1. Computer problem? Tech Support Guy is completely free -- paid for by advertisers and donations. Click here to join today! If you're new to Tech Support Guy, we highly recommend that you visit our Guide for New Members.

Solved: Cannot click some buttons!

Discussion in 'Windows 7' started by sillypoo284, Sep 24, 2013.

Thread Status:
Not open for further replies.
Advertisement
  1. sillypoo284

    sillypoo284 Thread Starter

    Joined:
    Sep 24, 2013
    Messages:
    6
    Hey Tech Support guy!!!!


    This has been going on for a while now! I can't click many buttons, specifically the javascript ones.

    This applies to all users on all browsers...


    Example. Tinypic.com, can't click "upload image" after entering in captcha (Uncaught TypeError: Cannot call method 'close' of undefined )

    This happens to some javascript buttons.... they just plain won't worry and it is really bothering!

    Please help me :( asap
     
  2. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Run this and post the log:

    Download Security Check by screen317 from Here or Here.
    Save it to your Desktop.
    Double click SecurityCheck.exe (Vista or Windows 7 users right click and select "Run as Administrator") and follow the onscreen instructions inside of the black box. Press any key when asked.
    A Notepad document should open automatically called checkup.txt; please Copy & Paste the contents of that document into your next reply.
     
  3. sillypoo284

    sillypoo284 Thread Starter

    Joined:
    Sep 24, 2013
    Messages:
    6
    Results of screen317's Security Check version 0.99.73
    Windows 7 Service Pack 1 x64 (UAC is enabled)
    Internet Explorer 10
    ``````````````Antivirus/Firewall Check:``````````````
    Windows Firewall Enabled!
    360杀毒
    WMI entry may not exist for antivirus; attempting automatic update.
    `````````Anti-malware/Other Utilities Check:`````````
    Spybot - Search & Destroy
    Java 7 Update 25
    Adobe Flash Player 11.8.800.94
    Adobe Reader 10.1.7 Adobe Reader out of Date!
    Mozilla Firefox 22.0 Firefox out of Date!
    Google Chrome 29.0.1547.66
    Google Chrome 29.0.1547.76
    ````````Process Check: objlist.exe by Laurent````````
    Spybot Teatimer.exe is disabled!
    Funshion Online Funshion Funshion.exe
    Funshion Online Funshion FunshionService.exe
    `````````````````System Health check`````````````````
    Total Fragmentation on Drive C: 1%
    ````````````````````End of Log``````````````````````


    Does this help??? :(

    TY for the reply!




    #### P.S. the problem is still not fixed :(
     
  4. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    That scan was just to give me some information on your security software, it wasn't expected to fix anything.

    I can see you have the latest version of Java installed which is something I needed to check, but it isn't all that clear what Anti Virus you are using, have you got Norton 360?

    I can see you have Spybot S&D, it is no longer a recommended program please uninstall it and replace it with SuperAntiSpyware

    Please run this scan and post both the logs produced:

    Please download Farbar Recovery Scan Tool (FRST) and save it to your desktop. Do not get tempted to download Regclean Pro.

    Note: You need to run the version compatible with your system. If you are not sure which version applies to your system download both of them and try to run them. Only one of them will run on your system, that will be the right version.

    • Double-click to run it. When the tool opens click Yes to disclaimer.
    • Press Scan button.
    • It will make a log (FRST.txt) in the same directory the tool is run. Please copy and paste it to your reply.
    • The first time the tool is run, it makes another log (Addition.txt). Please also copy and paste that into your reply.
     
  5. sillypoo284

    sillypoo284 Thread Starter

    Joined:
    Sep 24, 2013
    Messages:
    6
  6. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Additional scan result of Farbar Recovery Scan Tool (x64) Version: 27-09-2013
    Ran by User at 2013-09-26 19:33:24
    Running from D:\Sophia\New Folder\New folder
    Boot Mode: Normal
    ==========================================================


    ==================== Security Center ========================

    AV: 360杀毒 (Enabled - Up to date) {6F7A6B22-2309-7CD0-AF79-D11A4916C60C}
    AS: Windows Defender (Enabled - Up to date) {D68DDC3A-831F-4fae-9E44-DA132C1ACF46}
    AS: Spybot - Search and Destroy (Disabled - Out of date) {9BC38DF1-3CCA-732D-A930-C1CA5F20A4B0}

    ==================== Installed Programs ======================

    ĀµTorrent (x32 Version: 3.2.0)
    360杀毒 (x32 Version: 4.2.1.4085)
    Adobe AIR (x32 Version: 3.3.0.3670)
    Adobe Download Assistant (x32 Version: 1.2.5)
    Adobe Flash Player 11 ActiveX (x32 Version: 11.8.800.94)
    Adobe Flash Player 11 Plugin (x32 Version: 11.8.800.168)
    Adobe Photoshop CS6 (x32 Version: 13.0)
    Adobe Photoshop Elements 8.0 (x32 Version: 8.0)
    Adobe Reader X (10.1.7) (x32 Version: 10.1.7)
    Adobe Shockwave Player 11.6 (x32 Version: 11.6.7.637)
    Amazon Kindle (HKCU)
    Apple Application Support (x32 Version: 2.3.3)
    Apple Mobile Device Support (Version: 6.1.0.13)
    Apple Software Update (x32 Version: 2.1.3.127)
    Atheros Communications Inc.(R) AR81Family Gigabit/Fast Ethernet Driver (x32 Version: 1.0.2.43)
    Audacity 2.0 (x32)
    Autodesk SketchBookExpress 2011 (x32 Version: 5.00.0000)
    Bamboo (Version: 5.2.5-5)
    Bamboo Dock (x32 Version: 4.0)
    Bamboo Dock (x32 Version: 4.1.0)
    Bonjour (Version: 3.0.0.10)
    BRAdmin Professional 3 (x32 Version: 3.45.0007)
    Brother MFL-Pro Suite (x32 Version: 1.00)
    Bundled software uninstaller (x32)
    Cisco EAP-FAST Module (x32 Version: 2.2.14)
    Cisco LEAP Module (x32 Version: 1.0.19)
    Cisco PEAP Module (x32 Version: 1.1.6)
    Cold Turkey version 0.8 (Version: 0.8)
    Connect (x32 Version: 1.4.11266.0)
    D3DX10 (x32 Version: 15.4.2368.0902)
    DefaultTab (x32 Version: 2.2.11.0)
    eType version 2.0 (x32 Version: 2.0)
    F.lux (HKCU)
    Facebook Video Calling 1.2.0.287 (x32 Version: 1.2.287)
    Finale NotePad 2012 (x32 Version: 2012..r1.5)
    Free M4a to MP3 Converter 8.1 (x32)
    Free Video to MP3 Converter version 5.0.15.706 (x32 Version: 5.0.15.706)
    GameMaker 8.1 (HKCU)
    GIMP 2.8.2 (Version: 2.8.2)
    Google Chrome (HKCU Version: 29.0.1547.76)
    Google Earth Plug-in (x32 Version: 7.1.1.1888)
    Google Update Helper (x32 Version: 1.3.21.153)
    Intel(R) Control Center (x32 Version: 1.2.1.1007)
    Intel(R) Management Engine Components (x32 Version: 7.0.0.1118)
    Intel(R) Processor Graphics (x32 Version: 8.15.10.2418)
    iTunes (Version: 11.0.2.26)
    Java 7 Update 25 (x32 Version: 7.0.250)
    Java Auto Updater (x32 Version: 2.1.9.5)
    KinoniDrivers 2.8.1 (x32 Version: 2.8.1)
    League of Legends (x32 Version: 1.3)
    Livebrush Mini (x32 Version: 1.5)
    MagicDisc 2.7.106 (x32)
    MapleStory (x32)
    Microsoft .NET Framework 4 Client Profile (Version: 4.0.30319)
    Microsoft Application Error Reporting (Version: 12.0.6015.5000)
    Microsoft Office 2007 Service Pack 3 (SP3) (x32)
    Microsoft Office Access MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Access Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Enterprise 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Excel MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office File Validation Add-In (x32 Version: 14.0.5130.5003)
    Microsoft Office Groove MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Groove Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office InfoPath MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Office 64-bit Components 2007 (Version: 12.0.6612.1000)
    Microsoft Office OneNote MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Outlook MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office PowerPoint MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proof (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proof (French) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proof (Spanish) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Proofing (English) 2007 (x32 Version: 12.0.4518.1014)
    Microsoft Office Proofing Tools 2007 Service Pack 3 (SP3) (x32)
    Microsoft Office Publisher MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Shared 64-bit MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Shared 64-bit Setup Metadata MUI (English) 2007 (Version: 12.0.6612.1000)
    Microsoft Office Shared MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Shared Setup Metadata MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Office Word MUI (English) 2007 (x32 Version: 12.0.6612.1000)
    Microsoft Silverlight (Version: 5.1.20513.0)
    Microsoft SQL Server 2005 Compact Edition [ENU] (x32 Version: 3.1.0000)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.17 (Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x64 9.0.30729.6161 (Version: 9.0.30729.6161)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729 (x32 Version: 9.0.30729)
    Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161 (x32 Version: 9.0.30729.6161)
    Microsoft Visual C++ 2010 x64 Redistributable - 10.0.40219 (Version: 10.0.40219)
    Microsoft Visual C++ 2010 x86 Redistributable - 10.0.40219 (x32 Version: 10.0.40219)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40303)
    Microsoft Visual Studio 2010 Tools for Office Runtime (x64) (Version: 10.0.40308)
    Microsoft_VC80_CRT_x86 (x32 Version: 8.0.50727.4053)
    Mozilla Firefox 22.0 (x86 en-GB) (x32 Version: 22.0)
    Mozilla Maintenance Service (x32 Version: 22.0)
    MSVCRT (x32 Version: 15.4.2862.0708)
    MuseScore 1.3 (x32 Version: 1.3.0)
    Nexon Game Manager (x32)
    Nitro Reader 2 (Version: 2.5.0.45)
    NullpoMino version 7.5 (x32 Version: 7.5)
    ON_OFF Charge B11.0110.1 (x32 Version: 1.00.0001)
    osu! (x32 Version: 0.0.0.0)
    OverDrive Media Console (x32 Version: 3.2.20)
    Pando Media Booster (x32 Version: 2.6.0.7)
    PCSX2 - Playstation 2 Emulator (x32)
    PDF Settings CS6 (x32 Version: 11.0)
    PrimoPDF -- brought to you by Nitro PDF Software (x32 Version: 5)
    QQ影音2.8 (HKCU Version: 2.8)
    QuikIO (x32 Version: 1.0.4)
    Realtek High Definition Audio Driver (x32 Version: 6.0.1.6423)
    SdDUpdService v1.9.0.6 (x32 Version: 1.9.0.6)
    Sibelius 6 (x32 Version: 6.0.0)
    Sid Meier's Civilization 4 (x32 Version: 1.00.0000)
    Sid Meier's Civilization 4 (x32 Version: 1.09)
    Skype™ 6.3 (x32 Version: 6.3.107)
    SUPERAntiSpyware (Version: 5.6.1032)
    swMSM (x32 Version: 12.0.0.1)
    TP-LINK 150Mbps Mini Wireless N USB Adapter Driver (x32 Version: )
    Unity Web Player (HKCU Version: )
    Update for 2007 Microsoft Office System (KB967642) (x32)
    Update for Microsoft .NET Framework 4 Client Profile (KB2468871) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2533523) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2600217) (x32 Version: 1)
    Update for Microsoft .NET Framework 4 Client Profile (KB2836939) (x32 Version: 1)
    Update for Microsoft Office 2007 Help for Common Features (KB963673) (x32)
    Update for Microsoft Office 2007 suites (KB2596620) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2596660) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2596848) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2687493) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2767849) 32-Bit Edition (x32)
    Update for Microsoft Office 2007 suites (KB2767916) 32-Bit Edition (x32)
    Update for Microsoft Office Access 2007 Help (KB963663) (x32)
    Update for Microsoft Office Excel 2007 Help (KB963678) (x32)
    Update for Microsoft Office Infopath 2007 Help (KB963662) (x32)
    Update for Microsoft Office OneNote 2007 Help (KB963670) (x32)
    Update for Microsoft Office Outlook 2007 (KB2687404) 32-Bit Edition (x32)
    Update for Microsoft Office Outlook 2007 Help (KB963677) (x32)
    Update for Microsoft Office Outlook 2007 Junk Email Filter (KB2825641) 32-Bit Edition (x32)
    Update for Microsoft Office Powerpoint 2007 Help (KB963669) (x32)
    Update for Microsoft Office Publisher 2007 Help (KB963667) (x32)
    Update for Microsoft Office Script Editor Help (KB963671) (x32)
    Update for Microsoft Office Word 2007 Help (KB963665) (x32)
    WBC Engine 2.0.0.429
    WebTablet FB Plugin (x32 Version: 2.0.0.1)
    WebTablet IE Plugin (x32 Version: 1.1.0.12)
    WebTablet Netscape Plugin (x32 Version: 1.1.0.10)
    Windows Live Communications Platform (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3502.0922)
    Windows Live Essentials (x32 Version: 15.4.3555.0308)
    Windows Live ID Sign-in Assistant (Version: 7.250.4232.0)
    Windows Live Installer (x32 Version: 15.4.3502.0922)
    Windows Live Language Selector (Version: 15.4.3555.0308)
    Windows Live Movie Maker (x32 Version: 15.4.3502.0922)
    Windows Live Photo Common (x32 Version: 15.4.3502.0922)
    Windows Live Photo Gallery (x32 Version: 15.4.3502.0922)
    Windows Live PIMT Platform (x32 Version: 15.4.3508.1109)
    Windows Live SOXE (x32 Version: 15.4.3502.0922)
    Windows Live SOXE Definitions (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform (x32 Version: 15.4.3502.0922)
    Windows Live UX Platform Language Pack (x32 Version: 15.4.3508.1109)
    WinRAR 4.00 beta 7 (64-bit) (Version: 4.00.7)
    WinX Free MOV to MP4 Converter 4.1.10 (x32)
    Xfire (remove only) (x32)
    Yontoo 1.10.02 (Version: 1.10.02)
    搜狗拼音输入法 6.5正式版 (x32 Version: 6.5.0.9181)
    搜狗高速浏览器 4.0.2.7425 (HKCU Version: 4.0.2.7425)
    盛大下载器 v1.9 (x32 Version: 1.9.0.6)
    腾讯QQ2012 (x32 Version: 1.84.3562.0)
    腾讯视频 (x32 Version: 8.44.6467.0)
    风行 (x32 Version: 2.4.2.56)

    ==================== Restore Points =========================


    ==================== Hosts content: ==========================

    2009-07-13 22:34 - 2013-05-23 22:52 - 00000849 ____R C:\Windows\system32\Drivers\etc\hosts



    ==================== Scheduled Tasks (whitelisted) =============

    Task: {056BD15C-C5AA-44F2-B251-18BB3ED3BC23} - System32\Tasks\GoogleUpdateTaskMachineUA => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
    Task: {116AD699-47BE-49A8-BB27-0B2B99BA970D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8 => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-23] (SUPERAdBlocker.com)
    Task: {13328CE4-0FD3-438C-8F14-957EF8FC03B4} - System32\Tasks\{3C37E3E4-C872-47C5-906F-9440E01938E2} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.2.0.106&LastError=12002
    Task: {18694211-46DC-47AB-8A15-AD4F929591B6} - System32\Tasks\AdobeAAMUpdater-1.0-User-PC-User => C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [2012-04-04] (Adobe Systems Incorporated)
    Task: {19F81304-68B3-4326-93E5-667B7E27388F} - System32\Tasks\GoogleUpdateTaskMachineCore => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe [2013-01-16] (Google Inc.)
    Task: {216512F0-2D9F-4E1E-B824-2DC8F7AF89C4} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
    Task: {30F25DEF-B46E-4ABF-819E-8E1C5FF5973D} - System32\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b => C:\Program Files\SUPERAntiSpyware\SASTask.exe [2013-05-23] (SUPERAdBlocker.com)
    Task: {4B31B01C-0C86-47ED-B657-6E591D16A5AB} - System32\Tasks\Apple\AppleSoftwareUpdate => C:\Program Files (x86)\Apple Software Update\SoftwareUpdate.exe [2011-06-01] (Apple Inc.)
    Task: {5E154C64-767B-40CA-8BEE-E28287612C89} - System32\Tasks\Microsoft\Windows\TabletPC\InputPersonalization => C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe [2009-07-13] (Microsoft Corporation)
    Task: {7427D583-9FBD-435D-BC08-754272F9F82A} - System32\Tasks\VisualBeeRecovery => C:\Users\User\AppData\Local\VisualBeeExe\VisualBeeRecovery.exe
    Task: {93EC9679-112B-436D-856F-E3D4310690EC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
    Task: {963D43F7-DCA6-4462-A521-7D507360EFE3} - System32\Tasks\Microsoft\Windows\Windows Activation Technologies\ValidationTask => C:\Windows\system32\Wat\WatAdminSvc.exe [2012-06-03] (Microsoft Corporation)
    Task: {AB037442-D5F4-4C2C-8C30-D4728229D5FB} - System32\Tasks\SogouImeMgr => C:\Program Files (x86)\SogouInput\SogouExe\SogouExe.exe [2013-03-11] (Sogou.com Inc.)
    Task: {B4E511D7-0671-4EC6-81CC-B4919398C09F} - System32\Tasks\Run RoboForm TaskBar Icon => C:\Program Files (x86)\Siber Systems\AI RoboForm\RoboTaskBarIcon.exe
    Task: {B79AB84F-4522-4B5E-A7D2-2BDDC74E5E33} - System32\Tasks\Open URL by RoboForm => C:\Windows\System32\url.dll [2013-05-10] (Microsoft Corporation)
    Task: {E1615CE9-83DD-4155-B0E8-B72FC5BAE1DC} - System32\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [2012-08-10] (Facebook Inc.)
    Task: {E709EC77-E95D-46C0-AB70-D2DB651A7FA6} - System32\Tasks\Adobe Flash Player Updater => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe [2013-09-26] (Adobe Systems Incorporated)
    Task: {F7243FB5-D941-4E53-8E13-4F182DDC6E4E} - System32\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [2012-06-02] (Google Inc.)
    Task: {FD7F0990-9BDA-4FD8-A506-34DE2F5A36A4} - System32\Tasks\{44AB732E-04D0-4A74-862F-1EC532388A83} => Chrome.exe http://www.skype.com/go/downloading?source=lightinstaller&ver=6.2.0.106&LastError=-3
    Task: C:\Windows\Tasks\Adobe Flash Player Updater.job => C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA.job => C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job => C:\Program Files (x86)\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA.job => C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    Task: C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b.job => C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe

