecker.QQPYChecker.1
(x86) HKCR\QQPYSetupChecker.QQPYChecker.1\CLSID
(x86) HKCR\QQPYSetupChecker.QQPYChecker
(x86) HKCR\QQPYSetupChecker.QQPYChecker\CLSID
(x86) HKCR\QQPYSetupChecker.QQPYChecker\CurVer
(x86) HKCR\TypeLib\{419B0CBF-864E-48E3-AF1E-11FBEE1C8EFD}
(x86) HKCR\TypeLib\{419B0CBF-864E-48E3-AF1E-11FBEE1C8EFD}\1.0
(x86) HKCR\TypeLib\{419B0CBF-864E-48E3-AF1E-11FBEE1C8EFD}\1.0\0
(x86) HKCR\TypeLib\{419B0CBF-864E-48E3-AF1E-11FBEE1C8EFD}\1.0\0\win32
(x86) HKCR\TypeLib\{419B0CBF-864E-48E3-AF1E-11FBEE1C8EFD}\1.0\FLAGS
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMECHECKER.DLL
(x86) HKU\S-1-5-21-2553339386-729185782-240948442-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}\InprocServer32
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}\InprocServer32#ThreadingModel
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}\ProgID
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}\Programmable
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}\TypeLib
(x86) HKCR\CLSID\{1DABF8D5-8430-4985-9B7F-A30E53D709B3}\VersionIndependentProgID
(x86) HKCR\QQLiveInstaller.InstallHelper.1
(x86) HKCR\QQLiveInstaller.InstallHelper.1\CLSID
(x86) HKCR\QQLiveInstaller.InstallHelper
(x86) HKCR\QQLiveInstaller.InstallHelper\CLSID
(x86) HKCR\QQLiveInstaller.InstallHelper\CurVer
(x86) HKCR\TypeLib\{90C3E08B-FD84-400E-8B7B-5CA9F0844E5F}
(x86) HKCR\TypeLib\{90C3E08B-FD84-400E-8B7B-5CA9F0844E5F}\1.0
(x86) HKCR\TypeLib\{90C3E08B-FD84-400E-8B7B-5CA9F0844E5F}\1.0\0
(x86) HKCR\TypeLib\{90C3E08B-FD84-400E-8B7B-5CA9F0844E5F}\1.0\0\win32
(x86) HKCR\TypeLib\{90C3E08B-FD84-400E-8B7B-5CA9F0844E5F}\1.0\FLAGS
C:\WINDOWS\SYSWOW64\MMINSTALLER.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\CLEAR\CLEAR.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\GADGET.EXE
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\MUSICBOX\MUSICBOX.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\PRSCRN\PRSCRN.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\QQMAIL\QQMAIL.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\QQTOOLBARSETUP.EXE
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\QZONE\QZONE.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\SHUQIAN\SHUQIAN.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\SIDEBAR.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\TBADDR.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\TBPROXY.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\TOOLBAR.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\INSTALLER\WENWEN\WENWEN.DLL
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\QQTOOLBARUNINST.EXE
C:\PROGRAM FILES\TENCENT\QQTOOLBAR\TBBROKER.EXE
C:\PROGRAM FILES\TENCENT\SSPLUS\SCRAX.DLL
C:\PROGRAM FILES\TENCENT\SSPLUS\SPLUS.DLL
C:\PROGRAM FILES\TENCENT\SSPLUS\STUP.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\NPQSCALL\NPQSCALL.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\PAYCENTER\QQCERT.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\PAYCENTER\QQEDIT.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\QQDOWNLOAD\107\DLCORE.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\QQDOWNLOAD\107\EXTRACT.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\QQDOWNLOAD\107\TENCENTDL.EXE
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXFTN\TXFTNACTIVEX1.17.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXPTOP\P2PAPI.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXPTOP\P2PAPP.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXPTOP\P2PCORE.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXPTOP\P2PDATA.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXPTOP\P2PHTTP.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\1.2.1.14\BIN\SSOCOMMON.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\1.2.1.14\BIN\SSOLUICONTROL.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\1.2.1.14\BIN\SSOPLATFORM.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\1.2.1.28\BIN\SSOCOMMON.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\1.2.1.28\BIN\SSOLUICONTROL.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\1.2.1.28\BIN\SSOPLATFORM.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\BIN\SSOCOMMON.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\BIN\SSOLUICONTROL.DLL
C:\PROGRAM FILES (X86)\COMMON FILES\TENCENT\TXSSO\BIN\SSOPLATFORM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ADDRSEARCH.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AFCTRL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AFUTIL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\APPCOM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\APPMISC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\APPUTIL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\ARKFS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\ARKFSBASE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\ARKHTTP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\ARKIPC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\DEBUG.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\JGENGINE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\JGGRAPHIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\JGIMAGE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\JGIOSTUB.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\JGTEXTRENDER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\JGXTML.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\PLATO.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\QQAPP.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\QQSERVICE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\STORAGE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\ARK\SYSTEM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AUCLT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AUCOMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AUDIOENGINE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AUDIOENGINE32.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\AUVQQSDL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\BASICCTRLDLL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\BUGREPORT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CAMERA.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CHATFRAMEAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\COMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CONFIGCENTER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CONTACTINFOFRAME.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CONTACTMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CONTACTS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CPHELPER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\CUSTOMFACE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\FLASHSERVICE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\GF.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\GROUPAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\INFORMATIONBOX.