OTL logfile created on: 14/11/2011 13:36:02 - Run 1
OTL by OldTimer - Version 3.2.31.0     Folder = C:\Documents and Settings\Compaq_Owner\桌面
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C04 | Country: 香港特別行政區 | Language: ZHH | Date Format: d/M/yyyy
 
247.30 Mb Total Physical Memory | 70.78 Mb Available Physical Memory | 28.62% Memory free
973.69 Mb Paging File | 284.00 Mb Available in Paging File | 29.17% Paging File free
Paging file location(s): C:\pagefile.sys 372 744 [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 70.49 Gb Total Space | 23.69 Gb Free Space | 33.61% Space Free | Partition Type: NTFS
Drive D: | 4.02 Gb Total Space | 0.24 Gb Free Space | 5.96% Space Free | Partition Type: FAT32
 
Computer Name: YOUR-B6B8C81848 | User Name: Compaq_Owner | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2011/11/14 13:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\桌面\OTL.exe
PRC - [2011/11/08 14:23:33 | 000,136,360 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2011/11/08 14:23:29 | 000,269,480 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2011/09/28 03:09:56 | 000,482,992 | ---- | M] (Crawler.com) -- C:\Program Files\Spyware Terminator\st_rsser.exe
PRC - [2011/03/04 14:51:49 | 000,281,768 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2010/01/14 21:13:27 | 000,076,968 | -H-- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avshadow.exe
PRC - [2008/11/10 04:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe
PRC - [2008/04/15 18:54:48 | 000,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\explorer.exe
PRC - [2006/01/10 16:54:42 | 000,054,784 | ---- | M] (Macrovision) -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE
PRC - [2005/10/31 11:18:48 | 000,101,888 | -H-- | M] (Walt Disney Internet Group) -- C:\Program Files\ESPNRunTime\DIGServices.exe
PRC - [2004/07/29 08:34:22 | 002,551,808 | ---- | M] (RealTek Semicoductor Corp.) -- C:\WINDOWS\ALCWZRD.EXE
PRC - [2004/07/29 07:40:18 | 000,077,824 | ---- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2010/06/17 15:30:08 | 000,355,688 | -H-- | M] () -- C:\Program Files\Avira\AntiVir Desktop\sqlite3.dll
MOD - [2009/02/27 17:49:46 | 000,311,296 | ---- | M] () -- C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\pdfshell.CHT
 
 
[color=#E56717]========== Win32 Services (SafeList) ==========[/color]
 
SRV - File not found [Auto | Stopped] --  -- (Wyyo Service)
SRV - File not found [Disabled | Stopped] --  -- (HidServ)
SRV - File not found [On_Demand | Stopped] --  -- (AppMgmt)
SRV - [2011/11/08 14:23:33 | 000,136,360 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService)
SRV - [2011/11/08 14:23:30 | 000,428,200 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\AVWEBGRD.EXE -- (AntiVirWebService)
SRV - [2011/11/08 14:23:29 | 000,340,136 | -H-- | M] (Avira GmbH) [Auto | Stopped] -- C:\Program Files\Avira\AntiVir Desktop\avmailc.exe -- (AntiVirMailService)
SRV - [2011/11/08 14:23:29 | 000,269,480 | -H-- | M] (Avira GmbH) [Auto | Running] -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService)
SRV - [2011/09/28 03:09:56 | 000,482,992 | ---- | M] (Crawler.com) [Auto | Running] -- C:\Program Files\Spyware Terminator\st_rsser.exe -- (ST2012_Svc)
SRV - [2011/06/29 15:59:18 | 000,155,344 | -H-- | M] (Avanquest Software) [On_Demand | Stopped] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCService.exe -- (Sony Ericsson PCCompanion)
SRV - [2011/03/16 10:42:06 | 000,407,336 | -H-- | M] (Valve Corporation) [On_Demand | Stopped] -- C:\Program Files\Common Files\Steam\SteamService.exe -- (Steam Client Service)
SRV - [2010/12/08 14:31:06 | 000,628,736 | -H-- | M] (Nokia) [On_Demand | Stopped] -- C:\Program Files\PC Connectivity Solution\ServiceLayer.exe -- (ServiceLayer)
SRV - [2008/11/10 04:48:14 | 000,602,392 | -H-- | M] (Yahoo! Inc.) [Auto | Running] -- C:\Program Files\Yahoo!\SoftwareUpdate\YahooAUService.exe -- (YahooAUService)
SRV - [2006/01/10 16:54:42 | 000,054,784 | ---- | M] (Macrovision) [Auto | Running] -- C:\WINDOWS\system32\drivers\CDAC11BA.EXE -- (C-DillaCdaC11BA)
SRV - [2005/07/31 22:08:57 | 000,069,120 | -H-- | M] (BOONTY) [On_Demand | Stopped] -- C:\Program Files\Common Files\BOONTY Shared\Service\Boonty.exe -- (Boonty Games)
SRV - [2005/04/05 11:17:22 | 000,206,552 | -H-- | M] (Symantec Corporation) [On_Demand | Stopped] -- c:\Program Files\Common Files\Symantec Shared\SNDSrvc.exe -- (SNDSrvc)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - [2011/11/10 19:21:34 | 000,111,872 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\TrueSight.sys -- (TrueSight)
DRV - [2011/11/08 14:23:34 | 000,138,192 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\avipbb.sys -- (avipbb)
DRV - [2011/11/08 14:23:34 | 000,066,616 | ---- | M] (Avira GmbH) [File_System | Auto | Running] -- C:\WINDOWS\system32\drivers\avgntflt.sys -- (avgntflt)
DRV - [2011/06/21 11:24:06 | 000,032,768 | ---- | M] () [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\sp_rsdrv2.sys -- (sp_rsdrv2)
DRV - [2010/12/18 19:03:56 | 000,021,696 | ---- | M] (Almico Software) [Kernel | Boot | Running] -- C:\WINDOWS\system32\speedfan.sys -- (speedfan)
DRV - [2010/07/30 14:16:46 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerfltj.sys -- (UsbserFilt)
DRV - [2010/07/30 14:16:44 | 000,008,192 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\usbser_lowerflt.sys -- (upperdev)
DRV - [2010/07/30 14:16:42 | 000,023,040 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmbo.sys -- (nmwcdc)
DRV - [2010/07/30 14:16:38 | 000,018,048 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\ccdcmb.sys -- (nmwcd)
DRV - [2010/06/17 15:30:08 | 000,028,520 | ---- | M] (Avira GmbH) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\ssmdrv.sys -- (ssmdrv)
DRV - [2010/06/17 15:30:03 | 000,011,608 | -H-- | M] (Avira GmbH) [Kernel | System | Running] -- C:\Program Files\Avira\AntiVir Desktop\avgio.sys -- (avgio)
DRV - [2009/02/24 18:42:14 | 000,116,736 | ---- | M] (MagicISO, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\mcdbus.sys -- (mcdbus)
DRV - [2008/08/26 09:26:12 | 000,018,816 | ---- | M] (Nokia) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\pccsmcfd.sys -- (pccsmcfd)
DRV - [2007/12/20 17:40:12 | 000,685,816 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\System32\Drivers\sptd.sys -- (sptd)
DRV - [2007/06/29 14:47:34 | 000,034,304 | ---- | M] (AMD, Inc.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\AmdLLD.sys -- (AmdLLD)
DRV - [2006/01/10 16:54:17 | 000,012,464 | ---- | M] (Macrovision Europe Ltd) [Kernel | Auto | Running] -- C:\WINDOWS\system32\drivers\CdaC15BA.SYS -- (CdaC15BA)
DRV - [2005/11/22 00:35:00 | 000,199,408 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Symantec Shared\SymcData\idsdefs\20051122.048\SymIDSCo.sys -- (SYMIDSCO)
DRV - [2005/07/28 14:52:18 | 000,123,712 | -H-- | M] (Symantec Corporation) [Kernel | On_Demand | Running] -- C:\Program Files\Symantec\SYMEVENT.SYS -- (SymEvent)
DRV - [2005/04/05 11:17:02 | 000,267,192 | ---- | M] (Symantec Corporation) [Kernel | System | Running] -- C:\WINDOWS\System32\Drivers\SYMTDI.SYS -- (SYMTDI)
DRV - [2005/04/05 11:17:00 | 000,017,976 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMREDRV.SYS -- (SYMREDRV)
DRV - [2005/04/05 11:16:58 | 000,036,984 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMIDS.SYS -- (SYMIDS)