    ==================== Loaded Modules (whitelisted) =============

    2012-07-31 21:48 - 2011-09-08 17:48 - 01183096 _____ () C:\Program Files\Tablet\Pen\libxml2.dll
    2012-06-02 16:18 - 2011-02-22 17:01 - 00164864 _____ () C:\Program Files\WinRAR\rarext.dll
    2012-06-02 16:09 - 2011-06-09 22:36 - 00094208 _____ () C:\Windows\System32\IccLibDll_x64.dll
    2013-08-22 08:00 - 2013-09-02 03:34 - 00231600 _____ () C:\Program Files (x86)\360\360sd\FsrMgr.dll
    2012-11-28 15:13 - 2012-11-28 15:13 - 00087952 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\zlib1.dll
    2012-11-28 15:13 - 2012-11-28 15:13 - 01242512 _____ () C:\Program Files (x86)\Common Files\Apple\Apple Application Support\libxml2.dll
    2013-01-23 09:06 - 2013-01-23 09:06 - 00147456 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\avutil-51.dll
    2013-01-23 09:06 - 2013-01-23 09:06 - 03703808 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\avcodec-53.dll
    2013-01-23 09:06 - 2013-01-23 09:06 - 00224256 _____ () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\swscale-0.dll
    2013-07-04 01:13 - 2013-07-04 01:13 - 00416592 _____ () C:\Program Files (x86)\SdDUpdService\SdDUpdateService.dll
    2013-07-04 01:13 - 2013-07-04 01:13 - 00086352 _____ () C:\Program Files (x86)\SdDUpdService\SdDLogSendUDP.dll
    2013-07-03 08:06 - 2013-07-03 08:06 - 00081416 _____ () C:\Program Files (x86)\SdDUpdService\sddutils.dll
    2013-07-04 01:13 - 2013-07-04 01:13 - 00076624 _____ () C:\Program Files (x86)\SdDUpdService\SddRun.dll
    2011-09-01 21:54 - 2011-09-01 21:54 - 00160496 _____ () C:\Program Files (x86)\Funshion Online\Funshion\GetMACAddress.dll
    2013-07-04 01:13 - 2013-07-04 01:13 - 00086352 _____ () C:\Program Files (x86)\盛大网络\盛大下载器\SdDLogSendUDP.dll
    2011-09-01 21:54 - 2011-09-01 21:54 - 00299760 _____ () C:\Program Files (x86)\Funshion Online\Funshion\Dump.dll
    2011-09-01 22:04 - 2011-09-01 22:04 - 00140016 _____ () C:\Program Files (x86)\Funshion Online\Funshion\fpsrv.dll
    2011-09-01 22:04 - 2011-09-01 22:04 - 00230128 _____ () C:\Program Files (x86)\Funshion Online\Funshion\fptassrv.dll
    2013-09-20 19:56 - 2013-09-16 23:20 - 00709584 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\libglesv2.dll
    2013-09-20 19:56 - 2013-09-16 23:20 - 00099792 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\libegl.dll
    2013-09-20 19:56 - 2013-09-16 23:21 - 04053456 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll
    2013-09-20 19:56 - 2013-09-16 23:21 - 00410576 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll
    2013-09-20 19:56 - 2013-09-16 23:20 - 01604560 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\ffmpegsumo.dll
    2013-05-11 00:02 - 2013-06-07 19:00 - 03294616 _____ () C:\Program Files (x86)\Mozilla Firefox\mozjs.dll
    2013-09-20 19:56 - 2013-09-16 23:21 - 13611984 _____ () C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\PepperFlash\pepflashplayer.dll
    2013-09-26 19:23 - 2013-09-26 19:23 - 16177544 _____ () C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll

    ==================== Alternate Data Streams (whitelisted) =========

    AlternateDataStreams: C:\ProgramData\TEMP:C8B8CEBD

    ==================== Safe Mode (whitelisted) ===================


    ==================== Faulty Device Manager Devices =============


    ==================== Event log errors: =========================

    Application errors:
    ==================
    Error: (09/26/2013 07:23:41 PM) (Source: Bonjour Service) (User: )
    Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.

    Error: (09/26/2013 07:21:06 PM) (Source: Application Error) (User: )
    Description: Faulting application name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x51a70ae7
    Faulting module name: DefaultTabSearch.exe, version: 0.0.0.0, time stamp: 0x51a70ae7
    Exception code: 0xc0000005
    Fault offset: 0x00002db0
    Faulting process id: 0x750
    Faulting application start time: 0xDefaultTabSearch.exe0
    Faulting application path: DefaultTabSearch.exe1
    Faulting module path: DefaultTabSearch.exe2
    Report Id: DefaultTabSearch.exe3

    Error: (09/25/2013 11:39:21 PM) (Source: Application Error) (User: )
    Description: Faulting application name: 360sd.exe, version: 4.2.1.4086, time stamp: 0x521ec0c1
    Faulting module name: ole32.dll, version: 6.1.7601.17514, time stamp: 0x4ce7c92c
    Exception code: 0xc0000005
    Fault offset: 0x000000000000d89e
    Faulting process id: 0x764
    Faulting application start time: 0x360sd.exe0
    Faulting application path: 360sd.exe1
    Faulting module path: 360sd.exe2
    Report Id: 360sd.exe3

    Error: (09/25/2013 11:26:32 PM) (Source: Bonjour Service) (User: )
    Description: Client application bug: DNSServiceResolve(mobile._epoccam._tcp.local.) active for over two minutes. This places considerable burden on the network.

    Error: (09/24/2013 11:31:55 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6120730

    Error: (09/24/2013 11:31:55 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6120730

    Error: (09/24/2013 11:31:55 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second

    Error: (09/24/2013 11:31:54 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledSPRetry 6119716

    Error: (09/24/2013 11:31:54 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: m->NextScheduledEvent 6119716

    Error: (09/24/2013 11:31:54 PM) (Source: Bonjour Service) (User: )
    Description: Task Scheduling Error: Continuously busy for more than a second


    System errors:
    =============
    Error: (09/26/2013 07:21:07 PM) (Source: Service Control Manager) (User: )
    Description: The DefaultTabSearch service terminated unexpectedly. It has done this 1 time(s).

    Error: (09/26/2013 07:21:06 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    360netmon

    Error: (09/26/2013 07:20:54 PM) (Source: Service Control Manager) (User: )
    Description: The KCTRP service failed to start due to the following error:
    %%2

    Error: (09/26/2013 07:20:37 PM) (Source: Application Popup) (User: )
    Description: \SystemRoot\SysWow64\DRIVERS\360netmon.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    Error: (09/26/2013 00:04:48 AM) (Source: volsnap) (User: )
    Description: The shadow copies of volume C: were aborted because the shadow copy storage could not grow due to a user imposed limit.

    Error: (09/25/2013 11:23:41 PM) (Source: Service Control Manager) (User: )
    Description: The following boot-start or system-start driver(s) failed to load:
    360netmon

    Error: (09/25/2013 11:23:28 PM) (Source: Service Control Manager) (User: )
    Description: The KCTRP service failed to start due to the following error:
    %%2

    Error: (09/25/2013 11:23:14 PM) (Source: cdrom) (User: )
    Description: The driver detected a controller error on \Device\CdRom1.

    Error: (09/25/2013 11:23:09 PM) (Source: Application Popup) (User: )
    Description: \SystemRoot\SysWow64\DRIVERS\360netmon.sys has been blocked from loading due to incompatibility with this system. Please contact your software vendor for a compatible version of the driver.

    Error: (09/22/2013 11:01:30 PM) (Source: Service Control Manager) (User: )
    Description: The 盛大在线自动更新服务 service terminated unexpectedly. It has done this 1 time(s).


    Microsoft Office Sessions:
    =========================
    Error: (01/27/2013 07:14:42 PM) (Source: Microsoft Office 12 Sessions)(User: )
    Description: ID: 3, Application Name: Microsoft Office PowerPoint, Application Version: 12.0.6600.1000, Microsoft Office Version: 12.0.6612.1000. This session lasted 13 seconds with 0 seconds of active time. This session ended with a crash.


    ==================== Memory info ===========================

    Percentage of memory in use: 81%
    Total physical RAM: 4013.3 MB
    Available physical RAM: 748.64 MB
    Total Pagefile: 8024.79 MB
    Available Pagefile: 4005.63 MB
    Total Virtual: 8192 MB
    Available Virtual: 8191.82 MB

    ==================== Drives ================================

    Drive c: () (Fixed) (Total:58.99 GB) (Free:6.91 GB) NTFS
    Drive d: () (Fixed) (Total:200.2 GB) (Free:159.52 GB) NTFS
    Drive e: () (Fixed) (Total:206.47 GB) (Free:206.12 GB) NTFS
    Drive g: (CIVILIZATION4) (CDROM) (Total:1.35 GB) (Free:0 GB) CDFS
    Drive h: () (Removable) (Total:0.94 GB) (Free:0.66 GB) FAT

    ==================== MBR & Partition Table ==================

    ========================================================
    Disk: 0 (MBR Code: Windows 7 or 8) (Size: 466 GB) (Disk ID: FEC001F3)
    Partition 1: (Active) - (Size=100 MB) - (Type=07 NTFS)
    Partition 2: (Not Active) - (Size=59 GB) - (Type=07 NTFS)
    Partition 3: (Not Active) - (Size=200 GB) - (Type=07 NTFS)
    Partition 4: (Not Active) - (Size=206 GB) - (Type=07 NTFS)

    ========================================================
    Disk: 1 (MBR Code: Windows XP) (Size: 968 MB) (Disk ID: C3072E18)
    Partition 1: (Active) - (Size=967 MB) - (Type=06)

    ==================== End Of Log ============================









    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013
    Ran by User (administrator) on USER-PC on 26-09-2013 19:29:13
    Running from D:\Sophia\New Folder\New folder
    Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    (360.cn) C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe
    (brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe
    (Adobe Systems Incorporated) D:\Sophia\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    (brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe
    (Sogou.com Inc.) C:\PROGRA~2\SOGOUI~1\650~1.918\SGTool.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () D:\Brother\bratimer.exe
    () C:\Users\User\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe
    () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
    () C:\Program Files (x86)\SdDUpdService\SdDUpdService.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    () C:\Program Files\WBC Engine\ExtensionUpdaterService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Funshion Online Technologies Ltd.) C:\Program Files (x86)\Funshion Online\Funshion\Funshion.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    () C:\Program Files (x86)\盛大网络\盛大下载器\sdDown.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
    (Funshion Online Technologies Ltd.) C:\Program Files (x86)\Funshion Online\Funshion\FunshionService.exe
    (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    (360.cn) C:\Program Files (x86)\360\360sd\360sd.exe
    (http://www.tinydm.com/) C:\Users\User\AppData\Local\DM\TinyDM.exe
    (Sogou.com Inc.) C:\Program Files (x86)\SogouInput\Components\AddressSearch\1.0.0.1224\SGImeGuard.exe
    () C:\Users\User\Local Settings\Apps\F.lux\flux.exe
    (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
    () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
    (360.cn) C:\Program Files (x86)\360\360sd\360rp.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    () C:\Program Files (x86)\盛大网络\盛大下载器\sdPortal.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    (360.cn) C:\Program Files (x86)\360\360safe\safemon\360tray.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Google Inc.) C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe
    (360.cn) C:\Program Files (x86)\360\360sd\360rps.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    () C:\Program Files\SUPERAntiSpyware\sas_enum_cookies.exe
    (Mozilla Corporation) C:\Program Files (x86)\Mozilla Firefox\firefox.exe
    (Sogou.com Inc.) C:\PROGRA~2\SOGOUI~1\650~1.918\SGTool.exe
    (Sogou.com Inc.) C:\PROGRA~2\SOGOUI~1\650~1.918\SGTool.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKCU\...\Run: [360sd] - C:\Program Files (x86)\360\360sd\360sdrun.exe [836536 2013-08-27] (360.cn)
    HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-02] (Google Inc.)
    HKCU\...\Run: [Facebook Update] - C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-10] (Facebook Inc.)
    HKCU\...\Run: [AdobeBridge] - [x]
    HKCU\...\Run: [Tiny download manager] - C:\Users\User\AppData\Local\DM\TinyDM.exe [282624 2013-06-03] (http://www.tinydm.com/)
    HKCU\...\Run: [ImeGuardCom] - C:\Program Files (x86)\SogouInput\Components\AddressSearch\1.0.0.1224\SGImeGuard.exe [347256 2013-09-02] (Sogou.com Inc.)
    HKCU\...\Run: [F.lux] - C:\Users\User\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
    HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-08-14] (SUPERAntiSpyware)
    MountPoints2: {91f6d6ed-5c67-11e2-8ada-902b3401e913} - G:\autorun.exe
    HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Funshion] - C:\Program Files (x86)\Funshion Online\Funshion\Funshion.exe [2507504 2011-09-01] (Funshion Online Technologies Ltd.)
    HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-23] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-12-11] ()
    HKLM-x32\...\Run: [ColdTurkey_notify] - C:\Program Files\ColdTurkey\ct_notify.exe
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
    HKLM-x32\...\Run: [盛大下载器自动启动] - C:\Program Files (x86)\盛大网络\盛大下载器\sdDown.exe [1525584 2013-07-04] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
    Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
    ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    ProxyServer: 202.99.21.162:8081
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://search.conduit.com?SearchSource=10&CUI=UN98055066210479607&ctid=CT3273919
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDB78304BFD40CD01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    SearchScopes: HKCU - DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = http://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=baidudg
    SearchScopes: HKCU - {1090D75D-59F7-4e74-885D-83B375F14BB6} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
    SearchScopes: HKCU - {1267CE7D-146F-41B9-9F7E-D61D5B75BAD0} URL = http://www.mysearchresults.com/search?c=2355&t=01&q={searchTerms}
    SearchScopes: HKCU - {6BE5773C-F02D-4494-B33C-A4C983426D7D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3273919&CUI=UN98055066210479607
    SearchScopes: HKCU - {A531D99C-5A22-449b-83DA-872725C6D0ED} URL = http://search.alot.com/web?q={searchTerms}&pr=prov&client_id=C90E72F001CD4132000D6B50&install_time=2012-06-03T02:45:44Z&src_id=30783&camp_id=3298&tb_version=1.2.1000.1(B)
    SearchScopes: HKCU - {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = http://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=baidudg
    SearchScopes: HKCU - {D7A843F1-3A51-45D5-A3EC-E5D39BA29682} URL = http://search.conduit.com/Results.aspx?ctid=CT3300032&SearchSource=45&q={searchTerms}
    SearchScopes: HKCU - {EBECA4F5-3387-402b-BBC9-F47E9FA3F17D} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
    BHO: WBC Engine - {14DD0E04-D4F6-45d2-A958-F361FBD4F64F} - C:\Program Files\WBC Engine\Extension64.dll ()
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: 360sdbho Class - {0F4BF955-A127-41B7-A998-369904AA2578} - C:\Program Files (x86)\360\360sd\360sdbho.dll (360.cn)
    BHO-x32: 14D59188-D041-0D39-9176-B5D0DD6DF6C0 Class - {14D59188-D041-0D39-9176-B5D0DD6DF6C0} - C:\Program Files (x86)\Funshion Online\Funshion\FunshionAddr\funshionAddr.dll ()
    BHO-x32: WBC Engine - {14DD0E04-D4F6-45d2-A958-F361FBD4F64F} - C:\Program Files\WBC Engine\Extension32.dll ()
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: DefaultTab Browser Helper - {7F6AFBF1-E065-4627-A2FD-810366367D01} - C:\Users\User\AppData\Roaming\DefaultTab\DefaultTab\DefaultTabBHO.dll (Search Results LLC.)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360safe\safemon\safemon.dll (360.cn)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    BHO-x32: Yontoo - {FD72061E-9FDE-484D-A58A-0BAB4151CAD8} - C:\Program Files (x86)\Yontoo\YontooIEClient.dll (Yontoo LLC)
    DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198
    Tcpip\..\Interfaces\{DCAACDAF-59C8-45A9-9473-BB00C54BCEB5}: [NameServer]208.67.220.220,208.67.222.222

    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973
    FF NetworkProxy: "ftp", "192.208.182.215"
    FF NetworkProxy: "ftp_port", 443
    FF NetworkProxy: "http", "192.208.182.215"
    FF NetworkProxy: "http_port", 443
    FF NetworkProxy: "socks_remote_dns", true
    FF NetworkProxy: "ssl", "192.208.182.215"
    FF NetworkProxy: "ssl_port", 443
    FF NetworkProxy: "type", 1
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @qq.com/npqscall - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
    FF Plugin-x32: @qq.com/QQlive - C:\Program Files (x86)\Tencent\QQLive\LiveOcx\npQQLive.dll (Tencent)
    FF Plugin-x32: @qq.com/QQPhotoDrawEx - C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll ()
    FF Plugin-x32: @qq.com/QzoneMusic - C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll (Tencent)
    FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.41\Bin\npSSOAxCtrlForPTLogin.dll (Tencent)
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF SearchPlugin: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\searchplugins\SweetIM Search.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
    FF Extension: FoxyProxy Basic - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\Extensions\[email protected]
    FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
    FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox
    FF HKLM\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox
    FF Extension: WBC Engine - C:\Program Files\WBC Engine\Firefox
    FF HKLM-x32\...\Firefox\Extensions: [[email protected]] - C:\Program Files (x86)\Babylon\Babylon-Pro\Utils\[email protected]
    FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox
    FF HKLM-x32\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox
    FF Extension: WBC Engine - C:\Program Files\WBC Engine\Firefox
    FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Local\Youdao\Dict\Application\stable\extensions\firefox

    Chrome:
    =======
    CHR HomePage: hxxp://mail.yahoo.com/
    CHR RestoreOnStartup: "hxxp://gmail.com/", "hxxp://mail.yahoo.com/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\gcswf32.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (QQ2011) - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll (Tencent)
    CHR Plugin: (NPTXSSO Dynamic Link Library) - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll ()
    CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
    CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
    CHR Extension: (Swag Bucks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak\10.19.2.505_0
    CHR Extension: (Flash render quality) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbkhhhlbomjpenealmjakmfmlgnbimep\0.10.1.10_0
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (iMacros for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.6_0
    CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_0
    CHR Extension: (Facebook Unseen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjpoahaombpolfifdahikhbdnjjeifk\1.1.1.3_0
    CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
    CHR Extension: (FB unseen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.7.12_0
    CHR Extension: (DefaultTab) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc\1.1.23_0
    CHR Extension: (Yontoo) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc\1.0.2_0
    CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
    CHR Extension: (WBC Engine) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nnbpbpdfjjpcnhdjhnbdfakncjnjenlk\2.0.0.429_0
    CHR Extension: (AutoZoom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdkpkoaonnchdakgkmmcmnihhhgbjch\0.9.8_0
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
    CHR HKLM-x32\...\Chrome\Extension: [aohddidmgooofkgohkbkaohadkolgejj] - C:\Users\User\AppData\Local\Youdao\Dict\Application\stable\YDChromeTextExtractor.crx
    CHR HKLM-x32\...\Chrome\Extension: [apjkpjchfbckhjhokinlgdbmibpbbjak] - C:\Users\User\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx
    CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx
    CHR HKLM-x32\...\Chrome\Extension: [jlmocbacnenfhofldeekeghljicopfik] - C:\Users\User\AppData\Local\CRE\jlmocbacnenfhofldeekeghljicopfik.crx
    CHR HKLM-x32\...\Chrome\Extension: [kdidombaedgpfiiedeimiebkmbilgmlc] - C:\Program Files (x86)\DefaultTab\DefaultTab.crx
    CHR HKLM-x32\...\Chrome\Extension: [niapdbllcanepiiimjjndipklodoedlc] - C:\Program Files (x86)\Yontoo\YontooLayers.crx
    CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) =================