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\IPC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\JGIMAGE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\JGIOSTUB.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\KERNELMISC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\KERNELUTIL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\LOGINPANEL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\LONGCNN.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\MAINFRAME.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\MSGMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\OPIEMODULE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\PLUGINCOMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\PROCESSSESSION.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QINTERLIVE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QQ.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QQEXTERNAL.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QQPI.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QQPROTECT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QQSAFEUD.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\QQZIP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\RHCOMM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\SCCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\SETUPEX\QQSETUPEX.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\SKINMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\STORAGETOOL.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\SYSTEMMSG.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TASKTRAY.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TIMWP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TIMWP.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSEH.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSEHRES.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSELODER.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSENGINE.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSEPB.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSSAFEEDIT.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSVULCHK.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSVULENGINE.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSVULMDW.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TSVULSCAN.DAT
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TXOPSHOW.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TXPFPROXY.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\TXPLATFORM.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VCODEC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VCODECOLD.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VIDEODEVICE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VQQALLINONE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VQQCONV.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VQQSDL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\VQQTRACE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\XGRAPHIC32.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\XIMAGE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\BIN\XVENGINE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.ADVERTISEMENT\BIN\ADVERTISEMENT.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.AUDIOVIDEO\BIN\AUDIOVIDEO.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.BOOKMARK\BIN\BOOKMARK.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.CRM\BIN\CRM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.FILETRANSFER\BIN\FILETRANSFER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.FRIENDSSOCIAL\BIN\FRIENDSSOCIAL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.GAMELIFE\BIN\GAMELIFE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.GRAFFITO\BIN\GRAFFITO.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.HDVIDEO\BIN\HDVIDEO.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.MAIL\BIN\MAIL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.MEMO\BIN\MEMO.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.MMOG\BIN\MMOG.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETBAR\BIN\NETBAR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\DISKCOMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\DISKFILE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\DISKIPC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\NETDISK.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\COMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DISKCOMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DISKCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DISKFILE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DISKIPC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DISKNET.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DISKTRANSFER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\DLCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\EXTRACT.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\QQDISK.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.NETDISK\BIN\QQDISK\BIN\TENCENTDL.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.PAIPAI\BIN\PAIPAI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.PAIPAIGIFT\BIN\PAIPAIGIFT.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.PAYCENTER\BIN\PAYCENTER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQGAME\BIN\QQGAME.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQLIVE\BIN\QQLIVE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\AUZIP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\CMINTERNET.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\MMINSTALLER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\NPQZONEMUSIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\P2PAPI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\P2PAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\P2PCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\P2PDATA.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\P2PHTTP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QQMEDIAPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QQMUSICADDIN\QMP_MP3.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QQMUSICDLDEX.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QQMUSICPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QQPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QZONEMUSIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC\QZONEMUSIC.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQMUSIC\BIN\QQMUSIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQPET\BIN\QQPET\QQPETAGENT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQPET\BIN\QQPET\QQPETKERNELBETA10BUILD001.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQPET\BIN\QQPET\QQPETURLLINK.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQPET\BIN\QQPET.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQRING\BIN\QQRING.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQSHOW\BIN\QQSHOW.