DRV - [2005/04/05 11:16:56 | 000,047,192 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMNDIS.SYS -- (SYMNDIS)
DRV - [2005/04/05 11:16:54 | 000,173,208 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMFW.SYS -- (SYMFW)
DRV - [2005/04/05 11:16:52 | 000,011,512 | ---- | M] (Symantec Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\System32\Drivers\SYMDNS.SYS -- (SYMDNS)
DRV - [2004/09/30 05:55:50 | 000,229,888 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | On_Demand | Stopped] -- C:\WINDOWS\system32\drivers\sisgrp.sys -- (SiS315)
DRV - [2004/09/24 17:38:40 | 000,012,928 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\srvkp.sys -- (SiSkp)
DRV - [2004/08/12 18:00:00 | 000,012,160 | ---- | M] (Microsoft Corporation) [Kernel | System | Running] -- C:\WINDOWS\system32\drivers\fsvga.sys -- (FsVga)
DRV - [2004/07/30 03:04:26 | 002,216,128 | ---- | M] (Realtek Semiconductor Corp.) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\RtkHDAud.sys -- (IntcAzAudAddService) Service for Realtek HD Audio (WDM)
DRV - [2003/07/18 23:58:20 | 000,036,992 | ---- | M] (Silicon Integrated Systems Corporation) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\SISAGPX.sys -- (SISAGP)
DRV - [2003/07/02 18:42:00 | 000,027,904 | ---- | M] (VIA Technologies, Inc.) [Kernel | Boot | Running] -- C:\WINDOWS\system32\DRIVERS\viaagp1.sys -- (viaagp1)
DRV - [2002/10/05 00:04:10 | 000,046,976 | ---- | M] (Realtek Semiconductor Corporation       ) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\R8139n51.sys -- (rtl8139)
DRV - [2002/07/30 05:43:50 | 000,023,808 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Running] -- C:\WINDOWS\system32\drivers\PS2.sys -- (Ps2)
DRV - [1996/04/04 03:33:26 | 000,005,248 | ---- | M] () [Kernel | Boot | Running] -- C:\WINDOWS\system32\giveio.sys -- (giveio)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Secondary Start Pages = http://hk.news.yahoo.com [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = 
 
 
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
 
 
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://search13.net/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL = http://search13.net/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = http://search13.net/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page = http://search13.net/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchDefaultBranded = 1
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultName = Live Search
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,SearchMigratedDefaultURL = http://search.live.com/results.aspx?q={searchTerms}&src={referrer:source?}
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.yahoo.com.hk/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch = http://search13.net/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Search,Default_Search_URL = http://www.google.com/ie
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant = http://search13.net/
IE - HKU\S-1-5-21-244719459-1331797888-486331773-1007\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.startup.homepage: "yahoo.hk"
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}:6.0.23
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..extensions.enabledItems: jqs@sun.com:1.0
FF - prefs.js..extensions.enabledItems: {0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}:1.5.0.850
FF - prefs.js..extensions.enabledItems: {2224E955-00E9-4613-A844-CE69FCCAAE91}:3.4.0.4340
FF - prefs.js..extensions.enabledItems: bkmrksync@nokia.com:1.0.0.736
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}:6.0.26
FF - prefs.js..extensions.enabledItems: {23fcfd51-4958-4f00-80a3-ae97e717ed8b}:2.1.2.126
 
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\WINDOWS\system32\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@bittorrent.com/BitTorrentDNA: C:\Program Files\DNA\plugins\npbtdna.dll (BitTorrent, Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll (DivX, LLC)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX VOD Helper,version=1.0.0: C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll (DivX, LLC.)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll (Sun Microsystems, Inc.)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=14.0.8117.0416: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=6.0.12.450: C:\Program Files\Real Alternative\browser\plugins\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=6.0.12.448: C:\Program Files\Real Alternative\browser\plugins\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.3.21.79\npGoogleUpdate3.dll (Google Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{2224E955-00E9-4613-A844-CE69FCCAAE91}: C:\Program Files\Internet Saving Optimizer\3.4.0.4340\FF [2009/07/30 13:56:52 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{0BA0192D-94A5-45e3-B2B8-3EC5A1A0B5EC}: C:\Program Files\Media Access Startup\1.5.0.850\FF [2009/07/30 13:57:00 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\bkmrksync@nokia.com: C:\Program Files\Nokia\Nokia PC Suite 7\bkmrksync\ [2011/06/13 18:26:57 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{23fcfd51-4958-4f00-80a3-ae97e717ed8b}: C:\Program Files\DivX\DivX Plus Web Player\firefox\DivXHTML5 [2011/09/10 01:19:10 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2011/09/26 17:57:26 | 000,000,000 | -H-D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 6.0.2\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2011/09/26 17:57:24 | 000,000,000 | -H-D | M]
 
[2009/12/19 16:01:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Extensions
[2011/10/29 14:51:15 | 000,000,000 | ---D | M] (No name found) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\n3n2wduz.default\extensions
[2009/12/19 16:08:00 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\n3n2wduz.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2007/07/09 10:20:43 | 000,000,000 | ---D | M] (Google Toolbar for Firefox) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\n3n2wduz.default\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2007/07/12 10:50:09 | 000,000,000 | ---D | M] (Megaupload Toolbar) -- C:\Documents and Settings\Compaq_Owner\Application Data\Mozilla\Firefox\Profiles\n3n2wduz.default\extensions\{991A772A-BA13-4c1d-A9EF-F897F31DEC7D}
[2011/09/26 17:57:26 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions
[2007/10/03 15:38:11 | 000,000,000 | -H-D | M] (Google Toolbar for Firefox) -- C:\Program Files\Mozilla Firefox\extensions\{3112ca9c-de6d-4884-a869-9855de68056c}
[2011/02/11 22:53:56 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
[2011/05/11 16:31:20 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2011/08/11 13:14:35 | 000,000,000 | -H-D | M] (Java Console) -- C:\Program Files\Mozilla Firefox\extensions\{CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA}
[2009/12/19 16:01:19 | 000,000,000 | -H-D | M] (No name found) -- C:\Program Files\Mozilla Firefox\extensions\talkback@mozilla.org
() (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N3N2WDUZ.DEFAULT\EXTENSIONS\{CE6E6E3B-84DD-4CAC-9F63-8D2AE4F30A4B}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N3N2WDUZ.DEFAULT\EXTENSIONS\{D10D0BF8-F5B5-C8B4-A8B2-2B9879E08C5D}.XPI