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
    R2 360rp; C:\Program Files (x86)\360\360sd\360rps.exe [369520 2013-01-08] (360.cn)
    R2 AdobeActiveFileMonitor8.0; D:\Sophia\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-10-09] (Adobe Systems Incorporated)
    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    R2 BRA_Scheduler; D:\Brother\bratimer.exe [65536 2010-09-15] ()
    R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
    S2 DefaultTabSearch; C:\Program Files (x86)\DefaultTab\DefaultTabSearch.exe [573952 2013-05-30] ()
    R2 DefaultTabUpdate; C:\Users\User\AppData\Roaming\DefaultTab\DefaultTab\DTUpdate.exe [107520 2013-07-17] ()
    R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-26] ()
    R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [229392 2012-09-13] (Nitro PDF Software)
    S3 scan; C:\Program Files (x86)\360\360sd\Scan.dll [200704 2009-04-22] (S.C. BitDefender S.R.L)
    R2 SdDUpdService; C:\Program Files (x86)\SdDUpdService\SdDUpdService.exe [356176 2013-07-04] ()
    R2 WBC Engine Updater; C:\Program Files\WBC Engine\ExtensionUpdaterService.exe [185856 2013-04-28] ()
    R2 ZhuDongFangYu; C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe [272728 2011-12-30] (360.cn)
    S2 KCTRP; C:\Program Files\ColdTurkey\KCTRP_srv.exe [x]

    ==================== Drivers (Whitelisted) ====================

    R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [71360 2013-07-30] (360.cn)
    R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [274008 2012-02-09] (360安全中心)
    R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [354904 2012-02-20] (360.cn)
    S1 360netmon; C:\Windows\SysWow64\DRIVERS\360netmon.sys [154968 2011-04-07] (360.cn)
    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
    R1 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV64.SYS [190136 2013-05-06] (360.cn)
    R3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows (R) Win 7 DDK provider)
    R3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows (R) Win 7 DDK provider)
    R1 qutmdserv; C:\Windows\System32\drivers\qutmdrv.sys [91184 2010-04-16] (360安全中心)
    S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S1 360netmon; system32\DRIVERS\360netmon.sys [x]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
    S3 gdrv; \??\C:\Windows\gdrv.sys [x]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
    S3 VGPU; System32\drivers\rdvgkmd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-09-26 19:28 - 2013-09-26 19:28 - 00000000 ____D C:\FRST
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003578 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b.job
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8.job
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000000 ____D C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
    2013-09-26 19:26 - 2013-09-26 19:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2013-09-26 19:26 - 2013-09-26 19:26 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2013-09-26 19:26 - 2013-09-26 19:26 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2013-09-26 19:24 - 2013-09-26 19:24 - 00000085 _____ C:\Windows\wininit.ini
    2013-09-26 19:23 - 2013-09-26 19:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-09-26 19:23 - 2013-09-26 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-09-26 19:20 - 2013-09-26 19:20 - 00000000 _RSHD C:\360SANDBOX
    2013-09-26 00:50 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck (1).exe
    2013-09-26 00:50 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Desktop\SecurityCheck.exe
    2013-09-26 00:49 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck.exe
    2013-09-24 00:42 - 2013-09-26 00:06 - 00000873 _____ C:\Users\User\Desktop\proxiecopie.txt
    2013-09-23 22:54 - 2013-09-25 23:49 - 00000515 _____ C:\Users\User\Desktop\proxy and stuff.txt
    2013-09-23 20:42 - 2013-09-23 20:42 - 18779022 _____ C:\Users\User\Downloads\Sequence 01.mp4
    2013-09-22 14:10 - 2013-09-26 19:25 - 00000258 _____ C:\Users\Account\FunShion.ini
    2013-09-22 14:10 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account\AppData\Roaming\Apple Computer
    2013-09-22 14:09 - 2013-09-26 19:24 - 00000000 ____D C:\Users\Account\funshion
    2013-09-22 14:09 - 2013-09-26 19:21 - 00000000 ____D C:\Users\Account\AppData\Local\VirtualStore
    2013-09-22 14:09 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account\AppData\Roaming\Adobe
    2013-09-22 14:09 - 2013-09-22 14:09 - 00001417 _____ C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000884 __RSH C:\Users\Account\ntuser.pol
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\WTablet
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\Wacom
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Local\Adobe
    2013-09-22 14:08 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account
    2013-09-22 14:08 - 2013-09-22 14:08 - 00000020 ___SH C:\Users\Account\ntuser.ini
    2013-09-22 14:08 - 2012-07-31 21:52 - 00000000 ____D C:\Users\Account\AppData\Roaming\Macromedia
    2013-09-22 14:08 - 2012-07-22 22:57 - 00000000 ____D C:\Users\Account\AppData\Local\Microsoft Help
    2013-09-22 14:08 - 2009-07-14 00:54 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2013-09-22 14:08 - 2009-07-14 00:49 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2013-09-17 21:12 - 2013-09-18 19:28 - 00031232 _____ C:\Users\User\Downloads\Section Editor Contact List.xls
    2013-09-17 17:39 - 2013-09-17 17:39 - 03838527 _____ C:\Users\User\Downloads\Chem notes_Sept 16th.zip
    2013-09-13 00:24 - 2013-08-10 01:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-09-13 00:24 - 2013-08-10 01:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-09-13 00:24 - 2013-08-10 01:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-09-13 00:24 - 2013-08-10 01:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-09-13 00:24 - 2013-08-10 01:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-09-13 00:24 - 2013-08-10 01:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-09-13 00:24 - 2013-08-09 23:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-09-13 00:24 - 2013-08-09 23:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-09-13 00:24 - 2013-08-09 23:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-09-13 00:24 - 2013-08-09 23:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-09-13 00:24 - 2013-08-09 22:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-09-13 00:24 - 2013-08-09 22:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-09-13 00:23 - 2013-08-09 23:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-09-12 20:28 - 2013-08-07 21:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-09-12 20:28 - 2013-08-04 22:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2013-09-12 20:28 - 2013-08-01 22:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2013-09-12 20:28 - 2013-08-01 22:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2013-09-12 20:28 - 2013-08-01 22:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2013-09-12 20:28 - 2013-08-01 22:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2013-09-12 20:28 - 2013-08-01 22:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2013-09-12 20:28 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2013-09-12 20:28 - 2013-08-01 22:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2013-09-12 20:28 - 2013-08-01 22:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2013-09-12 20:28 - 2013-08-01 22:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-09-12 20:28 - 2013-08-01 21:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2013-09-12 20:28 - 2013-08-01 21:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-09-12 20:28 - 2013-08-01 21:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2013-09-12 20:28 - 2013-08-01 21:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2013-09-12 20:28 - 2013-08-01 21:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2013-09-12 20:28 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2013-09-12 20:28 - 2013-08-01 20:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-09-12 20:28 - 2013-08-01 20:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-09-12 20:28 - 2013-08-01 20:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-09-12 20:28 - 2013-08-01 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-09-12 20:28 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2013-09-12 20:23 - 2013-07-25 22:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2013-09-12 20:23 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2013-09-12 20:23 - 2013-07-25 21:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-09-12 20:23 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2013-09-10 20:11 - 2013-09-10 20:12 - 00931840 _____ C:\Users\User\Downloads\Error_propagation.ppt
    2013-09-09 21:50 - 2013-09-09 21:52 - 01236162 _____ C:\Users\User\Downloads\Interview (1).m4a
    2013-09-09 21:23 - 2013-09-09 21:23 - 00008748 _____ C:\Users\User\Desktop\Interview.aup
    2013-09-09 21:23 - 2013-09-09 21:23 - 00000000 ____D C:\Users\User\Desktop\Interview_data
    2013-09-09 21:23 - 2013-09-09 21:02 - 01299895 _____ C:\Users\User\Desktop\Broadcast.m4a
    2013-09-09 21:08 - 2013-09-09 21:08 - 00001150 _____ C:\Users\User\Desktop\My Music Tools.lnk
    2013-09-09 21:08 - 2013-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\Free M4a to MP3 Converter
    2013-09-09 21:06 - 2013-09-09 21:07 - 06424632 _____ (ManiacTools.com ) C:\Users\User\Downloads\m4a-to-mp3-converter.exe
    2013-09-09 21:02 - 2013-09-09 21:02 - 01299895 _____ C:\Users\User\Downloads\Number 2.m4a
    2013-09-09 21:02 - 2013-09-09 21:02 - 01224854 _____ C:\Users\User\Downloads\Interview.m4a
    2013-09-09 21:01 - 2013-09-09 21:01 - 00323261 _____ C:\Users\User\Downloads\Part 1 #2.m4a
    2013-09-09 20:38 - 2013-09-09 20:40 - 22308174 _____ (Audacity Team ) C:\Users\User\Downloads\audacity-win-2.0.4.exe
    2013-09-08 16:16 - 2013-09-11 20:42 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux
    2013-09-08 16:16 - 2013-09-08 16:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup.exe
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup (1).exe
    2013-09-07 13:53 - 2013-09-07 13:53 - 00000184 _____ C:\Users\User\Downloads\Tentative Schedule Outline 2013-2014.gdoc
    2013-09-07 12:02 - 2013-09-07 12:02 - 00006926 _____ C:\Users\User\Desktop\Scan Results.130907-1201.txt
    2013-09-07 11:55 - 2013-09-26 19:24 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-09-07 11:55 - 2013-09-11 20:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
    2013-09-07 11:53 - 2013-09-07 11:54 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybotsd-2.1.21-SR2.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-09-07 11:27 - 2013-09-07 11:27 - 00000000 ____D C:\Program Files (x86)\Java
    2013-09-07 11:19 - 2013-09-07 11:19 - 00903080 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u25.exe
    2013-09-07 11:18 - 2013-09-07 11:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Oracle
    2013-09-05 18:20 - 2013-09-05 18:20 - 00066560 _____ (Rekenwonder Software) C:\Users\User\Downloads\revealer.exe
    2013-09-03 16:52 - 2013-09-03 16:52 - 00000000 ____D C:\ProgramData\McAfee
    2013-08-31 20:09 - 2013-09-12 01:00 - 00000000 ____D C:\Users\User\Documents\2013-2014
    2013-08-31 11:34 - 2013-08-31 11:34 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia

    ==================== One Month Modified Files and Folders =======

    2013-09-26 19:31 - 2012-06-02 22:52 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
    2013-09-26 19:29 - 2009-07-14 00:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-09-26 19:29 - 2009-07-14 00:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-09-26 19:28 - 2013-09-26 19:28 - 00000000 ____D C:\FRST
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003578 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b.job
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8.job
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000000 ____D C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
    2013-09-26 19:27 - 2013-09-26 19:26 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2013-09-26 19:26 - 2013-09-26 19:26 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2013-09-26 19:26 - 2013-09-26 19:26 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2013-09-26 19:26 - 2012-06-03 07:00 - 01062003 _____ C:\Windows\WindowsUpdate.log
    2013-09-26 19:26 - 2011-09-02 03:23 - 00002973 _____ C:\Users\User\funshion.ini
    2013-09-26 19:25 - 2013-09-22 14:10 - 00000258 _____ C:\Users\Account\FunShion.ini
    2013-09-26 19:24 - 2013-09-26 19:24 - 00000085 _____ C:\Windows\wininit.ini
    2013-09-26 19:24 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\funshion
    2013-09-26 19:24 - 2013-09-07 11:55 - 00000000 ____D C:\Program Files (x86)\Spybot - Search & Destroy 2
    2013-09-26 19:24 - 2013-02-27 21:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
    2013-09-26 19:23 - 2013-09-26 19:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-09-26 19:23 - 2013-09-26 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-09-26 19:23 - 2012-06-02 16:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-09-26 19:23 - 2012-06-02 16:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-09-26 19:21 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Local\VirtualStore
    2013-09-26 19:21 - 2013-01-16 00:20 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-09-26 19:20 - 2013-09-26 19:20 - 00000000 _RSHD C:\360SANDBOX
    2013-09-26 19:20 - 2012-06-02 16:27 - 02806052 _____ C:\Windows\PFRO.log
    2013-09-26 19:20 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-09-26 19:20 - 2009-07-14 00:51 - 00043940 _____ C:\Windows\setupact.log
    2013-09-26 00:53 - 2012-06-02 22:58 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA.job
    2013-09-26 00:51 - 2013-01-16 00:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-09-26 00:50 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck (1).exe
    2013-09-26 00:50 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Desktop\SecurityCheck.exe
    2013-09-26 00:50 - 2013-09-26 00:49 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck.exe
    2013-09-26 00:34 - 2012-08-10 15:29 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA.job
    2013-09-26 00:06 - 2013-09-24 00:42 - 00000873 _____ C:\Users\User\Desktop\proxiecopie.txt
    2013-09-25 23:49 - 2013-09-23 22:54 - 00000515 _____ C:\Users\User\Desktop\proxy and stuff.txt
    2013-09-25 23:29 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2013-09-24 20:53 - 2012-06-02 22:58 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core.job
    2013-09-24 20:22 - 2012-08-10 15:29 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core.job
    2013-09-23 22:00 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
    2013-09-23 20:42 - 2013-09-23 20:42 - 18779022 _____ C:\Users\User\Downloads\Sequence 01.mp4
    2013-09-23 19:49 - 2012-06-02 16:23 - 00000000 ____D C:\Users\User\AppData\Roaming\360Safe
    2013-09-22 21:33 - 2012-09-19 22:29 - 00000000 ____D C:\Users\User\Desktop\Writing
    2013-09-22 21:32 - 2012-09-08 21:56 - 00096256 ___SH C:\Users\User\Documents\Thumbs.db
    2013-09-22 14:10 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account\AppData\Roaming\Apple Computer
    2013-09-22 14:10 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\Adobe
    2013-09-22 14:10 - 2013-09-22 14:08 - 00000000 ____D C:\Users\Account
    2013-09-22 14:09 - 2013-09-22 14:09 - 00001417 _____ C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000884 __RSH C:\Users\Account\ntuser.pol
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\WTablet
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\Wacom
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Local\Adobe
    2013-09-22 14:08 - 2013-09-22 14:08 - 00000020 ___SH C:\Users\Account\ntuser.ini
    2013-09-20 07:47 - 2013-07-18 21:37 - 00000000 __SHD C:\360Rec
    2013-09-20 07:47 - 2012-06-11 20:52 - 00000000 ____D C:\Program Files\ColdTurkey
    2013-09-18 19:28 - 2013-09-17 21:12 - 00031232 _____ C:\Users\User\Downloads\Section Editor Contact List.xls
    2013-09-17 17:39 - 2013-09-17 17:39 - 03838527 _____ C:\Users\User\Downloads\Chem notes_Sept 16th.zip
    2013-09-16 20:46 - 2012-06-02 16:05 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-16 20:46 - 2012-06-02 16:05 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-09-16 19:50 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
    2013-09-16 19:13 - 2009-07-14 00:45 - 05083416 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-09-13 00:23 - 2013-07-24 23:32 - 00000000 ____D C:\Windows\system32\MRT
    2013-09-13 00:21 - 2013-02-09 23:32 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-09-13 00:21 - 2012-06-02 16:17 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-09-12 01:00 - 2013-08-31 20:09 - 00000000 ____D C:\Users\User\Documents\2013-2014
    2013-09-11 22:16 - 2013-07-17 19:13 - 00000884 __RSH C:\Users\User\ntuser.pol
    2013-09-11 20:43 - 2013-09-07 11:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2013-09-11 20:42 - 2013-09-08 16:16 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux
    2013-09-10 21:29 - 2012-06-02 22:40 - 00000457 _____ C:\Windows\BRWMARK.INI
    2013-09-10 20:12 - 2013-09-10 20:11 - 00931840 _____ C:\Users\User\Downloads\Error_propagation.ppt
    2013-09-09 21:52 - 2013-09-09 21:50 - 01236162 _____ C:\Users\User\Downloads\Interview (1).m4a
    2013-09-09 21:52 - 2012-07-22 21:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
    2013-09-09 21:23 - 2013-09-09 21:23 - 00008748 _____ C:\Users\User\Desktop\Interview.aup
    2013-09-09 21:23 - 2013-09-09 21:23 - 00000000 ____D C:\Users\User\Desktop\Interview_data
    2013-09-09 21:08 - 2013-09-09 21:08 - 00001150 _____ C:\Users\User\Desktop\My Music Tools.lnk
    2013-09-09 21:08 - 2013-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\Free M4a to MP3 Converter
    2013-09-09 21:07 - 2013-09-09 21:06 - 06424632 _____ (ManiacTools.com ) C:\Users\User\Downloads\m4a-to-mp3-converter.exe
    2013-09-09 21:02 - 2013-09-09 21:23 - 01299895 _____ C:\Users\User\Desktop\Broadcast.m4a
    2013-09-09 21:02 - 2013-09-09 21:02 - 01299895 _____ C:\Users\User\Downloads\Number 2.m4a
    2013-09-09 21:02 - 2013-09-09 21:02 - 01224854 _____ C:\Users\User\Downloads\Interview.m4a
    2013-09-09 21:01 - 2013-09-09 21:01 - 00323261 _____ C:\Users\User\Downloads\Part 1 #2.m4a
    2013-09-09 20:40 - 2013-09-09 20:38 - 22308174 _____ (Audacity Team ) C:\Users\User\Downloads\audacity-win-2.0.4.exe
    2013-09-08 16:17 - 2013-09-08 16:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup.exe
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup (1).exe
    2013-09-07 13:53 - 2013-09-07 13:53 - 00000184 _____ C:\Users\User\Downloads\Tentative Schedule Outline 2013-2014.gdoc
    2013-09-07 12:02 - 2013-09-07 12:02 - 00006926 _____ C:\Users\User\Desktop\Scan Results.130907-1201.txt
    2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
    2013-09-07 11:54 - 2013-09-07 11:53 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybotsd-2.1.21-SR2.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-09-07 11:27 - 2013-09-07 11:27 - 00000000 ____D C:\Program Files (x86)\Java
    2013-09-07 11:27 - 2012-08-15 22:06 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
    2013-09-07 11:27 - 2012-08-15 22:06 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2013-09-07 11:19 - 2013-09-07 11:19 - 00903080 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u25.exe
    2013-09-07 11:18 - 2013-09-07 11:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Oracle
    2013-09-07 11:08 - 2013-01-25 23:06 - 00000000 ____D C:\Users\User\AppData\Local\Conduit
    2013-09-07 11:06 - 2012-06-02 22:43 - 84790440 _____ C:\alotserviceruntime.log
    2013-09-07 11:06 - 2012-06-02 22:43 - 00019792 _____ C:\INSTALLHELPER.LOG
    2013-09-06 23:42 - 2009-07-14 01:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-09-05 18:20 - 2013-09-05 18:20 - 00066560 _____ (Rekenwonder Software) C:\Users\User\Downloads\revealer.exe
    2013-09-04 17:31 - 2013-07-17 19:32 - 00003996 _____ C:\Windows\System32\Tasks\Open URL by RoboForm
    2013-09-04 17:31 - 2013-07-17 19:30 - 00000000 ____D C:\Users\User\Documents\My RoboForm Data
    2013-09-03 16:52 - 2013-09-03 16:52 - 00000000 ____D C:\ProgramData\McAfee
    2013-09-02 20:07 - 2013-03-31 23:26 - 00000000 ____D C:\Users\User\AppData\Roaming\SogouExplorer
    2013-08-31 11:37 - 2012-06-02 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2013-08-31 11:34 - 2013-08-31 11:34 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia
    2013-08-29 22:29 - 2013-08-26 22:13 - 00000000 ____D C:\Users\User\Documents\My Media
    2013-08-28 21:07 - 2013-07-17 19:20 - 00000000 ____D C:\Users\User\AppData\Roaming\eType

