OTL logfile created on: 17/9/2012 12:49:05 AM - Run 4
OTL by OldTimer - Version 3.2.61.2     Folder = C:\Downloads
Windows Vista Home Premium Edition Service Pack 2 (Version = 6.0.6002) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00004809 | Country: Singapore | Language: ENE | Date Format: d/M/yyyy
 
1.99 Gb Total Physical Memory | 0.71 Gb Available Physical Memory | 35.48% Memory free
4.22 Gb Paging File | 2.06 Gb Available in Paging File | 48.96% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]
 
%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files
Drive C: | 219.73 Gb Total Space | 61.84 Gb Free Space | 28.14% Space Free | Partition Type: NTFS
Drive D: | 78.36 Gb Total Space | 77.88 Gb Free Space | 99.38% Space Free | Partition Type: NTFS
Drive F: | 998.10 Mb Total Space | 18.69 Mb Free Space | 1.87% Space Free | Partition Type: FAT32
 
Computer Name: MISSYIJUN-PC | User Name: Miss Yi Jun | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Quick Scan
Company Name Whitelist: On | Skip Microsoft Files: On | No Company Name Whitelist: On | File Age = 30 Days
 
[color=#E56717]========== Processes (SafeList) ==========[/color]
 
PRC - [2012/09/08 12:21:58 | 000,599,552 | ---- | M] (OldTimer Tools) -- C:\Downloads\OTL(1).exe
PRC - [2012/09/05 12:47:08 | 002,673,760 | ---- | M] (华为软件技术有限公司 版权所有) -- C:\Program Files\DBank\ClickUp\DBank_ClickUp.exe
PRC - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgidsagent.exe
PRC - [2012/07/31 03:37:02 | 002,596,984 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgtray.exe
PRC - [2012/07/26 03:23:08 | 000,758,392 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgrsx.exe
PRC - [2012/06/13 03:48:24 | 001,255,544 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgnsx.exe
PRC - [2012/04/22 02:20:08 | 002,015,232 | ---- | M] (SOSOVPN) -- C:\Program Files\ËÑËÑVPN\vpnclient.exe
PRC - [2012/02/29 00:02:07 | 000,296,056 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Real\RealPlayer\Update\realsched.exe
PRC - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe
PRC - [2012/02/14 04:52:38 | 000,338,784 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Program Files\AVG\AVG2012\avgcsrvx.exe
PRC - [2011/09/02 21:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2011/08/15 21:49:50 | 001,191,216 | ---- | M] (Lavasoft Limited) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2011/08/05 12:29:56 | 000,159,456 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Zune\ZuneLauncher.exe
PRC - [2011/04/14 19:57:40 | 000,019,872 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
PRC - [2011/04/14 19:55:08 | 003,373,968 | ---- | M] (Samsung Electronics Co., Ltd.) -- C:\Program Files\Samsung\Kies\KiesTrayAgent.exe
PRC - [2010/04/02 10:18:54 | 001,185,112 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE
PRC - [2010/03/25 09:50:00 | 002,516,296 | ---- | M] (CANON INC.) -- C:\Program Files\Canon\MyPrinter\BJMYPRT.EXE
PRC - [2009/12/08 14:51:52 | 000,774,144 | ---- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe
PRC - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe
PRC - [2009/04/11 14:27:36 | 002,926,592 | ---- | M] (Microsoft Corporation) -- C:\Windows\explorer.exe
PRC - [2008/12/31 01:45:08 | 004,993,024 | ---- | M] (FS2YOU) -- C:\Program Files\GridService\peer.exe
PRC - [2008/06/27 16:04:31 | 001,453,568 | ---- | M] (Motive Communications, Inc.) -- C:\Program Files\SingTel\McciTrayApp.exe
PRC - [2008/01/16 09:10:37 | 004,702,208 | ---- | M] (Realtek Semiconductor) -- C:\Windows\RtHDVCpl.exe
PRC - [2007/07/11 15:57:42 | 000,880,640 | R--- | M] (Sony Ericsson Mobile Communications AB) -- C:\Program Files\Sony Ericsson\Mobile2\Mobile Phone Monitor\epmworker.exe
PRC - [2007/06/13 08:16:02 | 000,528,384 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
PRC - [2007/03/16 03:23:20 | 000,983,040 | R--- | M] (Teleca AB) -- C:\Program Files\Common Files\Teleca Shared\Generic.exe
 
 
[color=#E56717]========== Modules (No Company Name) ==========[/color]
 