() (No name found) -- C:\DOCUMENTS AND SETTINGS\COMPAQ_OWNER\APPLICATION DATA\MOZILLA\FIREFOX\PROFILES\N3N2WDUZ.DEFAULT\EXTENSIONS\INFO@LIPO-TECHNOLOGIES.COM.XPI
[2009/03/15 19:25:31 | 000,000,000 | -H-D | M] (Java Quick Starter) -- C:\PROGRAM FILES\JAVA\JRE6\LIB\DEPLOY\JQS\FF
[2011/09/03 14:45:06 | 000,134,104 | -H-- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browsercomps.dll
[2008/01/08 08:45:16 | 000,054,600 | -H-- | M] (BitTorrent, Inc.) -- C:\Program Files\mozilla firefox\plugins\npbittorrent.dll
[2011/05/04 04:52:23 | 000,476,904 | -H-- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeployJava1.dll
[2010/09/17 14:00:12 | 000,305,152 | -H-- | M] ( ) -- C:\Program Files\mozilla firefox\plugins\npuuseep.dll
[2011/09/03 09:27:31 | 000,002,310 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\findbook-zh-TW.xml
[2011/09/03 09:27:31 | 000,001,222 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-zh-TW.xml
[2011/09/03 09:27:31 | 000,001,360 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-answer-zh-TW.xml
[2011/09/03 09:27:31 | 000,000,843 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-bid-zh-TW.xml
[2011/09/03 09:27:31 | 000,001,161 | -H-- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-zh-TW.xml
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - plugin: Shockwave Flash (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\WINDOWS\system32\Macromed\Flash\NPSWF32.dll
CHR - plugin: Java Deployment Toolkit 6.0.260.3 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npdeployJava1.dll
CHR - plugin: Java(TM) Platform SE 6 U26 (Enabled) = C:\Program Files\Java\jre6\bin\new_plugin\npjp2.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: Shockwave for Director (Enabled) = C:\WINDOWS\system32\Adobe\Director\np32dsw.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Plus Web Player\npdivx32.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\nprpjplug.dll
CHR - plugin: Windows Media Player Plug-in Dynamic Link Library (Enabled) = C:\Program Files\Windows Media Player\npdsplay.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~1\MICROS~4\Office14\NPSPWRAP.DLL
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\Application\15.0.874.106\pdf.dll
CHR - plugin: BitTorrent (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npbittorrent.dll
CHR - plugin: npruntime scriptable example plugin (Enabled) = C:\Program Files\Mozilla Firefox\plugins\npuuseep.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npdrmv2.dll
CHR - plugin: Microsoft\u00AE DRM (Enabled) = C:\Program Files\Windows Media Player\npwmsdrm.dll
CHR - plugin: Google Update (Enabled) = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Update\1.3.21.69\npGoogleUpdate3.dll
CHR - plugin: DNA Plug-in (Enabled) = C:\Program Files\DNA\plugins\npbtdna.dll
CHR - plugin: DivX VOD Helper Plug-in (Enabled) = C:\Program Files\DivX\DivX OVS Helper\npovshelper.dll
CHR - plugin: Windows Live\u00AE Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Default Plug-in (Enabled) = default_plugin
CHR - Extension: Koji NISHIDA = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\acganlmcjehnfmehkmlimgkaloifodlf\2_0\
CHR - Extension: \u95DC\u71C8\u770B\u5F71\u7247 = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\bfbmjmiodbnnpllbbbfblcplfjjepjdn\2.0.0.11_0\
CHR - Extension: \u76F8\u7247\u5FEB\u89BD = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\gcdnkhmbcjbngnfkdoegbeeibikpkkop\1.0.1.6_0\
CHR - Extension: DivX Plus Web Player HTML5 \u003Cvideo\u003E = C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Google\Chrome\User Data\Default\Extensions\nneajnkjbffgblleaoojgaacokifdkhm\2.1.2.126_0\
 
O1 HOSTS File: ([2010/10/13 20:23:52 | 000,000,831 | ---- | M]) - C:\WINDOWS\system32\drivers\etc\HOSTS
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: 74.125.39.99 clients2.google.com
O1 - Hosts: 74.125.39.99 chrome.google.com
O1 - Hosts: 74.125.39.99 tools.google.com
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (ShowHKToolbar Class) - {06433BFE-4946-4E89-823D-CD359C81CD06} - C:\Program Files\881903\IETOOLBAR\hktbar.dll (Hong Kong Commercial Broadcasting Co. Ltd.)
O2 - BHO: (DivX Plus Web Player HTML5 <video>) - {326E768D-4182-46FD-9C16-1449A49795F4} - C:\Program Files\DivX\DivX Plus Web Player\ie\DivXHTML5\DivXHTML5.dll (DivX, LLC)
O2 - BHO: (Hong Kong Toolbar) - {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - C:\Program Files\881903\IETOOLBAR\hktbar.dll (Hong Kong Commercial Broadcasting Co. Ltd.)
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.6406.1642\swg.dll (Google Inc.)
O2 - BHO: (Office Document Cache Handler) - {B4F3A835-0E21-4959-BA22-42B3008E02FF} - C:\Program Files\Microsoft Office\Office14\URLREDIR.DLL (Microsoft Corporation)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (Hong Kong Toolbar) - {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - C:\Program Files\881903\IETOOLBAR\hktbar.dll (Hong Kong Commercial Broadcasting Co. Ltd.)
O3 - HKLM\..\Toolbar: (&ESPN) - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll File not found
O3 - HKLM\..\Toolbar: (Yahoo! 工具列) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\..\Toolbar\ShellBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\..\Toolbar\WebBrowser: (no name) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - No CLSID value found.
O3 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\..\Toolbar\WebBrowser: (no name) - {42CDD1BF-3FFB-4238-8AD1-7859DF00B1D6} - No CLSID value found.
O3 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\..\Toolbar\WebBrowser: (Hong Kong Toolbar) - {481EE3EC-C026-4F9A-BA22-FD07654ADFC0} - C:\Program Files\881903\IETOOLBAR\hktbar.dll (Hong Kong Commercial Broadcasting Co. Ltd.)
O3 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\..\Toolbar\WebBrowser: (&ESPN) - {AE6F2894-AF10-4C9C-B16E-1DFC6FF8C0C6} - C:\Program Files\ESPN\Toolbar\DIGToolBar.dll File not found
O3 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\..\Toolbar\WebBrowser: (Yahoo! 工具列) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: []  File not found
O4 - HKLM..\Run: [AlcWzrd] C:\WINDOWS\ALCWZRD.EXE (RealTek Semicoductor Corp.)
O4 - HKLM..\Run: [amd_dc_opt] C:\Program Files\AMD\Dual-Core Optimizer\amd_dc_opt.exe (AMD)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [DIGServices] C:\Program Files\ESPNRunTime\DIGServices.exe (Walt Disney Internet Group)
O4 - HKLM..\Run: [IMEKRMIG6.1] C:\WINDOWS\ime\imkr6_1\IMEKRMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [LSBWatcher] c:\hp\drivers\hplsbwatcher\lsburnwatcher.exe (Hewlett-Packard Company)
O4 - HKLM..\Run: [MSPY2002] C:\WINDOWS\System32\IME\PINTLGNT\ImScInst.exe ()
O4 - HKLM..\Run: [PS2] C:\WINDOWS\system32\ps2.exe File not found
O4 - HKLM..\Run: [Recguard] C:\WINDOWS\SMINST\RECGUARD.EXE ()
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SpywareTerminatorShield] C:\Program Files\Spyware Terminator\SpywareTerminatorShield.exe (Crawler.com)
O4 - HKLM..\Run: [SpywareTerminatorUpdater] C:\Program Files\Spyware Terminator\SpywareTerminatorUpdate.exe (Crawler.com)
O4 - HKLM..\Run: [VTTimer] VTTimer.exe File not found
O4 - HKU\S-1-5-21-244719459-1331797888-486331773-1007..\Run: [Acme.PCHButton] C:\Program Files\Help and Support Additions\HPQ\XPXWWPP5\plugin\bin\PCHButton.exe (Motive Communications, Inc.)