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQVIP\BIN\QQVIP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQVIPMISC\BIN\QQVIPMISC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QQWEBSITE\BIN\QQWEBSITE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.QZONE\BIN\QZONE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.REMOTEHELP\BIN\REMOTEHELP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.SNSAPP\BIN\SNSAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.SOBAR\BIN\SOBAR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.SOSO\BIN\SOSO.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.STOCK\BIN\STOCK.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.TODAY\BIN\TODAY.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.VAS\BIN\VAS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.WEATHER\BIN\WEATHER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.WENWEN\BIN\WENWEN.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.WINKS\BIN\WINKS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\PLUGIN\COM.TENCENT.WIRELESS\BIN\WIRELESS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQ\QQUNINST.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\ADMANAGE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\CHANNELMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\COMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\CORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\EXCEPTCATCH.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\GF.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEMASTER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\CHANNELMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\LIVEAPI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\LIVEMASTER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\LIVEPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\LIVESTREAM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\LIVEVOD.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\MMINSTALLER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\NPQQLIVE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\P2PAPI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\P2PAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\P2PCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\P2PDATA.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\P2PHTTP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\QQLIVE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\QQLIVECOMMU.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\QQLIVEEX.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX\STATISTIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEOCX.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVESTREAM.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LIVEVOD.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\LOGIN.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\MEDIACTRL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\MINITIPS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\MMINSTALLER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\P2PAPI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\P2PAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\P2PCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\P2PDATA.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\P2PDOWNLOAD.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\P2PHTTP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQHELPER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQLIVE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQLIVE.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQLIVECOMMU.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQLIVEEX.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQLIVEHOOKS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\QQLIVEUP.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\SETUPSHELL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\STATISTIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\UPGRADE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\USERDATA.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\VQQSDL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\WIN7FEATURE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQLIVE\XGRAPHIC32.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\AUZIP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\CMINTERNET.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\EXCEPTCATCH.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\MMINSTALLER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\NPQZONEMUSIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\P2PAPI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\P2PAPP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\P2PCORE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\P2PDATA.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\P2PHTTP.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QMDATABASEMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMEDIAPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICADDIN\QMP_MP3.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICAPI.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICCOMMON.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICCVTDATA.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICDLDEX.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICRESOURCE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICSKIN2.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICSVR.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICUPDATE.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSICWIDGET_MFC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_CONFIG.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_FILEMANAGER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_LIST.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_LOGIN.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_LYRIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_MOBILEDEVICE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_NETWORK.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_PLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_PORTAL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_PROTOCOL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_QMPMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_SHELL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_SKINMGR.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_TIPS.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQMUSIC_UPGRADE.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QQPLAYER.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QZONEMUSIC.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQMUSIC\QZONEMUSIC.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\INSTALL64.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQDOWNLOAD.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMEDOWNLOAD.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMEREGDICT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMEREGSKIN.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMEUTIL.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMEUTIL.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQIMEUTIL_X64.DLL