    Some content of TEMP:
    ====================
    C:\Users\User\AppData\Local\Temp\ose00000.exe
    C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\User\AppData\Local\Temp\_is25D7.exe
    C:\Users\User\AppData\Local\Temp\_is4652.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-09-12 20:57

    ==================== End Of Log ============================













    SUPERAntiSpyware Scan Log
    http://www.superantispyware.com

    Generated 09/26/2013 at 07:43 PM

    Application Version : 5.6.1032

    Core Rules Database Version : 10794
    Trace Rules Database Version: 8606

    Scan type : Quick Scan
    Total Scan Time : 00:15:10

    Operating System Information
    Windows 7 Ultimate 64-bit, Service Pack 1 (Build 6.01.7601)
    UAC On - Limited User

    Memory items scanned : 719
    Memory threats detected : 0
    Registry items scanned : 66213
    Registry threats detected : 49
    File items scanned : 13513
    File threats detected : 651

    Adware.Yontoo
    (x86) HKLM\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\InprocServer32#ThreadingModel
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\ProgID
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\Programmable
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\TypeLib
    (x86) HKCR\CLSID\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}\VersionIndependentProgID
    (x86) HKCR\YontooIEClient.Layers.1
    (x86) HKCR\YontooIEClient.Layers.1\CLSID
    (x86) HKCR\YontooIEClient.Layers
    (x86) HKCR\YontooIEClient.Layers\CLSID
    (x86) HKCR\YontooIEClient.Layers\CurVer
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\0\win32
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\FLAGS
    (x86) HKCR\TypeLib\{D372567D-67C1-4B29-B3F0-159B52B3E967}\1.0\HELPDIR
    C:\PROGRAM FILES (X86)\YONTOO\YONTOOIECLIENT.DLL
    (x86) HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\InprocServer32#ThreadingModel
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\ProgID
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\Programmable
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\TypeLib
    (x86) HKCR\CLSID\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}\VersionIndependentProgID
    (x86) HKCR\YontooIEClient.Api.1
    (x86) HKCR\YontooIEClient.Api.1\CLSID
    (x86) HKCR\YontooIEClient.Api
    (x86) HKCR\YontooIEClient.Api\CLSID
    (x86) HKCR\YontooIEClient.Api\CurVer
    (x86) HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKU\S-1-5-21-1573549344-3448516400-2850158298-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKU\S-1-5-21-1573549344-3448516400-2850158298-1000\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKU\S-1-5-21-1573549344-3448516400-2850158298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKU\S-1-5-21-1573549344-3448516400-2850158298-1003\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    (x86) HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\ProxyStubClsid32
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib
    (x86) HKCR\Interface\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}\TypeLib#Version
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\ProxyStubClsid32
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib
    (x86) HKCR\Interface\{1AD27395-1659-4DFF-A319-2CFA243861A5}\TypeLib#Version

    Adware.Tracking Cookie
    clicks4cents.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    clicks4cents.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /mediav ]
    imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\CTOM7ZDW.txt [ /tracksrv.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\0OBD1OTZ.txt [ /c.atdmt.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\ILIPKQ2H.txt [ /imrworldwide.com ]
    invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\5FKO5F42.txt [ /invitemedia.com ]
    hearstugo.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\VNAYMK92.txt [ /media6degrees.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\UGUH14IW.txt [ /adbrite.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\BIOPR478.txt [ /track.adform.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\UDSEZ3VU.txt [ /accounts.google.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\S9LC08CZ.txt [ /pointroll.com ]
    ontarget.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\GMF4R9EG.txt [ /lucidmedia.com ]
    radiocanada.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    fr.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    fr.sitestat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    oddcast.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\P13CN9WX.txt [ /ru4.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\6XNFG30Y.txt [ /questionmarket.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\4OYYBVS5.txt [ /pro-market.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\4KG0N5HF.txt [ /advertising.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\GOR2K4V8.txt [ /ads.intergi.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\MNIFTV2C.txt [ /clicksia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\LP0NM33P.txt [ /ads.pointroll.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\SAAIYC6R.txt [ /adlegend.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\7R9F1CD5.txt [ /serving-sys.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\26GJA3LL.txt [ /counter.ourgame.com ]
    statcounter.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\P68VVQRZ.txt [ /cnzz.mmstat.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\M2MCF093.txt [ /bs.serving-sys.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\QA73K6K7.txt [ /ads.p161.net ]
    doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\ICX0WGKR.txt [ /legolas-media.com ]
    adserver.adtechus.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    apmebf.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\9J74YFD8.txt [ /d.tracksrv.com ]
    mediaplex.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\PHIFZC67.txt [ /yieldmanager.net ]
    lucidmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    revsci.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\R2PJI52C.txt [ /accounts.google.com ]
    serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\X6OSMH62.txt [ /adserver.adtechus.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\[email protected][1].txt [ /mmstat.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\3P5GX9QN.txt [ /www.clicksia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\B285V30S.txt [ /at.atwola.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\38ER2RWB.txt [ /adtechus.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\HUUM6XP3.txt [ /ad-plus.cn ]
    cmpmedica.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    clickbank.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    clickbank.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    histats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    tns-counter.ru [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    bravenet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    bravenet.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    dmtracker.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    iconfinder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    iconfinder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    xiti.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    htc.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    c.gigcount.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    bonniercorp.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    pcworldcommunication.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wflokgajaeq.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wckieodjcdo.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wcmiolazocp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6afkogmcpeko.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wfmywlczicq.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    liveperson.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    stats.webs.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    static.freewebs.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    fasttrackfundraising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    www.fasttrackfundraising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    www.fasttrackfundraising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    secure.fasttrackfundraising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    fasttrackfundraising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    www.fasttrackfundraising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    estat.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    superstats.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    conversion.buddymedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    buddymedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    microsoftsto.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6aemialdziap.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wmkowgazidp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6aelocnazafq.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wmlykjdjcko.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6afkyanczigp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6afkosnd5gko.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wnloohdpocp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6aemiagczkfp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6afkoold5ibp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    in.getclicky.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    e-2dj6wckyajdzscp.stats.esomniture.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    torstardigital.122.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    flighttracker.theweathernetwork.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    msnbc.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    healthgrades.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    statcounter.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    mediadico.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    mediadico.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    hotwire.112.2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    tripod.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    tripod.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    tripod.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    tripod.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .account4.torontopubliclibrary.ca [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .account4.torontopubliclibrary.ca [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .account4.torontopubliclibrary.ca [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .imrworldwide.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    insight.torbit.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .orpicom.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .orpicom.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .orpicom.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .orpicom.solution.weborama.fr [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .yieldmanager.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .acronymfinder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .acronymfinder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .acronymfinder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .acronymfinder.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    media.mtvnservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    media.mtvnservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    media.mtvnservices.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .clickbooth.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .tribalfusion.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .clicksor.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .clicksor.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .clicksor.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .myroitracking.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .clicksor.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .clicksor.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .adlegend.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .adlegend.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .adbrite.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    edge.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .specificclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    openx.jeetyetmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .adtech.de [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .adtechus.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .realmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .c.atdmt.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    network.realmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .pro-market.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ru4.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .tacoda.at.atwola.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    d.tracksrv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    track.adform.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    d.tracksrv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .saymedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .tracksrv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    i.tracksrv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.youtube.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    accounts.google.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    d.tracksrv.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .lucidmedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ad.doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .casalemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ad.mlnadvertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .2o7.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .doubleclick.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .advertising.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .ads.pointroll.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .collective-media.net [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .questionmarket.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .insightexpressai.com [ C:\USERS\USER\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\CZTBK7S6.DEFAULT-1369086017973\COOKIES.SQLITE ]
    .legolas-media.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .imrworldwide.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .getclicky.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    in.getclicky.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adtechus.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .yadro.ru [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .histats.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .histats.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .algoclicks.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    algoclicks.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tns-counter.ru [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tacoda.at.atwola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atdmt.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    account7.torontopubliclibrary.ca [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    account7.torontopubliclibrary.ca [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    fr.sitestat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    fr.sitestat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediaarmor.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.mediabistro.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tsleducation.112.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .mpstat.us [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .hearstmagazines.112.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .dmtracker.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    demandmedia.trc.taboola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .at.atwola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .rogersmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .amazon-adsystem.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .amazon-adsystem.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    api.solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    api.solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    track.adform.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .adform.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .pro-market.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .clickbooth.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .oracle.112.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .saymedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .saymedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .saymedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    a.intentmedia.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .tribalfusion.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .revsci.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    click2trax.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .findthebest.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .findthebest.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .findthebest.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    colleges.findthebest.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    colleges.findthebest.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .doubleclick.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    a.b.c.d.e.f.g.h.i.j.k.l.m.n.oo.pp.qqq.rrrr.ssssss.tttttttt.uuuuuuuuuuu.vvvvvvvvvvvvvvv.wwwwwwwwwwwwwwwwwwwwww.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.me [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    a.b.c.d.e.f.g.h.i.j.k.l.m.n.oo.pp.qqq.rrrr.ssssss.tttttttt.uuuuuuuuuuu.vvvvvvvvvvvvvvv.wwwwwwwwwwwwwwwwwwwwww.xxxxxxxxxxxxxxxxxxxxxxxxxxxxxxx.yyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyyy.zzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzzz.me [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .s.clickability.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .s.clickability.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.complex.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .stats.complex.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .atlanticmedia.122.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .msnbc.112.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\1M6EYHQL.txt [ /imp.bid.ace.advertising.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8SUGGJ3N.txt [ /tracksrv.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\GJHGM7QS.txt [ /mm.chitika.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\WTNP9B2Y.txt [ /eyeviewads.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\1A3J83WW.txt [ /c.atdmt.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\FCDY4WPD.txt [ /fl01.ct2.comclick.com ]
    .fastclick.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\KJZ711IK.txt [ /ad.zanox.com ]
    .commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\FWFECGEF.txt [ /mediaplex.com ]
    .commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\V1PVTADY.txt [ /ads.eqads.com ]
    .commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.commonsensemedia.org [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\XO7BFXV2.txt [ /ox-d.fondnessmedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZWG05C3I.txt [ /advertstream.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\0P25IBF5.txt [ /www.webtrafficroi.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ /imrworldwide.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\N1LS2JAA.txt [ /histats.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\FPAXDWJ0.txt [ /track.effiliation.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ECYRSKTB.txt [ /ads1.zenoviaexchange.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ITR97K3D.txt [ /adserver1.cpmburner.com ]
    statse.webtrendslive.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\M754AVAJ.txt [ /mediaffiliation.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\MECBPZ0Q.txt [ /tacoda.at.atwola.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\W7KNQGV4.txt [ /apmebf.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8GLXJHL0.txt [ /servads.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\4RTVLUEV.txt [ /invitemedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\QBWB5D6Q.txt [ /media6degrees.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\UDQ96755.txt [ /clickintext.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\L3FRED0C.txt [ /adbrite.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\TXU86XAQ.txt [ /atdmt.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\EHYJOH24.txt [ /scarlet-clicks.info ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\AKFGX7RK.txt [ /media.fastclick.net ]
    .estat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\WYQYCHU3.txt [ /tracking893.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\WQVUM9VU.txt [ /track.adform.net ]
    .serving-sys.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\FEZ4X8FK.txt [ /andomedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\KP6BCI03.txt [ /statcounter.com ]
    .wileypublishing.112.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\C8A1GA1M.txt [ /ad.360yield.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\O0J17IFK.txt [ /mediaservices-d.openxenterprise.com ]
    uk.sitestat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    uk.sitestat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\AO6Z4XO1.txt [ /pointroll.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\MCP3XR13.txt [ /www9.addfreestats.com ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media6degrees.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\L0Z8H4ET.txt [ /solvemedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\365AY7VG.txt [ /traffiqexchange.rotator.hadj7.adjuggler.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\LP899AD3.txt [ /jeetyetmedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\YTVDYOMF.txt [ /lucidmedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\U3HJWGT5.txt [ /www3.addfreestats.com ]
    uk.sitestat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZFEN153W.txt [ /ad.mlnadvertising.com ]
    media.io [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\[email protected][2].txt [ /collective-media.net ]
    .media.io [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .media.io [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    media.io [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    media.io [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\CA4479E6.txt [ /tracking.hostgator.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\IXC16SNP.txt [ /clicktrackprofit.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\RRSSJSFL.txt [ /ads.creative-serving.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\GZ32XRUK.txt [ /ru4.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\EQ0JNTCL.txt [ /clickbooth.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\31WUOJYA.txt [ /questionmarket.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\7KJ7FN2X.txt [ /pro-market.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\2SKU2MIC.txt [ /h.atdmt.com ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\RGWINCWS.txt [ /advertising.com ]
    .lucidmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .advertising.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\9C37Z6TK.txt [ /clicksia.com ]
    .advertising.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\PY6SX51P.txt [ /adform.net ]
    .apmebf.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\RFFGP1GX.txt [ /openx.jeetyetmedia.com ]
    .mediaplex.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ENN2MBX7.txt [ /myroitracking.com ]
    .mediaplex.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\1MY0JQ4T.txt [ /jillsclickcorner.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\17FTCX4X.txt [ /adxpansion.com ]
    .mmstat.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\1T9YK5XQ.txt [ /ads.pointroll.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\SKH7043N.txt [ /ads.adk2.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\CEBPRA7J.txt [ /zedo.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\AIKW5XKR.txt [ /rotator.adjuggler.com ]
    .xiti.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .xiti.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .network.realmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .network.realmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\K7IOVVWT.txt [ /yadro.ru ]
    super.kitnmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\AUO3FU6X.txt [ /ads.cpxcenter.com ]
    accounts.youtube.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\5MKZ42M9.txt [ /serving-sys.com ]
    .accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8GD0YXP8.txt [ /tracking.publicidees.com ]
    accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\DEM49G6D.txt [ /webtrafficroi.com ]
    accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\JU5OG08A.txt [ /ads.lzjl.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\3PMPPRL9.txt [ /toplist.cz ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\KG7DGD4Y.txt [ /casinolasvegas.com ]
    .realmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\20WUSDJ4.txt [ /c.gigcount.com ]
    .realmedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ENSAZTI5.txt [ /liveperson.net ]
    accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\19UAJ4VC.txt [ /kontera.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\U2KVE9XY.txt [ /server.iad.liveperson.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\YTJT146V.txt [ /bs.serving-sys.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\3Q0ULF1X.txt [ /globalwebtraffic.biz ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\GI5O7JLC.txt [ /ads.us.e-planning.net ]
    .educationcom.112.2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\5BSE0E3V.txt [ /adxpose.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\RNSY0BG0.txt [ /fastclick.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\KC7M4A4Z.txt [ /server.cpmstar.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ANEPWRM6.txt [ /tracking1.aleadpay.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\PO6Z0YXT.txt [ /networldmedia.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\F4XXMSJV.txt [ /ads.p161.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Y1NRIYAK.txt [ /sympatico.112.2o7.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\F98KRWDU.txt [ /trafficadbar.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\K1KAFVKK.txt [ /ad.thisav.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\M3NAWNYI.txt [ /clicksor.com ]
    ad.yieldmanager.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\2GLQ2RA6.txt [ /clickbank.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\O1ISFII5.txt [ /tradedoubler.com ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\JWES155H.txt [ /legolas-media.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\RO0TNHTY.txt [ /smartadserver.com ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\1FQO23J3.txt [ /ads.adigniter.org ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .cracked.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.jokesfind.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    www.jokesfind.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\T5JQ96XN.txt [ /linksynergy.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\7B61JNP7.txt [ /burstnet.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Z2N6C0HW.txt [ /stat.4u.pl ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\V39OT78D.txt [ /adserver1.ads.snoork.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\VXEHG3UK.txt [ /openx.overadmedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\DOGGVOD6.txt [ /mshakers.rotator.hadj7.adjuggler.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\W6BKSY64.txt [ /casalemedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\UC67LS6V.txt [ /tribalfusion.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ECIMZ8I8.txt [ /adup.rotator.hadj7.adjuggler.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\GQWYI08I.txt [ /d.tracksrv.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\QKFHGQ4B.txt [ /zbox.zanox.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\O111ZSH5.txt [ /adserver1.mediacpm.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\BD56OUMW.txt [ /px.steelhousemedia.com ]
    .rambler.ru [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\YLBVODKG.txt [ /revsci.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8HGX7P3Y.txt [ /yieldmanager.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\X021G5SX.txt [ /bubblestat.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\6NCUOFOF.txt [ /scarlet-click.com ]
    demandmedia.trc.taboola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    demandmedia.trc.taboola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    demandmedia.trc.taboola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    demandmedia.trc.taboola.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\KTU7VQEO.txt [ /steelhousemedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8NKRZNLN.txt [ /ads.clicmanager.fr ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\2C2WMF6J.txt [ /mediaclickads.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\3BCJOW55.txt [ /adserver1.mediaplataform.com ]
    .rambler.ru [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\NH7IH3TV.txt [ /stat.onestat.com ]
    .statcounter.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\AGXHPDSA.txt [ /stats.paypal.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\JVKWKDY8.txt [ /www.pixeltrack66.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\77HOG84C.txt [ /trafficreturn.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\PR1B9BDK.txt [ /track.adjal.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\3IG2MIEL.txt [ /ads.fortunawin.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\27NJJ894.txt [ /interclick.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\WYGVZXBN.txt [ /xiti.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\UQPMHU4Y.txt [ /account.live.com ]
    .2o7.net [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\K6X7XZGM.txt [ /amazon-adsystem.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\49LT7ST2.txt [ /accounts.google.com ]
    .invitemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\FSZY2MW4.txt [ /ad.yieldmanager.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\TX3JX6SA.txt [ /click.mxtrac.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\4HYY1EKH.txt [ /adserver.adtechus.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\I7IHZ4MF.txt [ /ads.networldmedia.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\A97XAC2V.txt [ /realmedia.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8BF83LHR.txt [ /adup.rotator.hadj7.adjuggler.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\69X1FIMQ.txt [ /pacificpoker.com ]
    accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    accounts.google.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\ZS1HU24M.txt [ /www.trafficreturn.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\4BDAWER4.txt [ /specificclick.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\W7QO47FK.txt [ /ads.pubmatic.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\SVOHIOCV.txt [ /enhance.com ]
    algoclicks.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\OS8WFCQ5.txt [ /network.realmedia.com ]
    .v11media.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\WEFPY5SL.txt [ /adprudence.rotator.hadj7.adjuggler.net ]
    .ru4.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .ru4.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    .solvemedia.com [ C:\USERS\USER\APPDATA\LOCAL\GOOGLE\CHROME\USER DATA\DEFAULT\COOKIES ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\49CB8U91.txt [ /vitamine.networldmedia.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\3OASCVFQ.txt [ /doubleclick.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\LFB0GW98.txt [ /at.atwola.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\3H8VI0MU.txt [ /scarlet-clicks.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\780449ZW.txt [ /www.googleadservices.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\F059WOKN.txt [ /www.googleadservices.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\8GBW5LD6.txt [ /track.effiliation.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\59ZFQRTL.txt [ /content.yieldmanager.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\WNNIX53Y.txt [ /count.asnetworks.de ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\68TPJHZS.txt [ /liveperson.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\OZWNT14Y.txt [ /secure.partyaccount.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\7N5MZUMH.txt [ /insightexpressai.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\7S118E4S.txt [ /adnetwork.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\J4Z65J1S.txt [ /adtechus.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\MWYX85GD.txt [ /adinterax.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\Q54BWUBS.txt [ /2o7.net ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\JQ28K9R5.txt [ /click.expandsearchanswers.com ]
    C:\Users\User\AppData\Roaming\Microsoft\Windows\Cookies\Low\4T97S0CO.txt [ /media.mtvnservices.com ]
     
  7. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    I managed to post the logs for you for easier reference.