O4 - HKU\S-1-5-21-244719459-1331797888-486331773-1007..\Run: [BoontyBox]  File not found
O4 - HKU\S-1-5-21-244719459-1331797888-486331773-1007..\Run: [Steam] "C:\Program Files\新資料夾\Steam.exe" -silent File not found
O4 - Startup: C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\祔襠紱攫忒.lnk =  File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O7 - HKU\.DEFAULT\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-18\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-19\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-20\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O7 - HKU\S-1-5-21-244719459-1331797888-486331773-1007\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 145
O8 - Extra context menu item: E&xport to Microsoft Excel - res://C:\PROGRA~1\MICROS~4\Office12\EXCEL.EXE/3000 File not found
O8 - Extra context menu item: Foxy 下載 - C:\Program Files\Foxy\Foxy.exe (Foxy, Inc.)
O8 - Extra context menu item: Foxy 搜尋 - C:\Program Files\Foxy\Foxy.exe (Foxy, Inc.)
O8 - Extra context menu item: Google 網頁註解... - res://C:\Program Files\Google\Google Toolbar\Component\GoogleToolbarDynamic_mui_en_43C348BC2E93EB2B.dll/cmsidewiki.html File not found
O8 - Extra context menu item: 加到 Windows Live Favorites(W) - http://favorites.live.com/quickadd.aspx File not found
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - C:\Program Files\Microsoft Office\Office14\EXCEL.EXE (Microsoft Corporation)
O9 - Extra Button: StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm File not found
O9 - Extra 'Tools' menuitem : StylishProfile - {14CD42DD-ABCD-3586-DCAB-40E3693E3737} - C:\Program Files\Stylish Profile\ct.htm File not found
O9 - Extra Button: PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O9 - Extra 'Tools' menuitem : PPLive - {95B3F550-91C4-4627-BCC4-521288C52977} - C:\Program Files\PPLive\PPTV\PPLive.exe (PPLive Corporation)
O10 - Protocol_Catalog9\Catalog_Entries\000000000001 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000002 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O10 - Protocol_Catalog9\Catalog_Entries\000000000020 - C:\Program Files\Avira\AntiVir Desktop\avsda.dll (Avira GmbH)
O16 - DPF: {02BF25D5-8C17-4B23-BC80-D3488ABDDC6B} http://appldnld.apple.com.edgesuite.net/content.info.apple.com/QuickTime/qtactivex/qtplugin.cab (Reg Error: Key error.)
O16 - DPF: {03B39B10-9AB9-4DBB-8189-7F76E0CE5F3F} https://favorites.live.com/cab/ImportAx.cab?v=13,0,0831,02 (FavImport Class)
O16 - DPF: {072039AB-2117-4ED5-A85F-9B9EB903E021} http://www.clubbox.co.kr/neo.fld/NowStarter.cab (NowStarter Control)
O16 - DPF: {149E45D8-163E-4189-86FC-45022AB2B6C9} file:///C:/Program%20Files/Bejeweled%202/Images/stg_drm.ocx (SpinTop DRM Control)
O16 - DPF: {164B406B-0FD6-4E7F-BA7E-64D227D4CA37} http://www.digitalwebbooks.com/reader/dbplugin.cab (dnlplayer Class)
O16 - DPF: {166B1BCA-3F9C-11CF-8075-444553540000} http://fpdownload.macromedia.com/get/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {1D4DB7D2-6EC9-47A3-BD87-1E41684E07BB} http://ak.exe.imgfarm.com/images/nocache/funwebproducts/ei-3/CursorManiaFWBInitialSetup1.0.1.0.cab (Reg Error: Key error.)
O16 - DPF: {20A60F0D-9AFA-4515-A0FD-83BD84642501} http://messenger.zone.msn.com/binary/msgrchkr.cab56986.cab (Checkers Class)
O16 - DPF: {233C1507-6A77-46A4-9443-F871F945D258} http://download.macromedia.com/pub/shockwave/cabs/director/sw.cab (Shockwave ActiveX Control)
O16 - DPF: {2931566C-B8A6-46C5-BF4D-E6AB9251E953} http://file.nx.com/activex/public_new/nxpm.cab (Nexon Package Manager Control)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {33527649-30BB-4C61-9D70-638D64A6670E} http://www.littlefighteronline.com/hk/yahoo_hk/LaunchLFO.ocx (LaunchLFO Control)
O16 - DPF: {47F7AB40-86FD-4385-991D-895E2E3E1255} http://2008.i-cable.com/webapps/live_video/p2pactx.cab (p2pactx Control)
O16 - DPF: {4C833081-D026-4FF8-968F-7EAB660D2FBA} http://download.tvants.com/pub/tvants/tvants1/win32/cab/tvants.cab (Reg Error: Key error.)
O16 - DPF: {4F1E5B1A-2A80-42CA-8532-2D05CB959537} http://spaces.msn.com/PhotoUpload/MsnPUpld.cab?10,0,911,0 (MSN Photo Upload Tool)
O16 - DPF: {55027008-315F-4F45-BBC3-8BE119764741} http://www.slide.com/uploader/SlideImageUploader.cab (Slide Image Uploader Control)
O16 - DPF: {5C051655-FCD5-4969-9182-770EA5AA5565} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab56986.cab (Solitaire Showdown Class)
O16 - DPF: {5D6F45B3-9043-443D-A792-115447494D24} http://messenger.zone.msn.com/MessengerGamesContent/GameContent/zh-Hant/uno1/GAME_UNO1.cab (UnoCtrl Class)
O16 - DPF: {5EC7C511-CD0F-42E6-830C-1BD9882F3458} http://download.ppstream.com/bin/powerplayer.cab (PowerPlayer Control)
O16 - DPF: {6414512B-B978-451D-A0D8-FCFDF33E833C} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/wuweb_site.cab?1133767466234 (WUWebControl Class)
O16 - DPF: {6E32070A-766D-4EE6-879C-DC1FA91D2FC3} http://update.microsoft.com/microsoftupdate/v6/V5Controls/en/x86/client/muweb_site.cab?1133767443718 (MUWebControl Class)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {8E0D4DE5-3180-4024-A327-4DFAD1796A8D} http://messenger.zone.msn.com/binary/MessengerStatsClient.cab31267.cab (MessengerStatsClient Class)
O16 - DPF: {8FFBE65D-2C9C-4669-84BD-5829DC0B603C} http://fpdownload.macromedia.com/get/flashplayer/current/polarbear/ultrashim.cab (Reg Error: Key error.)