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYCLIPBOARD.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYCONFIG.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYDICT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYFACE.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYHANDINPUT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYLEVEL.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYLIVEUP.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYMAKEWORD.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYMBLOG.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYMERGEDICT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYSTAT.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYSTROKESHELPER.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYTRAYBAR.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\QQPYWIZARD.EXE
C:\PROGRAM FILES (X86)\TENCENT\QQPINYIN\3.5.968.400\SNAPSHOT.EXE
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\CLEAR\CLEAR.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\MUSICBOX\MUSICBOX.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\PRSCRN\PRSCRN.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\QQMAIL\QQMAIL.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\QZONE\QZONE.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\SHUQIAN\SHUQIAN.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\BTNS\WENWEN\WENWEN.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\DLLS\GADGET.EXE
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\DLLS\SIDEBAR.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\DLLS\TBADDR.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\DLLS\TBPROXY.DLL
C:\USERS\WING\APPDATA\LOCALLOW\TENCENT\QQTOOLBAR\DLLS\TOOLBAR.DLL
C:\USERS\WING\APPDATA\ROAMING\TENCENT\ADPLUS\SPLUS.DLL
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\QQSAFEUD.EXE
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSEH.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSEHRES.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSELODER.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSENGINE.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSEPB.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSSAFEEDIT.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSVULCHK.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSVULENGINE.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSVULMDW.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\SAFEBASE\TSVULSCAN.DAT
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\STEMP\BACKUPDLTMP\DOWNLOAD\QQPCDOWNLOADFORQQ.EXE
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\STEMP\BACKUPDLTMP\DOWNLOAD\TBH_QQ.EXE
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\STEMP\BACKUPDLTMP\DOWNLOAD\TB_QQ119.EXE
C:\USERS\WING\APPDATA\ROAMING\TENCENT\QQ\STEMP\SETUPEX~0\QQSETUPEX.EXE
C:\WINDOWS\SYSTEM32\QQPINYIN.IME
C:\WINDOWS\SYSWOW64\DRIVERS\QQPROTECT.SYS
C:\WINDOWS\SYSWOW64\QQPINYIN.IME
C:\Windows\Prefetch\AUCLT.EXE-AB3244E2.pf
C:\Windows\Prefetch\QQ.EXE-265971E7.pf
C:\Windows\Prefetch\QQEXTERNAL.EXE-B47F85E6.pf
C:\Windows\Prefetch\QQPROTECT.EXE-003B7F2C.pf
C:\Windows\Prefetch\TXPLATFORM.EXE-01F23302.pf
(x86) HKCR\Interface\{16BD6524-203F-40BE-8D78-98FE61FE8948}
(x86) HKCR\Interface\{16BD6524-203F-40BE-8D78-98FE61FE8948}\ProxyStubClsid32
(x86) HKCR\Interface\{16BD6524-203F-40BE-8D78-98FE61FE8948}\TypeLib
(x86) HKCR\Interface\{16BD6524-203F-40BE-8D78-98FE61FE8948}\TypeLib#Version
(x86) HKCR\Interface\{35DC65E9-0DC6-4C94-A47E-569D9250B3A5}
(x86) HKCR\Interface\{35DC65E9-0DC6-4C94-A47E-569D9250B3A5}\ProxyStubClsid32
(x86) HKCR\Interface\{35DC65E9-0DC6-4C94-A47E-569D9250B3A5}\TypeLib
(x86) HKCR\Interface\{35DC65E9-0DC6-4C94-A47E-569D9250B3A5}\TypeLib#Version
(x86) HKCR\Interface\{35DFC29E-F79F-4D2F-A0FF-D30AE8F68FAE}
(x86) HKCR\Interface\{35DFC29E-F79F-4D2F-A0FF-D30AE8F68FAE}\ProxyStubClsid32
(x86) HKCR\Interface\{35DFC29E-F79F-4D2F-A0FF-D30AE8F68FAE}\TypeLib
(x86) HKCR\Interface\{35DFC29E-F79F-4D2F-A0FF-D30AE8F68FAE}\TypeLib#Version
(x86) HKCR\Interface\{4EDCAEDF-50AA-4731-81EE-C612AF3AD8B1}
(x86) HKCR\Interface\{4EDCAEDF-50AA-4731-81EE-C612AF3AD8B1}\ProxyStubClsid32
(x86) HKCR\Interface\{4EDCAEDF-50AA-4731-81EE-C612AF3AD8B1}\TypeLib
(x86) HKCR\Interface\{4EDCAEDF-50AA-4731-81EE-C612AF3AD8B1}\TypeLib#Version
(x86) HKCR\Interface\{675FDFC8-3499-4ED5-9AC0-729C46254E90}
(x86) HKCR\Interface\{675FDFC8-3499-4ED5-9AC0-729C46254E90}\ProxyStubClsid32
(x86) HKCR\Interface\{675FDFC8-3499-4ED5-9AC0-729C46254E90}\TypeLib
(x86) HKCR\Interface\{675FDFC8-3499-4ED5-9AC0-729C46254E90}\TypeLib#Version
(x86) HKCR\Interface\{6897971B-AD87-430E-9027-A925E58049C2}
(x86) HKCR\Interface\{6897971B-AD87-430E-9027-A925E58049C2}\ProxyStubClsid32
(x86) HKCR\Interface\{6897971B-AD87-430E-9027-A925E58049C2}\TypeLib
(x86) HKCR\Interface\{6897971B-AD87-430E-9027-A925E58049C2}\TypeLib#Version
(x86) HKCR\Interface\{6F3739F2-BD77-4A12-9299-2EDB55D1CA50}
(x86) HKCR\Interface\{6F3739F2-BD77-4A12-9299-2EDB55D1CA50}\ProxyStubClsid32
(x86) HKCR\Interface\{6F3739F2-BD77-4A12-9299-2EDB55D1CA50}\TypeLib
(x86) HKCR\Interface\{6F3739F2-BD77-4A12-9299-2EDB55D1CA50}\TypeLib#Version
(x86) HKCR\Interface\{9AF3772C-F0D1-4D1E-A163-3ED5A60FFB0E}
(x86) HKCR\Interface\{9AF3772C-F0D1-4D1E-A163-3ED5A60FFB0E}\ProxyStubClsid32
(x86) HKCR\Interface\{9AF3772C-F0D1-4D1E-A163-3ED5A60FFB0E}\TypeLib
(x86) HKCR\Interface\{9AF3772C-F0D1-4D1E-A163-3ED5A60FFB0E}\TypeLib#Version
(x86) HKCR\Interface\{C5FEC6D8-55A4-4DD2-9A44-380DEF5BD789}
(x86) HKCR\Interface\{C5FEC6D8-55A4-4DD2-9A44-380DEF5BD789}\ProxyStubClsid32
(x86) HKCR\Interface\{C5FEC6D8-55A4-4DD2-9A44-380DEF5BD789}\TypeLib
(x86) HKCR\Interface\{C5FEC6D8-55A4-4DD2-9A44-380DEF5BD789}\TypeLib#Version
(x86) HKCR\Interface\{C909C68C-AD70-469E-8221-39EBF448912E}
(x86) HKCR\Interface\{C909C68C-AD70-469E-8221-39EBF448912E}\ProxyStubClsid32
(x86) HKCR\Interface\{C909C68C-AD70-469E-8221-39EBF448912E}\TypeLib
(x86) HKCR\Interface\{C909C68C-AD70-469E-8221-39EBF448912E}\TypeLib#Version
(x86) HKCR\Interface\{D37E6C37-EF1E-4115-A207-50966ACAC9EF}
(x86) HKCR\Interface\{D37E6C37-EF1E-4115-A207-50966ACAC9EF}\ProxyStubClsid32
(x86) HKCR\Interface\{D37E6C37-EF1E-4115-A207-50966ACAC9EF}\TypeLib
(x86) HKCR\Interface\{D37E6C37-EF1E-4115-A207-50966ACAC9EF}\TypeLib#Version
(x86) HKCR\Interface\{D4B44BED-CD6C-47E7-BDD3-6F0FC0FA5A88}
(x86) HKCR\Interface\{D4B44BED-CD6C-47E7-BDD3-6F0FC0FA5A88}\ProxyStubClsid32
(x86) HKCR\Interface\{D4B44BED-CD6C-47E7-BDD3-6F0FC0FA5A88}\TypeLib
(x86) HKCR\Interface\{D4B44BED-CD6C-47E7-BDD3-6F0FC0FA5A88}\TypeLib#Version
(x86) HKCR\Interface\{DAFEC24F-C007-4116-95AC-E74CA5D35175}
(x86) HKCR\Interface\{DAFEC24F-C007-4116-95AC-E74CA5D35175}\ProxyStubClsid32
(x86) HKCR\Interface\{DAFEC24F-C007-4116-95AC-E74CA5D35175}\TypeLib
(x86) HKCR\Interface\{DAFEC24F-C007-4116-95AC-E74CA5D35175}\TypeLib#Version
[/code]