MOD - [2012/09/05 12:51:07 | 000,146,528 | ---- | M] () -- C:\Program Files\DBank\ClickUp\zlibwapi.dll
MOD - [2012/09/05 12:49:38 | 000,573,096 | ---- | M] () -- C:\Program Files\DBank\ClickUp\sqlite3.dll
MOD - [2012/09/05 12:47:48 | 000,110,688 | ---- | M] () -- C:\Program Files\DBank\ClickUp\jsondll.dll
MOD - [2012/08/30 10:58:45 | 000,442,392 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppgooglenaclpluginchrome.dll
MOD - [2012/08/30 10:58:44 | 012,237,336 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\PepperFlash\pepflashplayer.dll
MOD - [2012/08/30 10:58:42 | 003,997,720 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
MOD - [2012/08/30 10:57:15 | 000,144,424 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\avutil-51.dll
MOD - [2012/08/30 10:57:13 | 000,266,792 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\avformat-54.dll
MOD - [2012/08/30 10:57:12 | 002,480,680 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\avcodec-54.dll
MOD - [2012/06/15 02:27:12 | 018,000,896 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\199683f6e79076b634ee6cc0a82c0654\PresentationFramework.ni.dll
MOD - [2012/06/15 02:26:57 | 011,451,904 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationCore\e7dc084827f8df2dbdc819db5c633a0d\PresentationCore.ni.dll
MOD - [2012/06/15 02:26:43 | 003,858,432 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\WindowsBase\21f37f9f5162af7efb52169012bd111e\WindowsBase.ni.dll
MOD - [2012/05/10 19:54:14 | 001,218,560 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Management\0c2b0d52156447592f33edf4116b7e7d\System.Management.ni.dll
MOD - [2012/05/10 14:32:04 | 000,595,968 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\PresentationFramewo#\a5fa2a1cfc6e9fdc39d9a8f2baa57bc9\PresentationFramework.Aero.ni.dll
MOD - [2012/05/10 14:29:57 | 000,762,880 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Runtime.Remo#\65f0d70169a0e73b45307dddbd86f92b\System.Runtime.Remoting.ni.dll
MOD - [2012/05/10 14:29:39 | 001,782,272 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Xaml\d234eceae699d070b5a5712ce776c01f\System.Xaml.ni.dll
MOD - [2012/05/10 14:25:04 | 007,069,184 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System.Core\ed91b57205429a23bb91f4499059a459\System.Core.ni.dll
MOD - [2012/05/10 14:24:56 | 009,091,584 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\System\6f9f0467e8b2dd3f69b015c8e30ac945\System.ni.dll
MOD - [2012/05/10 14:24:50 | 014,412,800 | ---- | M] () -- C:\Windows\assembly\NativeImages_v4.0.30319_32\mscorlib\3953b1d8b9b57e4957bff8f58145384e\mscorlib.ni.dll
MOD - [2012/02/20 21:29:04 | 000,087,912 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\zlib1.dll
MOD - [2012/02/20 21:28:42 | 001,242,472 | ---- | M] () -- C:\Program Files\Common Files\Apple\Apple Application Support\libxml2.dll
MOD - [2011/12/30 11:11:26 | 000,055,816 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\Temp\d0d94490-af44-4ddb-bc13-e620b29d93f9\CliSecureRT.dll
MOD - [2011/04/14 19:57:40 | 000,019,872 | ---- | M] () -- C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe
MOD - [2010/07/05 05:32:38 | 000,010,752 | ---- | M] () -- C:\Program Files\Unlocker\UnlockerCOM.dll
MOD - [2007/09/20 18:34:58 | 000,129,024 | ---- | M] () -- C:\Program Files\WinRAR\RarExt.dll
MOD - [2007/06/13 08:16:02 | 000,528,384 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe
MOD - [2007/05/23 08:23:34 | 004,591,616 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherBmp.dll
MOD - [2007/05/22 15:44:50 | 000,023,552 | R--- | M] () -- C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application LauncherLg.dll
MOD - [2006/03/09 18:45:36 | 000,081,920 | R--- | M] () -- C:\Program Files\Common Files\Teleca Shared\boost_log-vc71-mt-1_33.dll
 
 
[color=#E56717]========== Services (SafeList) ==========[/color]
 