O16 - DPF: {A243F6C2-34D2-4549-BCCD-A7BEF759B236} http://img.funtigo.com/images/uploader/ssiPictureUploader.cab (Seekford Solutions, Inc.'s ssiPictureUploader Control)
O16 - DPF: {B38870E4-7ECB-40DA-8C6A-595F0A5519FF} http://messenger.msn.com/download/MsnMessengerSetupDownloader.cab (MsnMessengerSetupDownloadControl Class)
O16 - DPF: {B8BE5E93-A60C-4D26-A2DC-220313175592} http://messenger.zone.msn.com/binary/ZIntro.cab56649.cab (MSN Games - Installer)
O16 - DPF: {C3F79A2B-B9B4-4A66-B012-3EE46475B072} http://messenger.zone.msn.com/binary/MessengerStatsPAClient.cab56907.cab (MessengerStatsClient Class)
O16 - DPF: {C4925E65-7A1E-11D2-8BB4-00A0C9CC72C3} http://a532.g.akamai.net/f/532/6712/5m/virtools.download.akamai.com/6712/player/install3.5/installer.exe (Virtools WebPlayer Class)
O16 - DPF: {CAFEEFAC-0014-0002-0003-ABCDEFFEDCBA} http://java.sun.com/products/plugin/autodl/jinstall-142-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0015-0000-0006-ABCDEFFEDCBA} http://java.sun.com/update/1.5.0/jinstall-1_5_0_06-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0002-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_02-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0003-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_03-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0005-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_05-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0007-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_07-windows-i586.cab (Reg Error: Key error.)
O16 - DPF: {CAFEEFAC-0016-0000-0026-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/update/1.6.0/jinstall-1_6_0_26-windows-i586.cab (Java Plug-in 1.6.0_26)
O16 - DPF: {CB8C846C-955F-407F-BC0B-22D1D573DD78} http://weblogin.funtown.com.hk/Weblogin_ActiveX.CAB (Funtown_Weblogin.Weblogin_ActiveX)
O16 - DPF: {CC450D71-CC90-424C-8638-1F2DBAC87A54} file:///C:/Program%20Files/Bejeweled%202/Images/armhelper.ocx (ArmHelper Control)
O16 - DPF: {F5A7706B-B9C0-4C89-A715-7A0C6B05DD48} http://messenger.zone.msn.com/binary/MineSweeper.cab56986.cab (Minesweeper Flags Class)
O16 - DPF: {F6BF0D00-0B2A-4A75-BF7B-F385591623AF} http://messenger.zone.msn.com/binary/SolitaireShowdown.cab31267.cab (Solitaire Showdown Class)
O16 - DPF: Microsoft XML Parser for Java file:///C:/WINDOWS/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.8.1
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{84B1A40F-6ED0-4C62-9169-71CADB07BAAB}: NameServer = 218.102.60.110 218.102.52.81
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{A6DBAB60-4AF9-4B3C-822A-0823421AC102}: DhcpNameServer = 192.168.8.1
O18 - Protocol\Handler\cetihpz {CF184AD3-CDCB-4168-A3F7-8E447D129300} - C:\Program Files\HP\hpcoretech\comp\hpuiprot.dll (Hewlett-Packard Company)
O20 - HKLM Winlogon: Shell - (Explorer.exe) -C:\WINDOWS\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\WINDOWS\system32\userinit.exe) -C:\WINDOWS\system32\userinit.exe (Microsoft Corporation)
O20 - Winlogon\Notify\igfxcui: DllName - (igfxsrvc.dll) - C:\WINDOWS\System32\igfxsrvc.dll (Intel Corporation)
O24 - Desktop Components:0 (目前的首頁) - About:Home
O24 - Desktop WallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O24 - Desktop BackupWallPaper: C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microsoft\Wallpaper1.bmp
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2004/01/05 10:39:07 | 000,000,000 | -H-- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O32 - AutoRun File - [2001/07/27 15:07:38 | 000,000,000 | --S- | M] () - D:\AUTOEXEC.BAT -- [ FAT32 ]
O32 - AutoRun File - [2004/04/30 07:01:14 | 000,000,053 | --S- | M] () - D:\AUTORUN.FCB -- [ FAT32 ]
O33 - MountPoints2\{33c7faca-9afb-11de-a97a-0011d8288acf}\Shell - "" = AutoRun
O33 - MountPoints2\{33c7faca-9afb-11de-a97a-0011d8288acf}\Shell\AutoRun\command - "" = F:\NokiaPCIA_Autorun.exe
O33 - MountPoints2\{37165260-eb37-11db-a206-0011d8288acf}\Shell - "" = AutoRun
O33 - MountPoints2\{37165260-eb37-11db-a206-0011d8288acf}\Shell\AutoRun\command - "" = F:\LaunchU3.exe -a
O33 - MountPoints2\{dd379c7d-9ca4-11e0-ae46-0011d8288acf}\Shell - "" = AutoRun
O33 - MountPoints2\{dd379c7d-9ca4-11e0-ae46-0011d8288acf}\Shell\AutoRun\command - "" = F:\Autorun.exe
O34 - HKLM BootExecute: (autocheck autochk *)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2011/11/14 13:26:50 | 000,584,192 | ---- | C] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\桌面\OTL.exe
[2011/11/13 20:37:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Application Data\Spyware Terminator
[2011/11/13 20:37:30 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2011/11/13 20:37:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Spyware Terminator 2012
[2011/11/13 20:34:52 | 000,000,000 | ---D | C] -- C:\Program Files\Spyware Terminator
[2011/11/10 19:09:03 | 000,000,000 | R--D | C] -- C:\Documents and Settings\Compaq_Owner\Recent
[2011/11/10 17:54:18 | 000,499,712 | --S- | C] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\ItjhoTuqFV.exe
[2011/11/07 15:28:15 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\「開始」功能表\程式集\GridinSoft
[2011/11/07 15:27:46 | 000,000,000 | -H-D | C] -- C:\Program Files\GridinSoft Trojan Killer
[2011/11/06 23:23:46 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\「開始」功能表\程式集\System Restore
[2011/11/06 23:22:22 | 000,353,280 | ---- | C] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk.exe
[2011/11/06 23:20:56 | 000,466,944 | --S- | C] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\kuRLTCDnyhmgyh.exe
[2011/11/06 23:18:58 | 000,462,848 | --S- | C] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\EMSTOQkqCSJFM.exe
[2011/10/27 20:50:43 | 000,000,000 | ---D | C] -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\Microangelo Toolset 6
[2011/10/27 20:49:08 | 000,000,000 | ---D | C] -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Microangelo Toolset 6
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2011/11/14 13:42:07 | 000,000,530 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2011/11/14 13:25:23 | 000,584,192 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Compaq_Owner\桌面\OTL.exe
[2011/11/14 10:10:46 | 000,002,323 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/14 10:10:45 | 000,002,345 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\桌面\Google Chrome.lnk
[2011/11/14 10:10:33 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\At1.job
[2011/11/14 10:01:07 | 000,000,650 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-244719459-1331797888-486331773-1007UA.job
[2011/11/14 09:01:33 | 000,000,598 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskUserS-1-5-21-244719459-1331797888-486331773-1007Core.job
[2011/11/14 08:59:22 | 000,000,248 | ---- | M] () -- C:\WINDOWS\System\hpsysdrv.dat
[2011/11/14 08:59:21 | 000,000,526 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2011/11/14 08:59:18 | 000,000,416 | ---- | M] () -- C:\WINDOWS\tasks\PCConfidential.job