    I haven't had the time to fully check the log but can see there is some Adware present, please run this scan below and post the log.

    You still need to uninstall Spybot S&D and confirm what Anti Virus you are using. The AV is listed as 360杀毒 which I have not seen before so probably not a good AV to be using, please confirm the full name of it.

    Click on this link to download : ADWCleaner Click on the Download Now button and save it to your desktop.

    NOTE: If using Internet Explorer and you get an alert that stops the program downloading click on Tools > Smartscreen Filter > Turn off Smartscreen Filter then click on OK in the box that opens. Then click on the link again.

    Close your browser and double click on this icon on your desktop: [​IMG]

    You will then see the screen below, click on the Scan button (as indicated), accept any prompts that appear and allow it to run, it may take several minutes to complete, when it is done click on the Clean button, accept any prompts that appear and allow the system to reboot. You will then be presented with the report, Copy & Paste it into your next post.

    [​IMG]
     
  8. sillypoo284

    sillypoo284 Thread Starter

    Joined:
    Sep 24, 2013
    Messages:
    6
    Thank you!!


    I did uninstall Spybot SD... not sure why it's still showing up? The antivirus I'm currently using is a Chinese one. The log is as follows:


    # AdwCleaner v3.005 - Report created 28/09/2013 at 10:11:47
    # Updated 22/09/2013 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : User - USER-PC
    # Running from : C:\Users\User\Downloads\AdwCleaner.exe
    # Option : Clean

    ***** [ Services ] *****

    [#] Service Deleted : DefaultTabSearch
    Service Deleted : DefaultTabUpdate

    ***** [ Files / Folders ] *****

    Folder Deleted : C:\ProgramData\IBUpdaterService
    Folder Deleted : C:\ProgramData\Tarma Installer
    Folder Deleted : C:\ProgramData\Tencent
    Folder Deleted : C:\ProgramData\visualbee
    Folder Deleted : C:\Program Files (x86)\Babylon
    Folder Deleted : C:\Program Files (x86)\baidu
    Folder Deleted : C:\Program Files (x86)\Conduit
    Folder Deleted : C:\Program Files (x86)\DefaultTab
    Folder Deleted : C:\Program Files (x86)\Funshion Online
    Folder Deleted : C:\Program Files (x86)\Splashtop
    Folder Deleted : C:\Program Files (x86)\Tencent
    Folder Deleted : C:\Program Files (x86)\Yontoo
    Folder Deleted : C:\Program Files (x86)\Common Files\DVDVideoSoft\TB
    Folder Deleted : C:\Program Files (x86)\Common Files\Tencent
    Folder Deleted : C:\Program Files\Babylon
    Folder Deleted : C:\Users\User\AppData\Local\Conduit
    Folder Deleted : C:\Users\User\AppData\Local\cre
    Folder Deleted : C:\Users\User\AppData\Local\SogouExplorer
    Folder Deleted : C:\Users\User\AppData\Local\Tencent
    Folder Deleted : C:\Users\User\AppData\Local\visualbeeexe
    Folder Deleted : C:\Users\User\AppData\LocalLow\Conduit
    Folder Deleted : C:\Users\User\AppData\LocalLow\PriceGong
    Folder Deleted : C:\Users\User\AppData\LocalLow\Tencent
    Folder Deleted : C:\Users\User\AppData\Roaming\DefaultTab
    Folder Deleted : C:\Users\User\AppData\Roaming\eType
    Folder Deleted : C:\Users\User\AppData\Roaming\OpenCandy
    Folder Deleted : C:\Users\User\AppData\Roaming\PerformerSoft
    Folder Deleted : C:\Users\User\AppData\Roaming\SogouExplorer
    Folder Deleted : C:\Users\User\AppData\Roaming\Splashtop
    Folder Deleted : C:\Users\User\AppData\Roaming\Tencent
    Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Folder Deleted : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
    File Deleted : C:\alotserviceruntime.log
    File Deleted : C:\END
    File Deleted : C:\Windows\System32\roboot64.exe
    File Deleted : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\searchplugins\SweetIM Search.xml

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Value Deleted : HKLM\SOFTWARE\Mozilla\Firefox\Extensions [[email protected]]
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\kdidombaedgpfiiedeimiebkmbilgmlc
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\niapdbllcanepiiimjjndipklodoedlc
    Key Deleted : HKCU\Software\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
    Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{C26644C4-2A12-4CA6-8F2E-0EDE6CF018F3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\BabylonHelper.EXE
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\DefaultTabBHO.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\YontooIEClient.DLL
    Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser
    Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowser.1
    Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX
    Key Deleted : HKLM\SOFTWARE\Classes\DefaultTabBHO.DefaultTabBrowserActiveX.1
    Key Deleted : HKLM\SOFTWARE\Classes\Prod.cap
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\alotservice_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\alotservice_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASAPI32
    Key Deleted : HKLM\SOFTWARE\Microsoft\Tracing\Babylon_RASMANCS
    Key Deleted : HKLM\SOFTWARE\Classes\Toolbar.CT3273919
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{608D3067-77E8-463D-9084-908966806826}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{6536801B-F50C-449B-9476-093DFD3789E3}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{BDB69379-802F-4EAF-B541-F8DE92DD98DB}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{CFDAFE39-20CE-451D-BD45-A37452F39CF0}
    Key Deleted : HKLM\SOFTWARE\Classes\AppID\{EA28B360-05E0-4F93-8150-02891F1D8D3C}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{10DE7085-6A1E-4D41-A7BF-9AF93E351401}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{3C471948-F874-49F5-B338-4F214A2EE0B1}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7E84186E-B5DE-4226-8A66-6E49C6B511B4}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{80922EE0-8A76-46AE-95D5-BD3C3FE0708D}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{99066096-8989-4612-841F-621A01D54AD7}
    Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{FE9271F2-6EFD-44B0-A826-84C829536E93}
    Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{6517DD27-EA6F-4947-9DEA-F9C487BB1020}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{0F3DC9E0-C459-4A40-BCF8-747BD9322E10}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{FFE66D00-A56A-4F7F-81D7-4A28C5816D6C}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{FD72061E-9FDE-484D-A58A-0BAB4151CAD8}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{7F6AFBF1-E065-4627-A2FD-810366367D01}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{DF7770F7-832F-4BDF-B144-100EDDD0C3AE}
    Key Deleted : HKCU\Software\Microsoft\Internet Explorer\SearchScopes\{A531D99C-5A22-449B-83DA-872725C6D0ED}
    Key Deleted : HKCU\Software\1ClickDownload
    Key Deleted : HKCU\Software\BI
    Key Deleted : HKCU\Software\Conduit
    Key Deleted : HKCU\Software\Default Tab
    Key Deleted : HKCU\Software\DefaultTab
    Key Deleted : HKCU\Software\DSNR Labs
    Key Deleted : HKCU\Software\IM
    Key Deleted : HKCU\Software\ImInstaller
    Key Deleted : HKCU\Software\TENCENT
    Key Deleted : HKCU\Software\visualbee
    Key Deleted : HKCU\Software\AppDataLow\Software\Conduit
    Key Deleted : HKCU\Software\AppDataLow\Software\ConduitSearchScopes
    Key Deleted : HKCU\Software\AppDataLow\Software\DefaultTab
    Key Deleted : HKCU\Software\AppDataLow\Software\PriceGong
    Key Deleted : HKCU\Software\AppDataLow\Software\SmartBar
    Key Deleted : HKLM\Software\Conduit
    Key Deleted : HKLM\Software\Default Tab
    Key Deleted : HKLM\Software\DefaultTab
    Key Deleted : HKLM\Software\Iminent
    Key Deleted : HKLM\Software\TENCENT
    Key Deleted : HKLM\Software\visualbee
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
    Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\DefaultTab
    Key Deleted : [x64] HKLM\SOFTWARE\Tarma Installer
    Key Deleted : [x64] HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\{889DF117-14D1-44EE-9F31-C5FB5D47F68B}

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16686

    Setting Restored : HKCU\Software\Microsoft\Internet Explorer\Main [Start Page]

    -\\ Mozilla Firefox v22.0 (en-GB)

    [ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]


    *************************

    AdwCleaner[R0].txt - [8709 octets] - [28/09/2013 10:09:36]
    AdwCleaner[S0].txt - [8207 octets] - [28/09/2013 10:11:47]

    ########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [8267 octets] ##########
     
  9. sillypoo284

    sillypoo284 Thread Starter

    Joined:
    Sep 24, 2013
    Messages:
    6
    I figured out what the problem was. It was something called WBCengine or something, an extension I found on all my browsers.

    I uninstalled that and now it works fine.

    Thanks for your help :D
     
  10. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Well done for finding that, I can see it in the logs, but it is not something I have come across before and there is very little information available on it.

    There is a service installed for that extension and ADWCleaner found a lot of Adware so we should not stop here.

    Please run ADWCleaner again to make sure all the adware has gone and run FRST again and post both the logs.
     
  11. sillypoo284

    sillypoo284 Thread Starter

    Joined:
    Sep 24, 2013
    Messages:
    6
    Scan result of Farbar Recovery Scan Tool (FRST.txt) (x64) Version: 27-09-2013 02
    Ran by User (administrator) on USER-PC on 29-09-2013 22:01:12
    Running from C:\Users\User\AppData\Local\Microsoft\Windows\Temporary Internet Files\Content.IE5\H234XAUJ
    Windows 7 Ultimate Service Pack 1 (X64) OS Language: English(US)
    Internet Explorer Version 10
    Boot Mode: Normal

    ==================== Processes (Whitelisted) =================

    (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchService.exe
    (360.cn) C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe
    (brother Industries Ltd) C:\Windows\SysWOW64\brsvc01a.exe
    (SUPERAntiSpyware.com) C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE
    (Adobe Systems Incorporated) D:\Sophia\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe
    (Apple Inc.) C:\Program Files (x86)\Common Files\Apple\Mobile Device Support\AppleMobileDeviceService.exe
    (brother Industries Ltd) C:\Windows\SysWOW64\brss01a.exe
    (Apple Inc.) C:\Program Files\Bonjour\mDNSResponder.exe
    () D:\Brother\bratimer.exe
    (Conduit) C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe
    () C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe
    (Nitro PDF Software) C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe
    () C:\Program Files (x86)\SdDUpdService\SdDUpdService.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    () C:\Program Files\WBC Engine\ExtensionUpdaterService.exe
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSVC.EXE
    (Microsoft Corp.) C:\Program Files\Common Files\Microsoft Shared\Windows Live\WLIDSvcM.exe
    (Microsoft Corporation) C:\Windows\SYSTEM32\WISPTIS.EXE
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TabletUser.exe
    (Intel Corporation) C:\Windows\System32\igfxtray.exe
    (Intel Corporation) C:\Windows\System32\hkcmd.exe
    (Intel Corporation) C:\Windows\System32\igfxpers.exe
    (Realtek Semiconductor) C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_Tablet.exe
    (Sogou.com Inc.) C:\Program Files (x86)\SogouInput\Components\AddressSearch\1.0.0.1224\SGImeGuard.exe
    (360.cn) C:\Program Files (x86)\360\360sd\360sd.exe
    () C:\Users\User\Local Settings\Apps\F.lux\flux.exe
    (SUPERAntiSpyware) C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe
    (http://www.tinydm.com/) C:\Users\User\AppData\Local\DM\TinyDM.exe
    (360.cn) C:\Program Files (x86)\360\360sd\360rp.exe
    (Conduit) C:\Users\User\AppData\Roaming\SearchProtect\bin\cltmng.exe
    (MagicISO, Inc.) C:\Program Files (x86)\MagicDisc\MagicDisc.exe
    (Adobe Systems Incorporated) C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\Brmfcmon\BrMfimon.exe
    () C:\Program Files (x86)\Bamboo Dock\BambooCore.exe
    (Brother Industries, Ltd.) C:\Program Files (x86)\Brother\ControlCenter3\brccMCtl.exe
    (Apple Inc.) C:\Program Files (x86)\iTunes\iTunesHelper.exe
    () C:\Program Files (x86)\盛大网络\盛大下载器\sdDown.exe
    (Oracle Corporation) C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe
    (360.cn) C:\Program Files (x86)\360\360safe\safemon\360tray.exe
    (Apple Inc.) C:\Program Files\iPod\bin\iPodService.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\LMS\LMS.exe
    (Intel Corporation) C:\Program Files (x86)\Intel\Intel(R) Management Engine Components\UNS\UNS.exe
    (Microsoft Corporation) C:\Program Files\Common Files\Microsoft Shared\Ink\InputPersonalization.exe
    (360.cn) C:\Program Files (x86)\360\360sd\360rps.exe
    (Wacom Technology, Corp.) C:\Program Files\Tablet\Pen\Pen_TouchUser.exe
    () C:\Users\User\Downloads\AdwCleaner.exe
    (Microsoft Corporation) C:\Program Files\Internet Explorer\iexplore.exe

    ==================== Registry (Whitelisted) ==================

    HKLM\...\Run: [HotKeysCmds] - C:\Windows\system32\hkcmd.exe [ ] ()
    HKLM\...\Run: [RtHDVCpl] - C:\Program Files\Realtek\Audio\HDA\RAVCpl64.exe [12632168 2011-07-21] (Realtek Semiconductor)
    HKLM\...\Run: [AdobeAAMUpdater-1.0] - C:\Program Files (x86)\Common Files\Adobe\OOBE\PDApp\UWA\UpdaterStartupUtility.exe [446392 2012-04-04] (Adobe Systems Incorporated)
    Winlogon\Notify\igfxcui: C:\Windows\system32\igfxdev.dll (Intel Corporation)
    HKCU\...\Run: [360sd] - C:\Program Files (x86)\360\360sd\360sdrun.exe [836536 2013-08-27] (360.cn)
    HKCU\...\Run: [Google Update] - C:\Users\User\AppData\Local\Google\Update\GoogleUpdate.exe [116648 2012-06-02] (Google Inc.)
    HKCU\...\Run: [Facebook Update] - C:\Users\User\AppData\Local\Facebook\Update\FacebookUpdate.exe [138096 2012-08-10] (Facebook Inc.)
    HKCU\...\Run: [AdobeBridge] - [x]
    HKCU\...\Run: [ImeGuardCom] - C:\Program Files (x86)\SogouInput\Components\AddressSearch\1.0.0.1224\SGImeGuard.exe [347256 2013-09-02] (Sogou.com Inc.)
    HKCU\...\Run: [F.lux] - C:\Users\User\Local Settings\Apps\F.lux\flux.exe [966656 2009-08-29] ()
    HKCU\...\Run: [SUPERAntiSpyware] - C:\Program Files\SUPERAntiSpyware\SUPERAntiSpyware.exe [6581488 2013-08-14] (SUPERAntiSpyware)
    HKCU\...\Run: [Tiny download manager] - C:\Users\User\AppData\Local\DM\TinyDM.exe [282624 2013-06-03] (http://www.tinydm.com/)
    HKCU\...\Run: [SearchProtect] - C:\Users\User\AppData\Roaming\SearchProtect\bin\cltmng.exe [2852640 2013-05-08] (Conduit)
    MountPoints2: {91f6d6ed-5c67-11e2-8ada-902b3401e913} - G:\autorun.exe
    HKLM-x32\...\Run: [GrooveMonitor] - C:\Program Files (x86)\Microsoft Office\Office12\GrooveMonitor.exe [30040 2009-02-26] (Microsoft Corporation)
    HKLM-x32\...\Run: [Adobe ARM] - C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\AdobeARM.exe [958576 2013-04-04] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [Funshion] - "C:\Program Files (x86)\Funshion Online\Funshion\Funshion.exe" startbywindows tray
    HKLM-x32\...\Run: [BrMfcWnd] - C:\Program Files (x86)\Brother\Brmfcmon\BrMfcWnd.exe [663552 2007-03-23] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [ControlCenter3] - C:\Program Files (x86)\Brother\ControlCenter3\brctrcen.exe [65536 2007-01-26] (Brother Industries, Ltd.)
    HKLM-x32\...\Run: [BambooCore] - C:\Program Files (x86)\Bamboo Dock\BambooCore.exe [646744 2012-12-11] ()
    HKLM-x32\...\Run: [ColdTurkey_notify] - C:\Program Files\ColdTurkey\ct_notify.exe
    HKLM-x32\...\Run: [AdobeCS6ServiceManager] - C:\Program Files (x86)\Common Files\Adobe\CS6ServiceManager\CS6ServiceManager.exe [1073312 2012-03-09] (Adobe Systems Incorporated)
    HKLM-x32\...\Run: [APSDaemon] - C:\Program Files (x86)\Common Files\Apple\Apple Application Support\APSDaemon.exe [59720 2013-01-28] (Apple Inc.)
    HKLM-x32\...\Run: [iTunesHelper] - C:\Program Files (x86)\iTunes\iTunesHelper.exe [152392 2013-02-20] (Apple Inc.)
    HKLM-x32\...\Run: [盛大下载器自动启动] - C:\Program Files (x86)\盛大网络\盛大下载器\sdDown.exe [1525584 2013-07-04] ()
    HKLM-x32\...\Run: [SunJavaUpdateSched] - C:\Program Files (x86)\Common Files\Java\Java Update\jusched.exe [253816 2013-03-12] (Oracle Corporation)
    HKLM-x32\...\Run: [SearchProtectAll] - C:\Program Files (x86)\SearchProtect\bin\cltmng.exe [2852640 2013-05-08] (Conduit)
    Startup: C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup\MagicDisc.lnk
    ShortcutTarget: MagicDisc.lnk -> C:\Program Files (x86)\MagicDisc\MagicDisc.exe (MagicISO, Inc.)
    BootExecute: autocheck autochk * sdnclean64.exe