SRV - [2012/08/16 12:27:22 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\System32\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/08/13 03:24:48 | 005,167,736 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgidsagent.exe -- (AVGIDSAgent)
SRV - [2012/02/14 04:53:38 | 000,193,288 | ---- | M] (AVG Technologies CZ, s.r.o.) [Auto | Running] -- C:\Program Files\AVG\AVG2012\avgwdsvc.exe -- (avgwd)
SRV - [2011/09/02 21:29:30 | 002,152,152 | ---- | M] (Lavasoft Limited) [Auto | Running] -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service)
SRV - [2011/08/05 12:30:02 | 000,444,640 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneWlanCfgSvc.exe -- (ZuneWlanCfgSvc)
SRV - [2011/08/05 12:30:02 | 000,268,512 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\WMZuneComm.exe -- (WMZuneComm)
SRV - [2011/08/05 12:29:56 | 006,363,872 | ---- | M] (Microsoft Corporation) [On_Demand | Stopped] -- C:\Program Files\Zune\ZuneNss.exe -- (ZuneNetworkSvc)
SRV - [2009/04/30 11:23:26 | 000,090,112 | ---- | M] () [Auto | Running] -- C:\Program Files\Sony Ericsson\Sony Ericsson PC Suite\SupServ.exe -- (OMSI download service)
SRV - [2008/01/21 10:23:32 | 000,272,952 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2007/05/31 09:21:24 | 000,379,784 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\wcescomm.dll -- (WcesComm)
SRV - [2007/05/31 09:21:18 | 000,183,688 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Windows\WindowsMobile\rapimgr.dll -- (RapiMgr)
 
 
[color=#E56717]========== Driver Services (SafeList) ==========[/color]
 
DRV - File not found [Kernel | On_Demand | Stopped] -- system32\DRIVERS\appliand.sys -- (appliandMP)
DRV - [2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgtdix.sys -- (Avgtdix)
DRV - [2012/07/26 03:21:30 | 000,237,408 | ---- | M] (AVG Technologies CZ, s.r.o.) [Kernel | System | Running] -- C:\Windows\System32\drivers\avgldx86.sys -- (Avgldx86)
DRV - [2012/04/19 04:50:26 | 000,024,896 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | Boot | Running] -- C:\Windows\System32\drivers\avgidshx.sys -- (AVGIDSHX)
DRV - [2012/01/31 04:46:50 | 000,031,952 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | Boot | Running] -- C:\Windows\System32\drivers\avgrkx86.sys -- (Avgrkx86)
DRV - [2011/12/23 13:32:14 | 000,041,040 | ---- | M] (AVG Technologies CZ, s.r.o.) [File_System | System | Running] -- C:\Windows\System32\drivers\avgmfx86.sys -- (Avgmfx86)
DRV - [2011/12/23 13:32:08 | 000,017,232 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsshimx.sys -- (AVGIDSShim)
DRV - [2011/12/23 13:32:06 | 000,024,144 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsfilterx.sys -- (AVGIDSFilter)
DRV - [2011/12/23 13:32:00 | 000,139,856 | ---- | M] (AVG Technologies CZ, s.r.o. ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\avgidsdriverx.sys -- (AVGIDSDriver)
DRV - [2011/02/18 12:47:42 | 000,180,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudobex.sys -- (ssudobex)
DRV - [2011/02/18 12:47:42 | 000,180,672 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudmdm.sys -- (ssudmdm)
DRV - [2011/02/18 12:47:42 | 000,066,112 | ---- | M] (DEVGURU Co., LTD.(www.devguru.co.kr)) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssudbus.sys -- (dg_ssudbus)
DRV - [2011/02/04 22:27:14 | 000,015,232 | ---- | M] () [Kernel | On_Demand | Stopped] -- C:\Program Files\Lavasoft\Ad-Aware\kernexplorer.sys -- (Lavasoft Kernexplorer)
DRV - [2011/01/24 21:17:20 | 000,025,512 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggsemc.sys -- (ggsemc)
DRV - [2011/01/24 21:17:20 | 000,013,224 | ---- | M] (Sony Ericsson Mobile Communications) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ggflt.sys -- (ggflt)
DRV - [2011/01/03 16:38:36 | 000,136,680 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdm.sys -- (ssadmdm)
DRV - [2011/01/03 16:38:36 | 000,121,192 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadbus.sys -- (ssadbus)
DRV - [2011/01/03 16:38:36 | 000,114,152 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadserd.sys -- (ssadserd)
DRV - [2011/01/03 16:38:36 | 000,012,776 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadmdfl.sys -- (ssadmdfl)
DRV - [2010/12/21 13:55:02 | 000,030,312 | ---- | M] (Google Inc) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ssadadb.sys -- (androidusb)
DRV - [2010/12/03 17:05:34 | 000,064,288 | ---- | M] (Lavasoft AB) [File_System | Boot | Running] -- C:\Windows\System32\drivers\Lbd.sys -- (Lbd)
DRV - [2010/07/05 03:51:26 | 000,004,096 | ---- | M] () [Kernel | Unavailable | Unknown] -- C:\Program Files\Unlocker\UnlockerDriver5.sys -- (UnlockerDriver5)
DRV - [2010/06/23 09:21:32 | 000,259,176 | ---- | M] (Realtek                                            ) [Kernel | On_Demand | Running] -- C:\Windows\System32\drivers\Rtlh86.sys -- (RTL8169)
DRV - [2009/04/11 12:42:52 | 000,031,616 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\winusb.sys -- (WinUSB)
DRV - [2009/03/25 23:48:00 | 000,114,728 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdm.sys -- (s1018mdm)
DRV - [2009/03/25 23:48:00 | 000,109,864 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018unic.sys -- (s1018unic)
DRV - [2009/03/25 23:48:00 | 000,106,208 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mgmt.sys -- (s1018mgmt)
DRV - [2009/03/25 23:48:00 | 000,104,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018obex.sys -- (s1018obex)
DRV - [2009/03/25 23:48:00 | 000,086,824 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018bus.sys -- (s1018bus)
DRV - [2009/03/25 23:48:00 | 000,026,024 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018nd5.sys -- (s1018nd5)
DRV - [2009/03/25 23:48:00 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s1018mdfl.sys -- (s1018mdfl)
DRV - [2008/05/16 12:33:14 | 000,115,752 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016unic.sys -- (s0016unic)
DRV - [2008/05/16 12:33:14 | 000,025,512 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016nd5.sys -- (s0016nd5)
DRV - [2008/05/16 12:33:14 | 000,015,016 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdfl.sys -- (s0016mdfl)
DRV - [2008/05/16 12:33:12 | 000,120,744 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mdm.sys -- (s0016mdm)
DRV - [2008/05/16 12:33:12 | 000,114,216 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016mgmt.sys -- (s0016mgmt)
DRV - [2008/05/16 12:33:12 | 000,110,632 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016obex.sys -- (s0016obex)
DRV - [2008/05/16 12:33:12 | 000,089,256 | ---- | M] (MCCI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\s0016bus.sys -- (s0016bus)
DRV - [2008/04/02 09:48:40 | 000,021,248 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMP50.sys -- (MREMP50)
DRV - [2008/04/02 09:48:40 | 000,020,096 | ---- | M] (Printing Communications Assoc., Inc. (PCAUSA)) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRESP50.sys -- (MRESP50)
DRV - [2006/09/19 22:14:10 | 000,019,345 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MREMPR5.sys -- (MREMPR5)
DRV - [2006/09/19 22:14:10 | 000,018,003 | ---- | M] (Motive, Inc.) [Kernel | On_Demand | Stopped] -- C:\Program Files\Common Files\Motive\MRENDIS5.sys -- (MRENDIS5)
DRV - [2004/06/03 12:10:00 | 000,071,596 | ---- | M] (Creative Technology Ltd.) [Kernel | Auto | Running] -- C:\Windows\System32\drivers\PfModNT.sys -- (PfModNT)
DRV - [2002/07/17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | Auto | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (Aspi32)
DRV - [2002/07/17 15:20:32 | 000,084,832 | ---- | M] (Adaptec) [Kernel | On_Demand | Stopped] -- C:\Windows\System32\drivers\ASPI32.SYS -- (ASPI)
 