[2011/11/14 08:59:06 | 000,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2011/11/14 08:59:05 | 259,379,200 | -HS- | M] () -- C:\hiberfil.sys
[2011/11/13 20:40:12 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\At2.job
[2011/11/13 17:13:04 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\At3.job
[2011/11/13 14:31:21 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\tasks\User_Feed_Synchronization-{F1074E1F-2FDC-417F-9830-4B4940F1801D}.job
[2011/11/12 14:00:08 | 000,000,454 | ---- | M] () -- C:\WINDOWS\tasks\At4.job
[2011/11/10 19:21:34 | 000,111,872 | ---- | M] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/11/10 18:01:38 | 000,000,296 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk
[2011/11/10 18:01:37 | 000,000,216 | -H-- | M] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr
[2011/11/10 17:50:53 | 000,499,712 | --S- | M] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\ItjhoTuqFV.exe
[2011/11/10 13:21:22 | 000,001,158 | -H-- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2011/11/10 10:52:28 | 000,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2011/11/10 10:45:59 | 000,000,129 | ---- | M] () -- C:\WINDOWS\System32\MRT.INI
[2011/11/08 14:23:34 | 000,138,192 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avipbb.sys
[2011/11/08 14:23:34 | 000,066,616 | ---- | M] (Avira GmbH) -- C:\WINDOWS\System32\drivers\avgntflt.sys
[2011/11/07 14:37:55 | 000,000,464 | ---- | M] () -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
[2011/11/06 23:52:21 | 000,000,865 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\System Restore.lnk
[2011/11/06 23:22:23 | 000,353,280 | ---- | M] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk.exe
[2011/11/06 23:20:22 | 000,466,944 | --S- | M] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\kuRLTCDnyhmgyh.exe
[2011/11/06 23:18:21 | 000,462,848 | --S- | M] (Recover Inc) -- C:\Documents and Settings\All Users\Application Data\EMSTOQkqCSJFM.exe
[2011/10/27 15:23:07 | 000,092,560 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\My Documents\bookmarks_11_10_27.html
[2011/10/25 18:24:23 | 000,001,737 | ---- | M] () -- C:\Documents and Settings\All Users\桌面\Adobe Reader 9.lnk
[2011/10/17 18:02:29 | 000,000,885 | ---- | M] () -- C:\Documents and Settings\Compaq_Owner\桌面\CS 1.6.lnk
[9 C:\WINDOWS\System32\*.tmp files -> C:\WINDOWS\System32\*.tmp -> ]
[2 C:\WINDOWS\*.tmp files -> C:\WINDOWS\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2011/11/13 20:37:40 | 000,032,768 | ---- | C] () -- C:\WINDOWS\System32\drivers\sp_rsdrv2.sys
[2011/11/10 10:45:57 | 000,000,129 | ---- | C] () -- C:\WINDOWS\System32\MRT.INI
[2011/11/07 02:13:53 | 000,001,913 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\Sony Ericsson PC Companion 2.0.lnk
[2011/11/07 02:13:53 | 000,001,737 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\Adobe Reader 9.lnk
[2011/11/07 02:13:53 | 000,000,739 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\PPTV.lnk
[2011/11/07 02:13:53 | 000,000,732 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\Mozilla Firefox.lnk
[2011/11/07 02:13:52 | 000,002,323 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2011/11/07 02:13:52 | 000,001,640 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\iTunes.lnk
[2011/11/07 02:13:52 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\啟動 Internet Explorer 瀏覽器.lnk
[2011/11/07 02:13:52 | 000,000,823 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2011/11/07 02:13:52 | 000,000,814 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Poladroid 9.6.0.lnk
[2011/11/07 02:13:52 | 000,000,808 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Windows Media Player.lnk
[2011/11/07 02:13:52 | 000,000,757 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\PPTV 厙釐萇弝.lnk
[2011/11/07 02:13:52 | 000,000,754 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\PPStream.lnk
[2011/11/07 02:13:52 | 000,000,750 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\QuickTime Player.lnk
[2011/11/07 02:13:52 | 000,000,692 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Picasa2.lnk
[2011/11/07 02:13:52 | 000,000,652 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Foxy.lnk
[2011/11/07 02:13:52 | 000,000,079 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\顯示桌面.scf
[2011/11/07 02:13:52 | 000,000,015 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\Internet Explorer.bestie
[2011/11/07 02:13:51 | 000,000,676 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\BitTorrent.lnk
[2011/11/07 02:13:51 | 000,000,668 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\DcOo CS1.6 笢恅唳.lnk
[2011/11/07 02:13:51 | 000,000,519 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\DcOo CS1.6.lnk
[2011/11/07 02:13:47 | 000,001,968 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Windows 筆記本檢視器.lnk
[2011/11/07 02:13:47 | 000,000,879 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\WordPad.lnk
[2011/11/07 02:13:47 | 000,000,698 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\啟動\祔襠紱攫忒.lnk
[2011/11/07 02:13:47 | 000,000,503 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Windows Messenger.lnk
[2011/11/07 02:13:45 | 000,000,796 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Poladroid 0.9.6r0.lnk
[2011/11/07 02:13:44 | 000,001,749 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Microsoft Office PowerPoint Viewer 2003.lnk
[2011/11/07 02:13:44 | 000,001,603 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Microsoft Works 工作總管.lnk
[2011/11/07 02:13:40 | 000,002,347 | ---- | C] () -- C:\Documents and Settings\All Users\「開始」功能表\程式集\Adobe Reader 9.lnk
[2011/11/07 01:10:08 | 000,111,872 | ---- | C] () -- C:\WINDOWS\System32\drivers\TrueSight.sys
[2011/11/06 23:52:19 | 000,000,865 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Microsoft\Internet Explorer\Quick Launch\System Restore.lnk
[2011/11/06 23:24:45 | 000,000,216 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjkr
[2011/11/06 23:24:44 | 000,000,296 | -H-- | C] () -- C:\Documents and Settings\All Users\Application Data\~6DSS92c31Apgjk
[2011/11/06 23:23:30 | 000,000,464 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\6DSS92c31Apgjk
[2011/10/27 15:23:05 | 000,092,560 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\My Documents\bookmarks_11_10_27.html
[2011/10/17 18:02:28 | 000,000,885 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\桌面\CS 1.6.lnk
[2011/06/09 11:15:02 | 000,709,992 | ---- | C] () -- C:\WINDOWS\System32\kindling.dll
[2011/04/13 04:47:38 | 000,000,204 | ---- | C] () -- C:\WINDOWS\System32\bdsecustat.dat
[2011/04/05 23:49:42 | 000,000,552 | ---- | C] () -- C:\WINDOWS\System32\d3d8caps.dat
[2011/01/01 20:42:21 | 002,378,752 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2010/10/27 20:18:30 | 000,137,176 | ---- | C] () -- C:\WINDOWS\System32\drivers\PnkBstrK.sys
[2010/10/27 20:07:34 | 000,268,952 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrB.exe
[2010/10/27 20:07:13 | 000,075,136 | ---- | C] () -- C:\WINDOWS\System32\PnkBstrA.exe