eset scan log
C:\Program Files (x86)\Thunder Network\Thunder\Program\Thunder.exe	probably a variant of Win32/Hupigon.MIKLHTW trojan	cleaned by deleting - quarantined
C:\Program Files (x86)\Thunder Network\Thunder\ThunderInstaller\Thunder7.1.6.2194.exe	probably a variant of Win32/Hupigon.MIKLHTW trojan	deleted - quarantined

Edited by boopme, 16 September 2011 - 07:02 PM.


#4 boopme

boopme

    To Insanity and Beyond


  • Global Moderator
  • 73,490 posts
  • OFFLINE
  •  
  • Gender:Male
  • Location:NJ USA
  • Local time:02:31 AM

Posted 16 September 2011 - 07:07 PM

Update MSE and run it again to see.
Hupigon (now removed) is anasty downloader.


Please download the TDSS Rootkit Removing Tool (TDSSKiller.exe) and save it to your Desktop. <-Important!!!
Be sure to download TDSSKiller.exe (v2.5.9.0) from Kaspersky's website and not TDSSKiller.zip which appears to be an older version 2.3.2.2 of the tool.
  • Double-click on TDSSKiller.exe to run the tool for known TDSS variants.
    Vista/Windows 7 users right-click and select Run As Administrator.
  • If TDSSKiller does not run, try renaming it.
  • To do this, right-click on TDSSKiller.exe, select Rename and give it a random name with the .com file extension (i.e. 123abc.com). If you do not see the file extension, please refer to How to change the file extension.
  • Click the Start Scan button.
  • Do not use the computer during the scan
  • If the scan completes with nothing found, click Close to exit.
  • If malicious objects are found, they will show in the Scan results - Select action for found objects and offer three options.
  • Ensure Cure (default) is selected, then click Continue > Reboot now to finish the cleaning process.
  • A log file named TDSSKiller_version_date_time_log.txt (i.e. TDSSKiller.2.4.0.0_27.07.2010_09.o7.26_log.txt) will be created and saved to the root directory (usually Local Disk C:).
  • Copy and paste the contents of that file in your next reply.

How do I get help? Who is helping me?For the time will come when men will not put up with sound doctrine. Instead, to suit their own desires, they will gather around them a great number of teachers to say what their itching ears want to hear....Become a BleepingComputer fan: Facebook




0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users