    ==================== Internet (Whitelisted) ====================

    ProxyServer: 202.99.21.162:8081
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = http://ca.msn.com/?rd=1&ucc=CA&dcc=CA&opt=0
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache_TIMESTAMP = 0xDB78304BFD40CD01
    HKCU\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache AcceptLangs = en-us
    SearchScopes: HKCU - DefaultScope {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = http://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=baidudg
    SearchScopes: HKCU - {1090D75D-59F7-4e74-885D-83B375F14BB6} URL = http://search.yahoo.com/search?p={searchTerms}&fr=chr-devicevm&type=IEBDSV
    SearchScopes: HKCU - {1267CE7D-146F-41B9-9F7E-D61D5B75BAD0} URL = http://www.mysearchresults.com/search?c=2355&t=01&q={searchTerms}
    SearchScopes: HKCU - {6BE5773C-F02D-4494-B33C-A4C983426D7D} URL = http://search.conduit.com/ResultsExt.aspx?q={searchTerms}&SearchSource=4&ctid=CT3273919&CUI=UN98055066210479607
    SearchScopes: HKCU - {B8E20CD7-BAC2-4820-9AA6-1060B3AF25E2} URL = http://www.baidu.com/s?wd={searchTerms}&ie={inputEncoding}&oe={outputEncoding}&abar=2&tn=baidudg
    SearchScopes: HKCU - {D7A843F1-3A51-45D5-A3EC-E5D39BA29682} URL = http://search.conduit.com/Results.aspx?ctid=CT3300032&SearchSource=45&q={searchTerms}
    SearchScopes: HKCU - {EBECA4F5-3387-402b-BBC9-F47E9FA3F17D} URL = http://www.bing.com/search?q={searchTerms}&form=SPLBR1&pc=SPLH
    BHO: WBC Engine - {14DD0E04-D4F6-45d2-A958-F361FBD4F64F} - C:\Program Files\WBC Engine\Extension64.dll ()
    BHO: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: 360sdbho Class - {0F4BF955-A127-41B7-A998-369904AA2578} - C:\Program Files (x86)\360\360sd\360sdbho.dll (360.cn)
    BHO-x32: 14D59188-D041-0D39-9176-B5D0DD6DF6C0 Class - {14D59188-D041-0D39-9176-B5D0DD6DF6C0} - C:\Program Files (x86)\Funshion Online\Funshion\FunshionAddr\funshionAddr.dll No File
    BHO-x32: WBC Engine - {14DD0E04-D4F6-45d2-A958-F361FBD4F64F} - C:\Program Files\WBC Engine\Extension32.dll ()
    BHO-x32: Groove GFS Browser Helper - {72853161-30C5-4D22-B7F9-0BBC1D38A37E} - C:\Program Files (x86)\Microsoft Office\Office12\GrooveShellExtensions.dll (Microsoft Corporation)
    BHO-x32: Java(tm) Plug-In SSV Helper - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
    BHO-x32: Windows Live ID Sign-in Helper - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files (x86)\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corp.)
    BHO-x32: SafeMon Class - {B69F34DD-F0F9-42DC-9EDD-957187DA688D} - C:\Program Files (x86)\360\360safe\safemon\safemon.dll (360.cn)
    BHO-x32: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
    DPF: HKLM-x32 {8F6E7FB2-E56B-4F66-A4E1-9765D2565280} http://www.worldwinner.com/games/launcher/ie/v2.23.01.0/iewwload.cab
    Handler-x32: skype4com - {FFC8B962-9B40-4DFF-9458-1830C7DD7F5D} - C:\Program Files (x86)\Common Files\Skype\Skype4COM.dll (Skype Technologies)
    Tcpip\Parameters: [DhcpNameServer] 64.71.255.204 64.71.255.198
    Tcpip\..\Interfaces\{DCAACDAF-59C8-45A9-9473-BB00C54BCEB5}: [NameServer]208.67.220.220,208.67.222.222

    FireFox:
    ========
    FF ProfilePath: C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973
    FF NetworkProxy: "ftp", "69.73.181.24"
    FF NetworkProxy: "ftp_port", 7808
    FF NetworkProxy: "http", "69.73.181.24"
    FF NetworkProxy: "http_port", 7808
    FF NetworkProxy: "socks_remote_dns", true
    FF NetworkProxy: "ssl", "69.73.181.24"
    FF NetworkProxy: "ssl_port", 7808
    FF NetworkProxy: "type", 1
    FF Plugin: @adobe.com/FlashPlayer - C:\Windows\system32\Macromed\Flash\NPSWF64_11_8_800_168.dll ()
    FF Plugin: @microsoft.com/GENUINE - disabled No File
    FF Plugin: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @adobe.com/FlashPlayer - C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_8_800_168.dll ()
    FF Plugin-x32: @adobe.com/ShockwavePlayer - C:\Windows\SysWOW64\Adobe\Director\np32dsw_1167637.dll (Adobe Systems, Inc.)
    FF Plugin-x32: @Apple.com/iTunes,version=1.0 - C:\Program Files (x86)\iTunes\Mozilla Plugins\npitunes.dll ()
    FF Plugin-x32: @Google.com/GoogleEarthPlugin - C:\Program Files (x86)\Google\Google Earth\plugin\npgeplugin.dll (Google)
    FF Plugin-x32: @java.com/DTPlugin,version=10.25.2 - C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
    FF Plugin-x32: @java.com/JavaPlugin,version=10.25.2 - C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
    FF Plugin-x32: @microsoft.com/GENUINE - disabled No File
    FF Plugin-x32: @Microsoft.com/NpCtrl,version=1.0 - C:\Program Files (x86)\Microsoft Silverlight\5.1.20513.0\npctrl.dll ( Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3502.0922 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @microsoft.com/WLPG,version=15.4.3555.0308 - C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
    FF Plugin-x32: @nexon.net/NxGame - C:\ProgramData\NexonUS\NGM\npNxGameUS.dll (Nexon)
    FF Plugin-x32: @nitropdf.com/NitroPDF - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
    FF Plugin-x32: @pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin-x32: @qq.com/npqscall - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll No File
    FF Plugin-x32: @qq.com/QQlive - C:\Program Files (x86)\Tencent\QQLive\LiveOcx\npQQLive.dll No File
    FF Plugin-x32: @qq.com/QQPhotoDrawEx - C:\Program Files (x86)\Tencent\Qzone\npQQPhotoDrawEx.dll No File
    FF Plugin-x32: @qq.com/QzoneMusic - C:\Program Files (x86)\Tencent\QQMusic\QzoneMusic\npQzoneMusic.dll No File
    FF Plugin-x32: @qq.com/TXSSO - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.41\Bin\npSSOAxCtrlForPTLogin.dll No File
    FF Plugin-x32: @wacom.com/wacom-plugin,version=1.1.0.10 - C:\Program Files (x86)\TabletPlugins\npwacom.dll (Wacom, Inc.)
    FF Plugin-x32: @wacom.com/wtPlugin,version=2.0.0.1 - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF Plugin-x32: Adobe Reader - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
    FF Plugin HKCU: @Skype Limited.com/Facebook Video Calling Plugin - C:\Users\User\AppData\Local\Facebook\Video\Skype\npFacebookVideoCalling.dll (Skype Limited)
    FF Plugin HKCU: @tools.google.com/Google Update;version=3 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @tools.google.com/Google Update;version=9 - C:\Users\User\AppData\Local\Google\Update\1.3.21.153\npGoogleUpdate3.dll (Google Inc.)
    FF Plugin HKCU: @unity3d.com/UnityPlayer,version=1.0 - C:\Users\User\AppData\LocalLow\Unity\WebPlayer\loader\npUnity3D32.dll (Unity Technologies ApS)
    FF Plugin HKCU: pandonetworks.com/PandoWebPlugin - C:\Program Files (x86)\Pando Networks\Media Booster\npPandoWebPlugin.dll (Pando Networks)
    FF Plugin HKCU: wacom.com/WacomTabletPlugin - C:\Program Files (x86)\TabletPlugins\npWacomTabletPlugin.dll (Wacom)
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\amazon-en-GB.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\chambers-en-GB.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\eBay-en-GB.xml
    FF SearchPlugin: C:\Program Files (x86)\mozilla firefox\browser\searchplugins\yahoo-en-GB.xml
    FF Extension: FoxyProxy Basic - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\Extensions\[email protected]
    FF Extension: No Name - C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\Extensions\{e4a8a97b-f2ed-450b-b12d-ee082ba24781}.xpi
    FF HKLM\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox
    FF HKLM\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox
    FF Extension: WBC Engine - C:\Program Files\WBC Engine\Firefox
    FF HKLM-x32\...\Firefox\Extensions: [{121C6AF3-6778-4360-AFDB-57BD4E3E4343}] - C:\Program Files\Playzy\Firefox
    FF HKLM-x32\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox
    FF Extension: WBC Engine - C:\Program Files\WBC Engine\Firefox
    FF HKCU\...\Firefox\Extensions: [[email protected]] - C:\Users\User\AppData\Local\Youdao\Dict\Application\stable\extensions\firefox

    Chrome:
    =======
    CHR HomePage: hxxp://search.conduit.com/?ctid=CT2260173&SearchSource=48&CUI=UN22520251882851630&UM=2
    CHR RestoreOnStartup: "hxxp://mail.google.com/", "hxxp://mail.yahoo.com/"
    CHR DefaultSearchURL: (Google) - {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:eek:riginalQueryForSuggestion}{google:assistedQueryStats}{google:searchFieldtrialParameter}{google:searchClient}{google:sourceId}{google:instantExtendedEnabledParameter}{google:eek:mniboxStartMarginParameter}ie={inputEncoding}
    CHR DefaultSuggestURL: (Google) - {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client={google:suggestClient}&q={searchTerms}&{google:cursorPosition}{google:zeroPrefixUrl}sugkey={google:suggestAPIKeyParameter}
    CHR Plugin: (Remoting Viewer) - internal-remoting-viewer
    CHR Plugin: (Native Client) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\ppGoogleNaClPluginChrome.dll ()
    CHR Plugin: (Chrome PDF Viewer) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\pdf.dll ()
    CHR Plugin: (Shockwave Flash) - C:\Users\User\AppData\Local\Google\Chrome\Application\29.0.1547.76\gcswf32.dll No File
    CHR Plugin: (Adobe Acrobat) - C:\Program Files (x86)\Adobe\Reader 10.0\Reader\Browser\nppdf32.dll (Adobe Systems Inc.)
    CHR Plugin: (QQ2011) - C:\Program Files (x86)\Common Files\Tencent\NPQSCALL\npqscall.dll No File
    CHR Plugin: (NPTXSSO Dynamic Link Library) - C:\Program Files (x86)\Common Files\Tencent\TXSSO\1.2.1.38\Bin\npSSOAxCtrlForPTLogin.dll No File
    CHR Plugin: (Nitro PDF Plug-In) - C:\Program Files (x86)\Nitro PDF\Reader 2\npnitromozilla.dll ( )
    CHR Plugin: (Google Update) - C:\Users\User\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll No File
    CHR Extension: (Google Drive) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apdfllckaahabafndbhieahigkjlhalf\6.3_0
    CHR Extension: (Swag Bucks) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak\10.20.1.508_0
    CHR Extension: (Flash render quality) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\bbkhhhlbomjpenealmjakmfmlgnbimep\0.10.1.10_0
    CHR Extension: (YouTube) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.6_0
    CHR Extension: (Google Search) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.20_0
    CHR Extension: (iMacros for Chrome) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\cplklnmnlbnpmjogncfgfijoopmnlemp\6.0.6_0
    CHR Extension: (Tampermonkey) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\dhdgffkkebhmkfjojejmpbldmpobfkfo\3.4.3568.10_0
    CHR Extension: (Facebook Unseen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gfjpoahaombpolfifdahikhbdnjjeifk\1.1.1.3_0
    CHR Extension: (AdBlock) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\gighmmpiobklfepjocnamgkkbiglidom\2.6.8_0
    CHR Extension: (FB unseen) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ihcedcpmfdpjijiamkaeaefgfagnnpei\0.1.7.12_0
    CHR Extension: (Chrome In-App Payments service) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\nmmhkkegccagdldgiimedpiccmgmieda\0.0.4.11_0
    CHR Extension: (AutoZoom) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\ocdkpkoaonnchdakgkmmcmnihhhgbjch\0.9.8_0
    CHR Extension: (Gmail) - C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_1
    CHR HKLM-x32\...\Chrome\Extension: [aohddidmgooofkgohkbkaohadkolgejj] - C:\Users\User\AppData\Local\Youdao\Dict\Application\stable\YDChromeTextExtractor.crx
    CHR HKLM-x32\...\Chrome\Extension: [apjkpjchfbckhjhokinlgdbmibpbbjak] - C:\Users\User\AppData\Local\CRE\apjkpjchfbckhjhokinlgdbmibpbbjak.crx
    CHR HKLM-x32\...\Chrome\Extension: [dkinklhnkmkhkhofcnapakaoehijaoih] - C:\Program Files (x86)\OnlineHD.TV\onhd11.crx
    CHR HKLM-x32\...\Chrome\Extension: [jlmocbacnenfhofldeekeghljicopfik] - C:\Users\User\AppData\Local\CRE\jlmocbacnenfhofldeekeghljicopfik.crx
    CHR StartMenuInternet: Google Chrome - C:\Users\User\AppData\Local\Google\Chrome\Application\chrome.exe

    ==================== Services (Whitelisted) =================

    R2 !SASCORE; C:\Program Files\SUPERAntiSpyware\SASCORE64.EXE [143120 2013-05-23] (SUPERAntiSpyware.com)
    R2 360rp; C:\Program Files (x86)\360\360sd\360rps.exe [369520 2013-01-08] (360.cn)
    R2 AdobeActiveFileMonitor8.0; D:\Sophia\Adobe\Elements Organizer 8.0\PhotoshopElementsFileAgent.exe [169312 2009-10-09] (Adobe Systems Incorporated)
    S3 AppleChargerSrv; C:\Windows\System32\AppleChargerSrv.exe [31272 2010-04-06] ()
    R2 BRA_Scheduler; D:\Brother\bratimer.exe [65536 2010-09-15] ()
    R2 Brother XP spl Service; C:\Windows\SysWOW64\brsvc01a.exe [57344 2004-06-14] (brother Industries Ltd)
    R2 CltMngSvc; C:\Program Files (x86)\SearchProtect\bin\CltMngSvc.exe [97056 2013-05-08] (Conduit)
    R2 KinoniSvc; C:\Program Files (x86)\Kinoni\EpocCam_and_Barcode_drivers\KinoniSvc.exe [525312 2013-02-26] ()
    R2 NitroReaderDriverReadSpool2; C:\Program Files\Common Files\Nitro PDF\Reader\2.0\NitroPDFReaderDriverService2x64.exe [229392 2012-09-13] (Nitro PDF Software)
    S3 scan; C:\Program Files (x86)\360\360sd\Scan.dll [200704 2009-04-22] (S.C. BitDefender S.R.L)
    R2 SdDUpdService; C:\Program Files (x86)\SdDUpdService\SdDUpdService.exe [356176 2013-07-04] ()
    R2 WBC Engine Updater; C:\Program Files\WBC Engine\ExtensionUpdaterService.exe [185856 2013-04-28] ()
    R2 ZhuDongFangYu; C:\Program Files (x86)\360\360safe\deepscan\zhudongfangyu.exe [272728 2011-12-30] (360.cn)
    S2 KCTRP; C:\Program Files\ColdTurkey\KCTRP_srv.exe [x]

    ==================== Drivers (Whitelisted) ====================

    R3 360AvFlt; C:\Windows\System32\DRIVERS\360AvFlt.sys [71360 2013-07-30] (360.cn)
    R1 360Box64; C:\Windows\System32\DRIVERS\360Box64.sys [274008 2012-02-09] (360安全中心)
    R1 360FsFlt; C:\Windows\System32\DRIVERS\360FsFlt.sys [354904 2012-02-20] (360.cn)
    S1 360netmon; C:\Windows\SysWow64\DRIVERS\360netmon.sys [154968 2011-04-07] (360.cn)
    R1 AppleCharger; C:\Windows\System32\DRIVERS\AppleCharger.sys [21104 2011-01-10] ()
    R1 BAPIDRV; C:\Windows\System32\Drivers\BAPIDRV64.SYS [190136 2013-05-06] (360.cn)
    R3 kinonivd; C:\Windows\System32\DRIVERS\kinonivd.sys [2782848 2013-02-26] (Windows (R) Win 7 DDK provider)
    R3 KINONI_Wave; C:\Windows\System32\drivers\kinonivad.sys [23040 2013-02-26] (Windows (R) Win 7 DDK provider)
    R1 qutmdserv; C:\Windows\System32\drivers\qutmdrv.sys [91184 2010-04-16] (360安全中心)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASDIFSV; C:\Program Files\SUPERAntiSpyware\SASDIFSV64.SYS [14928 2011-07-22] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    R1 SASKUTIL; C:\Program Files\SUPERAntiSpyware\SASKUTIL64.SYS [12368 2011-07-12] (SUPERAdBlocker.com and SUPERAntiSpyware.com)
    S1 360netmon; system32\DRIVERS\360netmon.sys [x]
    S3 EagleX64; \??\C:\Windows\system32\drivers\EagleX64.sys [x]
    S3 gdrv; \??\C:\Windows\gdrv.sys [x]
    S3 Synth3dVsc; System32\drivers\synth3dvsc.sys [x]
    S3 tsusbhub; system32\drivers\tsusbhub.sys [x]
    S3 VGPU; System32\drivers\rdvgkmd.sys [x]