[2010/10/05 10:56:27 | 000,000,510 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\Poladroid prefs.plist
[2010/06/18 08:37:50 | 000,000,664 | ---- | C] () -- C:\WINDOWS\System32\d3d9caps.dat
[2010/06/14 22:55:38 | 000,000,204 | -H-- | C] () -- C:\WINDOWS\struct~.ini
[2010/05/04 20:01:02 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\UnACE.dll
[2009/12/23 15:35:23 | 000,000,016 | ---- | C] () -- C:\WINDOWS\popcinfo.dat
[2009/11/04 23:51:38 | 000,000,248 | ---- | C] () -- C:\WINDOWS\System32\secustat.dat
[2009/11/04 23:51:34 | 000,000,305 | ---- | C] () -- C:\WINDOWS\System32\secushr.dat
[2009/10/24 09:09:28 | 000,000,060 | -H-- | C] () -- C:\WINDOWS\MediaList.ini
[2009/10/21 22:14:24 | 000,000,042 | -H-- | C] () -- C:\WINDOWS\PCDNSetting.ini
[2009/07/20 01:39:28 | 008,801,704 | -H-- | C] () -- C:\Program Files\FLV PlayerATBSetup.exe
[2009/06/15 02:38:00 | 000,000,159 | -H-- | C] () -- C:\WINDOWS\powerlist.ini
[2009/06/15 02:38:00 | 000,000,113 | -H-- | C] () -- C:\WINDOWS\PPSMediaList.ini
[2009/06/15 02:35:06 | 000,000,029 | -H-- | C] () -- C:\WINDOWS\msgtn.ini
[2009/03/26 15:36:59 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\WinDll.dll
[2009/02/04 17:50:32 | 000,024,576 | ---- | C] () -- C:\WINDOWS\System32\nsis_loader.dll
[2009/01/01 13:42:28 | 000,278,528 | ---- | C] () -- C:\WINDOWS\System32\Unhtml.dll
[2008/11/15 08:54:06 | 001,023,456 | ---- | C] () -- C:\WINDOWS\dbplugin.exe
[2008/08/26 12:12:22 | 000,213,072 | ---- | C] () -- C:\WINDOWS\System32\DNLEng.dll
[2008/03/01 20:23:20 | 001,278,545 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\NMM-MetaData.db
[2007/06/28 14:26:39 | 000,034,308 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/05/14 14:31:39 | 000,000,140 | ---- | C] () -- C:\WINDOWS\System32\imon1.dat
[2007/01/19 16:31:10 | 000,000,000 | ---- | C] () -- C:\WINDOWS\System32\cid_store.dat
[2006/10/29 17:58:50 | 000,000,600 | -H-- | C] () -- C:\WINDOWS\nstower.ini
[2006/09/24 12:09:39 | 000,000,000 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\sversion.ini
[2006/09/24 12:02:56 | 000,069,632 | ---- | C] () -- C:\WINDOWS\uinst001.exe
[2006/09/17 20:34:46 | 000,002,452 | -H-- | C] () -- C:\WINDOWS\powerplayer.ini
[2006/09/16 09:42:53 | 000,002,056 | -H-- | C] () -- C:\WINDOWS\psnetwork.ini
[2006/09/13 19:06:10 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\gtapi.dll
[2006/08/25 13:51:54 | 000,122,880 | ---- | C] () -- C:\WINDOWS\UnGins.exe
[2006/07/30 15:18:26 | 000,000,035 | -H-- | C] () -- C:\WINDOWS\vidwiz.ini
[2006/07/30 15:16:33 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsrex.INI
[2006/07/30 15:16:15 | 000,000,751 | -H-- | C] () -- C:\WINDOWS\Ulead32.ini
[2006/07/30 15:16:15 | 000,000,036 | -H-- | C] () -- C:\WINDOWS\dswplug.ini
[2006/07/30 15:16:15 | 000,000,011 | -H-- | C] () -- C:\WINDOWS\Msdevctl.ini
[2006/05/31 15:59:23 | 000,020,992 | ---- | C] () -- C:\WINDOWS\igBrowse.exe
[2006/05/31 15:59:23 | 000,018,432 | ---- | C] () -- C:\WINDOWS\igUninst.exe
[2006/05/31 15:59:22 | 000,668,938 | ---- | C] () -- C:\WINDOWS\unins000.exe
[2006/05/31 15:59:22 | 000,001,345 | ---- | C] () -- C:\WINDOWS\unins000.dat
[2006/03/01 00:09:07 | 000,012,288 | ---- | C] () -- C:\WINDOWS\impborl.dll
[2006/02/16 16:30:24 | 000,000,078 | -H-- | C] () -- C:\WINDOWS\System32\fscagent.ini
[2006/01/11 16:27:44 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\srkey.exe
[2005/12/29 11:48:48 | 000,000,754 | ---- | C] () -- C:\WINDOWS\WORDPAD.INI
[2005/12/16 22:00:34 | 000,000,000 | ---- | C] () -- C:\WINDOWS\nsreg.dat
[2005/12/16 22:00:13 | 000,002,947 | ---- | C] () -- C:\WINDOWS\mozver.dat
[2005/11/30 08:21:20 | 000,000,135 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\fusioncache.dat
[2005/11/11 18:39:06 | 000,006,550 | ---- | C] () -- C:\WINDOWS\jautoexp.dat
[2005/05/01 00:08:37 | 000,000,000 | -H-- | C] () -- C:\WINDOWS\MSDraw.ini
[2005/04/30 23:15:45 | 000,000,144 | -H-- | C] () -- C:\WINDOWS\Eudcedit.ini
[2005/04/17 17:18:49 | 000,020,992 | -H-- | C] () -- C:\Documents and Settings\Compaq_Owner\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2005/04/16 13:23:19 | 000,000,536 | ---- | C] () -- C:\WINDOWS\eReg.dat
[2005/03/16 16:08:42 | 000,000,366 | -H-- | C] () -- C:\WINDOWS\cdplayer.ini
[2005/03/08 14:37:12 | 000,000,112 | ---- | C] () -- C:\WINDOWS\ActiveSkin.INI
[2005/03/08 12:15:24 | 000,007,260 | -H-- | C] () -- C:\WINDOWS\hpdj3740.ini
[2005/03/08 12:15:13 | 000,001,656 | ---- | C] () -- C:\Documents and Settings\Compaq_Owner\Application Data\wklnhst.dat
[2005/03/08 12:15:06 | 000,000,414 | -H-- | C] () -- C:\WINDOWS\hpbvspst.ini
[2004/12/01 11:13:40 | 000,218,003 | ---- | C] () -- C:\WINDOWS\System32\dssec.dat
[2004/12/01 11:13:35 | 000,001,804 | ---- | C] () -- C:\WINDOWS\System32\dcache.bin
[2004/12/01 10:40:41 | 000,261,056 | ---- | C] () -- C:\WINDOWS\winhelp.exe
[2004/12/01 10:38:58 | 000,112,200 | ---- | C] () -- C:\WINDOWS\System32\prfi0404.dat
[2004/12/01 10:38:58 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\prfd0404.dat
[2004/12/01 10:38:51 | 000,272,128 | ---- | C] () -- C:\WINDOWS\System32\perfi009.dat
[2004/12/01 10:38:51 | 000,028,626 | ---- | C] () -- C:\WINDOWS\System32\perfd009.dat
[2004/12/01 10:38:47 | 000,004,490 | ---- | C] () -- C:\WINDOWS\System32\oembios.dat
[2004/12/01 10:38:41 | 013,107,200 | ---- | C] () -- C:\WINDOWS\System32\oembios.bin
[2004/12/01 10:38:35 | 000,000,741 | ---- | C] () -- C:\WINDOWS\System32\noise.dat
[2004/12/01 10:38:05 | 000,673,088 | ---- | C] () -- C:\WINDOWS\System32\mlang.dat
[2004/12/01 10:38:02 | 000,046,258 | ---- | C] () -- C:\WINDOWS\System32\mib.bin
[2004/08/20 10:14:46 | 000,086,016 | ---- | C] () -- C:\WINDOWS\System32\PcdrKernelModeServices.dll
[2004/08/20 10:14:46 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\ProgressTrace.dll
[2004/03/17 21:12:48 | 000,000,362 | ---- | C] () -- C:\WINDOWS\hpfins_s04_main.dat
[2004/03/17 21:11:51 | 000,005,428 | ---- | C] () -- C:\WINDOWS\hpfmdl_s04_main.dat
[2004/01/06 01:20:45 | 000,000,872 | -H-- | C] () -- C:\WINDOWS\System32\oeminfo.ini
[2004/01/06 01:20:25 | 000,445,578 | ---- | C] () -- C:\WINDOWS\System32\prfh0404.dat
[2004/01/06 01:20:25 | 000,265,490 | ---- | C] () -- C:\WINDOWS\System32\prfc0404.dat
[2004/01/06 01:20:09 | 000,004,569 | ---- | C] () -- C:\WINDOWS\System32\secupd.dat
[2004/01/06 01:20:07 | 000,443,078 | ---- | C] () -- C:\WINDOWS\System32\perfh009.dat
[2004/01/06 01:20:06 | 000,072,344 | ---- | C] () -- C:\WINDOWS\System32\perfc009.dat
[2004/01/06 01:08:57 | 000,000,061 | -H-- | C] () -- C:\WINDOWS\smscfg.ini
[2004/01/05 12:11:45 | 000,118,784 | R--- | C] () -- C:\WINDOWS\bwUnin-6.3.2.62.exe
[2004/01/05 12:11:01 | 000,013,107 | ---- | C] () -- C:\WINDOWS\System32\CHODDI.SYS
[2004/01/05 12:10:47 | 000,045,056 | ---- | C] () -- C:\WINDOWS\System32\hpreg.dll