    ==================== NetSvcs (Whitelisted) ===================


    ==================== One Month Created Files and Folders ========

    2013-09-29 21:18 - 2013-09-29 21:22 - 00000566 _____ C:\Users\User\Desktop\vp visual arts council.txt
    2013-09-29 10:43 - 2013-09-29 10:43 - 00000000 _RSHD C:\360SANDBOX
    2013-09-28 10:39 - 2013-09-28 10:44 - 00000000 ____D C:\Users\User\AppData\Roaming\SearchProtect
    2013-09-28 10:39 - 2013-09-28 10:39 - 00000000 ____D C:\Users\User\AppData\Local\CRE
    2013-09-28 10:39 - 2013-09-28 10:39 - 00000000 ____D C:\Program Files (x86)\SearchProtect
    2013-09-28 10:39 - 2013-09-28 10:39 - 00000000 ____D C:\Program Files (x86)\Conduit
    2013-09-28 10:33 - 2013-09-28 10:33 - 01094064 _____ (Conduit) C:\Users\User\Downloads\Swag_Bucks.exe
    2013-09-28 10:09 - 2013-09-29 22:00 - 00000000 ____D C:\AdwCleaner
    2013-09-27 20:09 - 2013-09-27 20:10 - 01042066 _____ C:\Users\User\Downloads\AdwCleaner.exe
    2013-09-26 20:51 - 2013-09-26 20:51 - 00325738 _____ C:\Users\User\Desktop\log.html
    2013-09-26 19:28 - 2013-09-26 19:28 - 00000000 ____D C:\FRST
    2013-09-26 19:27 - 2013-09-29 19:33 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8.job
    2013-09-26 19:27 - 2013-09-29 02:00 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b.job
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003578 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000000 ____D C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
    2013-09-26 19:26 - 2013-09-26 19:27 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2013-09-26 19:26 - 2013-09-26 19:26 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2013-09-26 19:26 - 2013-09-26 19:26 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2013-09-26 19:24 - 2013-09-26 19:24 - 00000085 _____ C:\Windows\wininit.ini
    2013-09-26 19:23 - 2013-09-29 21:52 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-09-26 19:23 - 2013-09-26 19:53 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-09-26 00:50 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck (1).exe
    2013-09-26 00:49 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck.exe
    2013-09-24 00:42 - 2013-09-29 11:51 - 00001003 _____ C:\Users\User\Desktop\proxiecopie.txt
    2013-09-23 22:54 - 2013-09-25 23:49 - 00000515 _____ C:\Users\User\Desktop\proxy and stuff.txt
    2013-09-23 20:42 - 2013-09-23 20:42 - 18779022 _____ C:\Users\User\Downloads\Sequence 01.mp4
    2013-09-22 14:10 - 2013-09-26 19:25 - 00000258 _____ C:\Users\Account\FunShion.ini
    2013-09-22 14:10 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account\AppData\Roaming\Apple Computer
    2013-09-22 14:09 - 2013-09-26 19:24 - 00000000 ____D C:\Users\Account\funshion
    2013-09-22 14:09 - 2013-09-26 19:21 - 00000000 ____D C:\Users\Account\AppData\Local\VirtualStore
    2013-09-22 14:09 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account\AppData\Roaming\Adobe
    2013-09-22 14:09 - 2013-09-22 14:09 - 00001417 _____ C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000884 __RSH C:\Users\Account\ntuser.pol
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\WTablet
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\Wacom
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Local\Adobe
    2013-09-22 14:08 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account
    2013-09-22 14:08 - 2013-09-22 14:08 - 00000020 ___SH C:\Users\Account\ntuser.ini
    2013-09-22 14:08 - 2012-07-31 21:52 - 00000000 ____D C:\Users\Account\AppData\Roaming\Macromedia
    2013-09-22 14:08 - 2012-07-22 22:57 - 00000000 ____D C:\Users\Account\AppData\Local\Microsoft Help
    2013-09-22 14:08 - 2009-07-14 00:54 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
    2013-09-22 14:08 - 2009-07-14 00:49 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
    2013-09-17 21:12 - 2013-09-18 19:28 - 00031232 _____ C:\Users\User\Downloads\Section Editor Contact List.xls
    2013-09-17 17:39 - 2013-09-17 17:39 - 03838527 _____ C:\Users\User\Downloads\Chem notes_Sept 16th.zip
    2013-09-15 19:03 - 2013-09-15 19:03 - 00361119 _____ (Farbar) C:\Windows\FRST_mod.exe
    2013-09-13 00:24 - 2013-08-10 01:22 - 02241024 _____ (Microsoft Corporation) C:\Windows\system32\wininet.dll
    2013-09-13 00:24 - 2013-08-10 01:22 - 01365504 _____ (Microsoft Corporation) C:\Windows\system32\urlmon.dll
    2013-09-13 00:24 - 2013-08-10 01:22 - 00051712 _____ (Microsoft Corporation) C:\Windows\system32\ie4uinit.exe
    2013-09-13 00:24 - 2013-08-10 01:21 - 19246592 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.dll
    2013-09-13 00:24 - 2013-08-10 01:21 - 00603136 _____ (Microsoft Corporation) C:\Windows\system32\msfeeds.dll
    2013-09-13 00:24 - 2013-08-10 01:21 - 00053248 _____ (Microsoft Corporation) C:\Windows\system32\jsproxy.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 15404544 _____ (Microsoft Corporation) C:\Windows\system32\ieframe.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 03959296 _____ (Microsoft Corporation) C:\Windows\system32\jscript9.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 02647040 _____ (Microsoft Corporation) C:\Windows\system32\iertutil.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00855552 _____ (Microsoft Corporation) C:\Windows\system32\jscript.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00526336 _____ (Microsoft Corporation) C:\Windows\system32\ieui.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00136704 _____ (Microsoft Corporation) C:\Windows\system32\iesysprep.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00067072 _____ (Microsoft Corporation) C:\Windows\system32\iesetup.dll
    2013-09-13 00:24 - 2013-08-10 01:20 - 00039936 _____ (Microsoft Corporation) C:\Windows\system32\iernonce.dll
    2013-09-13 00:24 - 2013-08-09 23:59 - 01767936 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wininet.dll
    2013-09-13 00:24 - 2013-08-09 23:59 - 01141248 _____ (Microsoft Corporation) C:\Windows\SysWOW64\urlmon.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 13761024 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieframe.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 02876928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript9.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 02048000 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iertutil.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00690688 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jscript.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00493056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\msfeeds.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00391168 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ieui.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00109056 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesysprep.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00061440 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iesetup.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00039424 _____ (Microsoft Corporation) C:\Windows\SysWOW64\jsproxy.dll
    2013-09-13 00:24 - 2013-08-09 23:58 - 00033280 _____ (Microsoft Corporation) C:\Windows\SysWOW64\iernonce.dll
    2013-09-13 00:24 - 2013-08-09 23:17 - 02706432 _____ (Microsoft Corporation) C:\Windows\system32\mshtml.tlb
    2013-09-13 00:24 - 2013-08-09 23:07 - 02706432 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.tlb
    2013-09-13 00:24 - 2013-08-09 22:27 - 00089600 _____ (Microsoft Corporation) C:\Windows\system32\RegisterIEPKEYs.exe
    2013-09-13 00:24 - 2013-08-09 22:17 - 00071680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\RegisterIEPKEYs.exe
    2013-09-13 00:23 - 2013-08-09 23:58 - 14332928 _____ (Microsoft Corporation) C:\Windows\SysWOW64\mshtml.dll
    2013-09-12 20:28 - 2013-08-07 21:20 - 03155456 _____ (Microsoft Corporation) C:\Windows\system32\win32k.sys
    2013-09-12 20:28 - 2013-08-04 22:25 - 00155584 _____ (Microsoft Corporation) C:\Windows\system32\Drivers\ataport.sys
    2013-09-12 20:28 - 2013-08-01 22:23 - 05550528 _____ (Microsoft Corporation) C:\Windows\system32\ntoskrnl.exe
    2013-09-12 20:28 - 2013-08-01 22:15 - 01732032 _____ (Microsoft Corporation) C:\Windows\system32\ntdll.dll
    2013-09-12 20:28 - 2013-08-01 22:15 - 00362496 _____ (Microsoft Corporation) C:\Windows\system32\wow64win.dll
    2013-09-12 20:28 - 2013-08-01 22:15 - 00243712 _____ (Microsoft Corporation) C:\Windows\system32\wow64.dll
    2013-09-12 20:28 - 2013-08-01 22:15 - 00013312 _____ (Microsoft Corporation) C:\Windows\system32\wow64cpu.dll
    2013-09-12 20:28 - 2013-08-01 22:14 - 00215040 _____ (Microsoft Corporation) C:\Windows\system32\winsrv.dll
    2013-09-12 20:28 - 2013-08-01 22:14 - 00016384 _____ (Microsoft Corporation) C:\Windows\system32\ntvdm64.dll
    2013-09-12 20:28 - 2013-08-01 22:13 - 01161216 _____ (Microsoft Corporation) C:\Windows\system32\kernel32.dll
    2013-09-12 20:28 - 2013-08-01 22:13 - 00424448 _____ (Microsoft Corporation) C:\Windows\system32\KernelBase.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00043520 _____ (Microsoft Corporation) C:\Windows\system32\csrsrv.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00006656 _____ (Microsoft Corporation) C:\Windows\system32\apisetschema.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00006144 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-security-base-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00005120 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-file-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-threadpool-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004608 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processthreads-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-synch-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localregistry-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00004096 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-localization-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-misc-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-memory-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003584 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-heap-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-xstate-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-util-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-string-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-profile-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-io-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-interlocked-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-handle-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-fibers-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-delayload-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-debug-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-datetime-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 22:12 - 00003072 ____H (Microsoft Corporation) C:\Windows\system32\api-ms-win-core-console-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:59 - 03968960 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntkrnlpa.exe
    2013-09-12 20:28 - 2013-08-01 21:59 - 03913664 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntoskrnl.exe
    2013-09-12 20:28 - 2013-08-01 21:51 - 01292192 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntdll.dll
    2013-09-12 20:28 - 2013-08-01 21:50 - 01114112 _____ (Microsoft Corporation) C:\Windows\SysWOW64\kernel32.dll
    2013-09-12 20:28 - 2013-08-01 21:50 - 00274944 _____ (Microsoft Corporation) C:\Windows\SysWOW64\KernelBase.dll
    2013-09-12 20:28 - 2013-08-01 21:50 - 00005120 _____ (Microsoft Corporation) C:\Windows\SysWOW64\wow32.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00006656 _____ (Microsoft Corporation) C:\Windows\SysWOW64\apisetschema.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00005120 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-file-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processthreads-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-sysinfo-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-synch-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-misc-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localregistry-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00004096 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-localization-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-processenvironment-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-namedpipe-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-memory-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-libraryloader-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-interlocked-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-heap-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-string-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-rtlsupport-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-profile-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-io-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-handle-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-fibers-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-errorhandling-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-delayload-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-debug-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-datetime-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:48 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-console-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 21:09 - 00338432 _____ (Microsoft Corporation) C:\Windows\system32\conhost.exe
    2013-09-12 20:28 - 2013-08-01 20:59 - 00112640 _____ (Microsoft Corporation) C:\Windows\system32\smss.exe
    2013-09-12 20:28 - 2013-08-01 20:45 - 00025600 _____ (Microsoft Corporation) C:\Windows\SysWOW64\setup16.exe
    2013-09-12 20:28 - 2013-08-01 20:45 - 00014336 _____ (Microsoft Corporation) C:\Windows\SysWOW64\ntvdm64.dll
    2013-09-12 20:28 - 2013-08-01 20:45 - 00007680 _____ (Microsoft Corporation) C:\Windows\SysWOW64\instnm.exe
    2013-09-12 20:28 - 2013-08-01 20:45 - 00002048 _____ (Microsoft Corporation) C:\Windows\SysWOW64\user.exe
    2013-09-12 20:28 - 2013-08-01 20:43 - 00006144 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-security-base-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 20:43 - 00004608 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-threadpool-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 20:43 - 00003584 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-xstate-l1-1-0.dll
    2013-09-12 20:28 - 2013-08-01 20:43 - 00003072 ____H (Microsoft Corporation) C:\Windows\SysWOW64\api-ms-win-core-util-l1-1-0.dll
    2013-09-12 20:23 - 2013-07-25 22:24 - 14172672 _____ (Microsoft Corporation) C:\Windows\system32\shell32.dll
    2013-09-12 20:23 - 2013-07-25 22:24 - 00197120 _____ (Microsoft Corporation) C:\Windows\system32\shdocvw.dll
    2013-09-12 20:23 - 2013-07-25 21:55 - 12872704 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shell32.dll
    2013-09-12 20:23 - 2013-07-25 21:55 - 00180224 _____ (Microsoft Corporation) C:\Windows\SysWOW64\shdocvw.dll
    2013-09-10 20:11 - 2013-09-10 20:12 - 00931840 _____ C:\Users\User\Downloads\Error_propagation.ppt
    2013-09-09 21:50 - 2013-09-09 21:52 - 01236162 _____ C:\Users\User\Downloads\Interview (1).m4a
    2013-09-09 21:23 - 2013-09-09 21:23 - 00008748 _____ C:\Users\User\Desktop\Interview.aup
    2013-09-09 21:23 - 2013-09-09 21:23 - 00000000 ____D C:\Users\User\Desktop\Interview_data
    2013-09-09 21:23 - 2013-09-09 21:02 - 01299895 _____ C:\Users\User\Desktop\Broadcast.m4a
    2013-09-09 21:08 - 2013-09-09 21:08 - 00001150 _____ C:\Users\User\Desktop\My Music Tools.lnk
    2013-09-09 21:08 - 2013-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\Free M4a to MP3 Converter
    2013-09-09 21:06 - 2013-09-09 21:07 - 06424632 _____ (ManiacTools.com ) C:\Users\User\Downloads\m4a-to-mp3-converter.exe
    2013-09-09 21:02 - 2013-09-09 21:02 - 01299895 _____ C:\Users\User\Downloads\Number 2.m4a
    2013-09-09 21:02 - 2013-09-09 21:02 - 01224854 _____ C:\Users\User\Downloads\Interview.m4a
    2013-09-09 21:01 - 2013-09-09 21:01 - 00323261 _____ C:\Users\User\Downloads\Part 1 #2.m4a
    2013-09-09 20:38 - 2013-09-09 20:40 - 22308174 _____ (Audacity Team ) C:\Users\User\Downloads\audacity-win-2.0.4.exe
    2013-09-08 16:16 - 2013-09-11 20:42 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux
    2013-09-08 16:16 - 2013-09-08 16:17 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup.exe
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup (1).exe
    2013-09-07 13:53 - 2013-09-07 13:53 - 00000184 _____ C:\Users\User\Downloads\Tentative Schedule Outline 2013-2014.gdoc
    2013-09-07 12:02 - 2013-09-07 12:02 - 00006926 _____ C:\Users\User\Desktop\Scan Results.130907-1201.txt
    2013-09-07 11:55 - 2013-09-11 20:43 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
    2013-09-07 11:53 - 2013-09-07 11:54 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybotsd-2.1.21-SR2.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-09-07 11:27 - 2013-09-07 11:27 - 00000000 ____D C:\Program Files (x86)\Java
    2013-09-07 11:19 - 2013-09-07 11:19 - 00903080 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u25.exe
    2013-09-07 11:18 - 2013-09-07 11:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Oracle
    2013-09-05 18:20 - 2013-09-05 18:20 - 00066560 _____ (Rekenwonder Software) C:\Users\User\Downloads\revealer.exe
    2013-09-03 16:52 - 2013-09-03 16:52 - 00000000 ____D C:\ProgramData\McAfee
    2013-08-31 20:09 - 2013-09-12 01:00 - 00000000 ____D C:\Users\User\Documents\2013-2014
    2013-08-31 11:34 - 2013-08-31 11:34 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia

    ==================== One Month Modified Files and Folders =======

    2013-09-29 22:00 - 2013-09-28 10:09 - 00000000 ____D C:\AdwCleaner
    2013-09-29 21:59 - 2012-09-19 22:29 - 00000000 ____D C:\Users\User\Desktop\Writing
    2013-09-29 21:53 - 2012-06-02 22:58 - 00000904 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA.job
    2013-09-29 21:52 - 2013-09-26 19:23 - 00000830 _____ C:\Windows\Tasks\Adobe Flash Player Updater.job
    2013-09-29 21:51 - 2013-01-16 00:20 - 00000894 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineUA.job
    2013-09-29 21:34 - 2012-08-10 15:29 - 00000924 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000UA.job
    2013-09-29 21:22 - 2013-09-29 21:18 - 00000566 _____ C:\Users\User\Desktop\vp visual arts council.txt
    2013-09-29 20:53 - 2012-06-02 22:58 - 00000852 _____ C:\Windows\Tasks\GoogleUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core.job
    2013-09-29 19:33 - 2013-09-26 19:27 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8.job
    2013-09-29 18:52 - 2012-06-03 07:00 - 01201621 _____ C:\Windows\WindowsUpdate.log
    2013-09-29 15:51 - 2013-01-16 00:20 - 00000890 _____ C:\Windows\Tasks\GoogleUpdateTaskMachineCore.job
    2013-09-29 15:45 - 2012-08-10 15:29 - 00000902 _____ C:\Windows\Tasks\FacebookUpdateTaskUserS-1-5-21-1573549344-3448516400-2850158298-1000Core.job
    2013-09-29 11:51 - 2013-09-24 00:42 - 00001003 _____ C:\Users\User\Desktop\proxiecopie.txt
    2013-09-29 10:50 - 2009-07-14 00:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
    2013-09-29 10:50 - 2009-07-14 00:45 - 00014416 ____H C:\Windows\system32\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
    2013-09-29 10:43 - 2013-09-29 10:43 - 00000000 _RSHD C:\360SANDBOX
    2013-09-29 10:43 - 2009-07-14 01:08 - 00000006 ____H C:\Windows\Tasks\SA.DAT
    2013-09-29 10:43 - 2009-07-14 00:51 - 00044164 _____ C:\Windows\setupact.log
    2013-09-29 10:42 - 2012-06-02 16:27 - 02822226 _____ C:\Windows\PFRO.log
    2013-09-29 02:00 - 2013-09-26 19:27 - 00000508 _____ C:\Windows\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b.job
    2013-09-29 02:00 - 2012-06-02 22:52 - 00000000 ____D C:\Users\User\AppData\Local\Adobe
    2013-09-29 02:00 - 2012-06-02 16:23 - 00000000 ____D C:\Users\User\AppData\Roaming\360Safe
    2013-09-28 20:22 - 2013-07-18 21:37 - 00000000 __SHD C:\360Rec
    2013-09-28 10:44 - 2013-09-28 10:39 - 00000000 ____D C:\Users\User\AppData\Roaming\SearchProtect
    2013-09-28 10:39 - 2013-09-28 10:39 - 00000000 ____D C:\Users\User\AppData\Local\CRE
    2013-09-28 10:39 - 2013-09-28 10:39 - 00000000 ____D C:\Program Files (x86)\SearchProtect
    2013-09-28 10:39 - 2013-09-28 10:39 - 00000000 ____D C:\Program Files (x86)\Conduit
    2013-09-28 10:33 - 2013-09-28 10:33 - 01094064 _____ (Conduit) C:\Users\User\Downloads\Swag_Bucks.exe
    2013-09-28 09:30 - 2011-09-02 03:23 - 00002973 _____ C:\Users\User\funshion.ini
    2013-09-27 20:54 - 2012-06-03 09:43 - 00000000 ____D C:\ProgramData\360SD
    2013-09-27 20:10 - 2013-09-27 20:09 - 01042066 _____ C:\Users\User\Downloads\AdwCleaner.exe
    2013-09-26 22:12 - 2009-07-14 01:13 - 00726444 _____ C:\Windows\system32\PerfStringBackup.INI
    2013-09-26 20:51 - 2013-09-26 20:51 - 00325738 _____ C:\Users\User\Desktop\log.html
    2013-09-26 19:53 - 2013-09-26 19:23 - 00003768 _____ C:\Windows\System32\Tasks\Adobe Flash Player Updater
    2013-09-26 19:53 - 2012-06-02 16:24 - 00692616 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerApp.exe
    2013-09-26 19:53 - 2012-06-02 16:24 - 00071048 _____ (Adobe Systems Incorporated) C:\Windows\SysWOW64\FlashPlayerCPLApp.cpl
    2013-09-26 19:28 - 2013-09-26 19:28 - 00000000 ____D C:\FRST
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003578 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 5892357b-2f2f-40e6-ab5f-07825309532b
    2013-09-26 19:27 - 2013-09-26 19:27 - 00003504 _____ C:\Windows\System32\Tasks\SUPERAntiSpyware Scheduled Task 0f1cc591-a0ea-415c-97d2-febf2bdc6bf8
    2013-09-26 19:27 - 2013-09-26 19:27 - 00000000 ____D C:\Users\User\AppData\Roaming\SUPERAntiSpyware.com
    2013-09-26 19:27 - 2013-09-26 19:26 - 00000000 ____D C:\Program Files\SUPERAntiSpyware
    2013-09-26 19:26 - 2013-09-26 19:26 - 00001808 _____ C:\Users\Public\Desktop\SUPERAntiSpyware Free Edition.lnk
    2013-09-26 19:26 - 2013-09-26 19:26 - 00000000 ____D C:\ProgramData\SUPERAntiSpyware.com
    2013-09-26 19:25 - 2013-09-22 14:10 - 00000258 _____ C:\Users\Account\FunShion.ini
    2013-09-26 19:24 - 2013-09-26 19:24 - 00000085 _____ C:\Windows\wininit.ini
    2013-09-26 19:24 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\funshion
    2013-09-26 19:24 - 2013-02-27 21:49 - 00000000 ____D C:\Users\User\AppData\Roaming\Skype
    2013-09-26 19:21 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Local\VirtualStore
    2013-09-26 00:50 - 2013-09-26 00:50 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck (1).exe
    2013-09-26 00:50 - 2013-09-26 00:49 - 00891144 _____ C:\Users\User\Downloads\SecurityCheck.exe
    2013-09-25 23:49 - 2013-09-23 22:54 - 00000515 _____ C:\Users\User\Desktop\proxy and stuff.txt
    2013-09-25 23:29 - 2009-07-14 01:09 - 00000000 ____D C:\Windows\System32\Tasks\WPD
    2013-09-23 22:00 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\system32\NDF
    2013-09-23 20:42 - 2013-09-23 20:42 - 18779022 _____ C:\Users\User\Downloads\Sequence 01.mp4
    2013-09-22 21:32 - 2012-09-08 21:56 - 00096256 ___SH C:\Users\User\Documents\Thumbs.db
    2013-09-22 14:10 - 2013-09-22 14:10 - 00000000 ____D C:\Users\Account\AppData\Roaming\Apple Computer
    2013-09-22 14:10 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\Adobe
    2013-09-22 14:10 - 2013-09-22 14:08 - 00000000 ____D C:\Users\Account
    2013-09-22 14:09 - 2013-09-22 14:09 - 00001417 _____ C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000884 __RSH C:\Users\Account\ntuser.pol
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ___RD C:\Users\Account\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\WTablet
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Roaming\Wacom
    2013-09-22 14:09 - 2013-09-22 14:09 - 00000000 ____D C:\Users\Account\AppData\Local\Adobe
    2013-09-22 14:08 - 2013-09-22 14:08 - 00000020 ___SH C:\Users\Account\ntuser.ini
    2013-09-20 07:47 - 2012-06-11 20:52 - 00000000 ____D C:\Program Files\ColdTurkey
    2013-09-18 19:28 - 2013-09-17 21:12 - 00031232 _____ C:\Users\User\Downloads\Section Editor Contact List.xls
    2013-09-17 17:39 - 2013-09-17 17:39 - 03838527 _____ C:\Users\User\Downloads\Chem notes_Sept 16th.zip
    2013-09-16 20:46 - 2012-06-02 16:05 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
    2013-09-16 20:46 - 2012-06-02 16:05 - 00000000 ___RD C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
    2013-09-16 19:50 - 2009-07-13 23:20 - 00000000 ____D C:\Windows\rescache
    2013-09-16 19:13 - 2009-07-14 00:45 - 05083416 _____ C:\Windows\system32\FNTCACHE.DAT
    2013-09-15 19:03 - 2013-09-15 19:03 - 00361119 _____ (Farbar) C:\Windows\FRST_mod.exe
    2013-09-13 00:23 - 2013-07-24 23:32 - 00000000 ____D C:\Windows\system32\MRT
    2013-09-13 00:21 - 2013-02-09 23:32 - 79143768 _____ (Microsoft Corporation) C:\Windows\system32\MRT.exe
    2013-09-13 00:21 - 2012-06-02 16:17 - 00000000 ____D C:\ProgramData\Microsoft Help
    2013-09-12 01:00 - 2013-08-31 20:09 - 00000000 ____D C:\Users\User\Documents\2013-2014
    2013-09-11 22:16 - 2013-07-17 19:13 - 00000884 __RSH C:\Users\User\ntuser.pol
    2013-09-11 20:43 - 2013-09-07 11:55 - 00000000 ____D C:\ProgramData\Spybot - Search & Destroy
    2013-09-11 20:42 - 2013-09-08 16:16 - 00000000 ____D C:\Users\User\AppData\Local\Apps\F.lux
    2013-09-10 21:29 - 2012-06-02 22:40 - 00000457 _____ C:\Windows\BRWMARK.INI
    2013-09-10 20:12 - 2013-09-10 20:11 - 00931840 _____ C:\Users\User\Downloads\Error_propagation.ppt
    2013-09-09 21:52 - 2013-09-09 21:50 - 01236162 _____ C:\Users\User\Downloads\Interview (1).m4a
    2013-09-09 21:52 - 2012-07-22 21:47 - 00000000 ____D C:\Users\User\AppData\Roaming\Audacity
    2013-09-09 21:23 - 2013-09-09 21:23 - 00008748 _____ C:\Users\User\Desktop\Interview.aup
    2013-09-09 21:23 - 2013-09-09 21:23 - 00000000 ____D C:\Users\User\Desktop\Interview_data
    2013-09-09 21:08 - 2013-09-09 21:08 - 00001150 _____ C:\Users\User\Desktop\My Music Tools.lnk
    2013-09-09 21:08 - 2013-09-09 21:08 - 00000000 ____D C:\Program Files (x86)\Free M4a to MP3 Converter
    2013-09-09 21:07 - 2013-09-09 21:06 - 06424632 _____ (ManiacTools.com ) C:\Users\User\Downloads\m4a-to-mp3-converter.exe
    2013-09-09 21:02 - 2013-09-09 21:23 - 01299895 _____ C:\Users\User\Desktop\Broadcast.m4a
    2013-09-09 21:02 - 2013-09-09 21:02 - 01299895 _____ C:\Users\User\Downloads\Number 2.m4a
    2013-09-09 21:02 - 2013-09-09 21:02 - 01224854 _____ C:\Users\User\Downloads\Interview.m4a
    2013-09-09 21:01 - 2013-09-09 21:01 - 00323261 _____ C:\Users\User\Downloads\Part 1 #2.m4a
    2013-09-09 20:40 - 2013-09-09 20:38 - 22308174 _____ (Audacity Team ) C:\Users\User\Downloads\audacity-win-2.0.4.exe
    2013-09-08 16:17 - 2013-09-08 16:16 - 00000000 ____D C:\Users\User\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Flux
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup.exe
    2013-09-08 16:16 - 2013-09-08 16:16 - 00559424 _____ C:\Users\User\Downloads\flux-setup (1).exe
    2013-09-07 13:53 - 2013-09-07 13:53 - 00000184 _____ C:\Users\User\Downloads\Tentative Schedule Outline 2013-2014.gdoc
    2013-09-07 12:02 - 2013-09-07 12:02 - 00006926 _____ C:\Users\User\Desktop\Scan Results.130907-1201.txt
    2013-09-07 11:55 - 2013-09-07 11:55 - 00000000 ____D C:\Windows\System32\Tasks\Safer-Networking
    2013-09-07 11:54 - 2013-09-07 11:53 - 37672592 _____ (Safer-Networking Ltd. ) C:\Users\User\Downloads\spybotsd-2.1.21-SR2.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00263592 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaws.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\javaw.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00175016 _____ (Oracle Corporation) C:\Windows\SysWOW64\java.exe
    2013-09-07 11:27 - 2013-09-07 11:27 - 00096168 _____ (Oracle Corporation) C:\Windows\SysWOW64\WindowsAccessBridge-32.dll
    2013-09-07 11:27 - 2013-09-07 11:27 - 00000000 ____D C:\Program Files (x86)\Java
    2013-09-07 11:27 - 2012-08-15 22:06 - 00867240 _____ (Oracle Corporation) C:\Windows\SysWOW64\npDeployJava1.dll
    2013-09-07 11:27 - 2012-08-15 22:06 - 00789416 _____ (Oracle Corporation) C:\Windows\SysWOW64\deployJava1.dll
    2013-09-07 11:19 - 2013-09-07 11:19 - 00903080 _____ (Oracle Corporation) C:\Users\User\Downloads\chromeinstall-7u25.exe
    2013-09-07 11:18 - 2013-09-07 11:18 - 00000000 ____D C:\Users\User\AppData\Roaming\Oracle
    2013-09-07 11:06 - 2012-06-02 22:43 - 00019792 _____ C:\INSTALLHELPER.LOG
    2013-09-05 18:20 - 2013-09-05 18:20 - 00066560 _____ (Rekenwonder Software) C:\Users\User\Downloads\revealer.exe
    2013-09-04 17:31 - 2013-07-17 19:30 - 00000000 ____D C:\Users\User\Documents\My RoboForm Data
    2013-09-03 16:52 - 2013-09-03 16:52 - 00000000 ____D C:\ProgramData\McAfee
    2013-08-31 11:37 - 2012-06-02 16:17 - 00000000 ____D C:\Program Files (x86)\Microsoft Office
    2013-08-31 11:34 - 2013-08-31 11:34 - 00000000 ____D C:\Users\User\AppData\Local\Macromedia

    Some content of TEMP:
    ====================
    C:\Users\User\AppData\Local\Temp\nsk7C18.exe
    C:\Users\User\AppData\Local\Temp\nsp3D70.exe
    C:\Users\User\AppData\Local\Temp\ose00000.exe
    C:\Users\User\AppData\Local\Temp\Quarantine.exe
    C:\Users\User\AppData\Local\Temp\SkypeSetup.exe
    C:\Users\User\AppData\Local\Temp\_is25D7.exe
    C:\Users\User\AppData\Local\Temp\_is4652.exe


    ==================== Bamital & volsnap Check =================

    C:\Windows\System32\winlogon.exe => MD5 is legit
    C:\Windows\System32\wininit.exe => MD5 is legit
    C:\Windows\SysWOW64\wininit.exe => MD5 is legit
    C:\Windows\explorer.exe => MD5 is legit
    C:\Windows\SysWOW64\explorer.exe => MD5 is legit
    C:\Windows\System32\svchost.exe => MD5 is legit
    C:\Windows\SysWOW64\svchost.exe => MD5 is legit
    C:\Windows\System32\services.exe => MD5 is legit
    C:\Windows\System32\User32.dll => MD5 is legit
    C:\Windows\SysWOW64\User32.dll => MD5 is legit
    C:\Windows\System32\userinit.exe => MD5 is legit
    C:\Windows\SysWOW64\userinit.exe => MD5 is legit
    C:\Windows\System32\Drivers\volsnap.sys => MD5 is legit


    LastRegBack: 2013-09-26 23:40

    ==================== End Of Log ============================






    # AdwCleaner v3.005 - Report created 29/09/2013 at 21:59:45
    # Updated 22/09/2013 by Xplode
    # Operating System : Windows 7 Ultimate Service Pack 1 (64 bits)
    # Username : User - USER-PC
    # Running from : C:\Users\User\Downloads\AdwCleaner.exe
    # Option : Scan

    ***** [ Services ] *****

    Service Found : CltMngSvc

    ***** [ Files / Folders ] *****

    Folder Found : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
    Folder Found C:\Program Files (x86)\Conduit
    Folder Found C:\Program Files (x86)\Searchprotect
    Folder Found C:\Users\User\AppData\Local\cre
    Folder Found C:\Users\User\AppData\LocalLow\Conduit
    Folder Found C:\Users\User\AppData\Roaming\Searchprotect

    ***** [ Shortcuts ] *****


    ***** [ Registry ] *****

    Key Found : HKCU\Software\AppDataLow\Software\Conduit
    Key Found : HKCU\Software\AppDataLow\Software\SmartBar
    Key Found : HKCU\Software\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
    Key Found : HKCU\Software\SearchProtect
    Key Found : [x64] HKCU\Software\SearchProtect
    Key Found : HKLM\SOFTWARE\Google\Chrome\Extensions\apjkpjchfbckhjhokinlgdbmibpbbjak
    Key Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\SearchProtect
    Key Found : HKLM\Software\SearchProtect
    Value Found : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [SearchProtect]
    Value Found : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Run [SearchProtectAll]

    ***** [ Browsers ] *****

    -\\ Internet Explorer v10.0.9200.16686


    -\\ Mozilla Firefox v22.0 (en-GB)

    [ File : C:\Users\User\AppData\Roaming\Mozilla\Firefox\Profiles\cztbk7s6.default-1369086017973\prefs.js ]


    -\\ Google Chrome v

    [ File : C:\Users\User\AppData\Local\Google\Chrome\User Data\Default\preferences ]

    Found : homepage
    Found : homepage
    Found : homepage

    *************************

    AdwCleaner[R0].txt - [8709 octets] - [28/09/2013 10:09:36]
    AdwCleaner[R1].txt - [1923 octets] - [29/09/2013 21:59:45]
    AdwCleaner[S0].txt - [8355 octets] - [28/09/2013 10:11:47]

    ########## EOF - C:\AdwCleaner\AdwCleaner[R1].txt - [2043 octets] ##########
     
  12. Mark1956

    Mark1956 Malware Specialist

    Joined:
    May 7, 2011
    Messages:
    14,142
    Sorry for the delay.

    We need to do a bit of cleaning up and ADWCleaner is still showing Adware, but you didn't run the Clean scan.

    Please run ADWCleaner again, after the scan use the Clean button, after the reboot disregard the log that will appear and do a repeat run with it then post the new log.

    WBC Engine 2.0.0.429 appears in your installed programs list, you need to uninstall it if you have not already done so before running the scans below.

    ============================================================

    Download Temporary file cleaner and save it to the desktop.
    Double click on the icon to run it (it appears as a dark grey dustbin). For Windows 7 and Vista right click the icon and select Run as Administrator.
    When the window opens click on Start. It will close all running programs and clear the desktop icons.
    When complete you may be asked to reboot, if so accept the request and your PC will reboot automatically.

    You needn't attempt to post the log from this one.

    =====================================================

    Open Notepad and Copy & Paste the contents of the code box below into it. To do this highlight the entire contents of the box, right click on the highlighted area and select Copy then right click in the Notepad window and select Paste. Save it to the same location that FRST is saved in as fixlist.txt <--- it is very important to spell this name exactly as written here.

    Code:
    R2 WBC Engine Updater; C:\Program Files\WBC Engine\ExtensionUpdaterService.exe [185856 2013-04-28] ()
    C:\Program Files\WBC Engine\ExtensionUpdaterService.exe
    BHO: WBC Engine - {14DD0E04-D4F6-45d2-A958-F361FBD4F64F} - C:\Program Files\WBC Engine\Extension64.dll ()
    C:\Program Files\WBC Engine\Extension64.dll
    BHO-x32: WBC Engine - {14DD0E04-D4F6-45d2-A958-F361FBD4F64F} - C:\Program Files\WBC Engine\Extension32.dll ()
    C:\Program Files\WBC Engine\Extension32.dll 
    FF HKLM\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox
    C:\Program Files\WBC Engine\Firefox
    FF Extension: WBC Engine - C:\Program Files\WBC Engine\Firefox
    FF HKLM-x32\...\Firefox\Extensions: [{14DD0E04-D4F6-45d2-A958-F361FBD4F64F}] - C:\Program Files\WBC Engine\Firefox
    
    
    
    NOTICE: This script was written specifically for this user, for use on that particular machine. Running this on another machine may cause damage to your operating system.


    • Launch FRST by double clicking on it.
    • When the FRST window opens click on the Fix button just once and wait.
    • The tool will make a log in the same location the program is run from (Fixlog.txt) please Copy & Paste it into your next reply.
     
  13. Sponsor

As Seen On
As Seen On...

Welcome to Tech Support Guy!

Are you looking for the solution to your computer problem? Join our site today to ask your question. This site is completely free -- paid for by advertisers and donations.

If you're not already familiar with forums, watch our Welcome Guide to get started.

Join over 733,556 other people just like you!

Loading...
Thread Status:
Not open for further replies.

Short URL to this thread: https://techguy.org/1109214

  1. This site uses cookies to help personalise content, tailor your experience and to keep you logged in if you register.
    By continuing to use this site, you are consenting to our use of cookies.
    Dismiss Notice