[2004/01/05 11:50:15 | 000,204,800 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2004/01/05 11:50:15 | 000,200,704 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2004/01/05 11:50:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2004/01/05 11:50:15 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2004/01/05 11:50:15 | 000,188,416 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2004/01/05 11:50:15 | 000,020,480 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2004/01/05 11:32:51 | 000,003,216 | -H-- | C] () -- C:\WINDOWS\System32\fxsperf.ini
[2004/01/05 11:25:24 | 000,192,512 | ---- | C] () -- C:\WINDOWS\System32\RTCOMDLL.dll
[2004/01/05 11:25:24 | 000,156,160 | ---- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2004/01/05 11:21:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis760.bin
[2004/01/05 11:21:32 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\sis741.bin
[2004/01/05 11:21:32 | 000,049,152 | ---- | C] () -- C:\WINDOWS\System32\sis660.bin
[2004/01/05 10:54:03 | 000,299,073 | ---- | C] () -- C:\WINDOWS\System32\PythonCOM22.dll
[2004/01/05 10:54:03 | 000,065,536 | ---- | C] () -- C:\WINDOWS\System32\PyWinTypes22.dll
[2004/01/05 10:53:44 | 000,016,896 | ---- | C] () -- C:\WINDOWS\System32\bcbmm.dll
[2004/01/05 10:44:36 | 000,000,823 | -H-- | C] () -- C:\WINDOWS\orun32.ini
[2004/01/05 10:42:15 | 000,002,048 | --S- | C] () -- C:\WINDOWS\bootstat.dat
[2004/01/05 10:36:09 | 000,021,456 | ---- | C] () -- C:\WINDOWS\System32\emptyregdb.dat
[2004/01/05 10:30:20 | 000,004,205 | ---- | C] () -- C:\WINDOWS\ODBCINST.INI
[2004/01/05 10:27:59 | 000,284,520 | ---- | C] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2003/04/11 06:04:00 | 000,028,672 | ---- | C] () -- C:\WINDOWS\System32\JAWTAccessBridge.dll
[1996/04/04 03:33:26 | 000,005,248 | ---- | C] () -- C:\WINDOWS\System32\giveio.sys
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2011/06/02 16:06:34 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Alwil Software
[2011/06/02 17:02:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\AVAST Software
[2011/05/31 23:36:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Baidu
[2005/07/31 22:09:06 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\BOONTY
[2008/09/07 23:11:14 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\DIGStream
[2010/10/31 19:52:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Driver Whiz
[2010/11/01 11:21:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Electronic Arts
[2006/05/14 23:15:47 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ESPN
[2011/06/13 18:22:05 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Installations
[2004/01/05 11:50:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2011/04/23 21:54:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Jlcm
[2011/05/01 11:24:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\kingsoft
[2011/05/02 10:02:41 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Kuaikuai
[2010/01/19 20:20:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Messenger Plus!
[2008/03/01 20:18:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2005/08/03 20:40:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\pixelStorm
[2006/09/23 18:52:17 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PopCap
[2011/06/17 08:25:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLive
[2009/11/07 10:19:09 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PPLiveVA
[2010/08/11 11:02:42 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SecTaskMan
[2011/11/13 21:00:37 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Spyware Terminator
[2009/12/23 15:37:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2009/03/12 10:46:12 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Winferno
[2009/06/26 11:10:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2011/01/01 23:14:01 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\881903
[2010/06/23 12:55:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\AddressBar
[2010/02/16 23:54:27 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Baidu
[2011/11/02 16:36:57 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\BitTorrent
[2010/06/14 22:48:51 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\CCTV
[2006/12/22 09:31:58 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DeskSoft
[2011/09/19 13:26:10 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\DNA
[2011/09/26 17:33:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Dropbox
[2009/11/04 23:51:32 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\FlashgetSetup
[2010/10/07 16:36:53 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Foxy
[2009/02/08 15:23:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GanymedeNet
[2009/06/21 02:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\GetRightToGo
[2005/11/30 08:22:33 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Intervideo
[2005/03/08 12:15:23 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Leadertech
[2011/06/13 18:31:45 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Nokia
[2009/10/10 23:10:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PC Suite
[2011/04/23 23:27:07 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PPlive
[2009/11/05 20:15:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PPLiveVA
[2010/04/21 03:49:15 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\PPStream
[2006/04/20 19:28:46 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Raptisoft
[2004/01/05 23:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SampleView
[2005/10/18 17:08:22 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SecondLife
[2011/04/13 03:55:04 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SE_logs
[2011/06/09 08:40:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Sony
[2009/12/23 15:17:56 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\SpinTop
[2011/11/13 20:37:30 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Spyware Terminator
[2005/03/30 11:36:50 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\Template
[2011/05/31 23:36:48 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\TTPlayer
[2009/05/10 03:09:00 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Compaq_Owner\Application Data\winstron
[2004/01/05 11:51:24 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\Intervideo
[2004/01/05 23:01:26 | 000,000,000 | ---D | M] -- C:\Documents and Settings\Default User\Application Data\SampleView
[2011/11/14 10:10:33 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\At1.job
[2011/11/13 20:40:12 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\At2.job
[2011/11/13 17:13:04 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\At3.job
[2011/11/12 14:00:08 | 000,000,454 | ---- | M] () -- C:\WINDOWS\Tasks\At4.job
[2011/11/14 08:59:18 | 000,000,416 | ---- | M] () -- C:\WINDOWS\Tasks\PCConfidential.job
[2011/11/13 14:31:21 | 000,000,390 | -H-- | M] () -- C:\WINDOWS\Tasks\User_Feed_Synchronization-{F1074E1F-2FDC-417F-9830-4B4940F1801D}.job
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 115 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:C7F04040
@Alternate Data Stream - 104 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2

< End of report >