 
[color=#E56717]========== Standard Registry (SafeList) ==========[/color]
 
 
[color=#E56717]========== Internet Explorer ==========[/color]
 
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&FORM=IE8SRC
IE - HKLM\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7
IE - HKLM\..\SearchScopes\{CCC7A320-B3CA-4199-B1A6-9F516DD69829}: "URL" = http://us.yhs.search.yahoo.com/avg/search?fr=yhs-avg-chrome&type=yahoo_avg_hs2-tb-web_chrome_us&p={searchTerms}
 
 
IE - HKU\.DEFAULT\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\.DEFAULT\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-18\..\URLSearchHook: {A3BC75A2-1F87-4686-AA43-5347D756017C} - No CLSID value found
IE - HKU\S-1-5-18\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
 
IE - HKU\S-1-5-19\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-20\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
 
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Search Bar = Preserve
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://www.hotmail.com/
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\..\SearchScopes,DefaultScope = {CCC7A320-B3CA-4199-B1A6-9F516DD69829}
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/search?q={searchTerms}&src=IE-SearchBox&FORM=IE8SRC
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\..\SearchScopes\{1FF7973D-AB0A-496d-82C1-4EADBBA11E7B}: "URL" = http://www.soso.com/q?sc=web&cid=th.ub&w={searchTerms}&cin=!J-5pUWfxAqT8QfS!WYGAC060wc50000&lr=&ie={inputEncoding}&unc=y400372_2
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\..\SearchScopes\{6A1806CD-94D4-4689-BA73-E35EA1EA9990}: "URL" = http://www.google.com/search?q={searchTerms}&rls=com.microsoft:{language}:{referrer:source?}&ie={inputEncoding}&oe={outputEncoding}&sourceid=ie7&rlz=1I7MOOI_enSG457
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = local;*.local
IE - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyServer" = :
 
[color=#E56717]========== FireFox ==========[/color]
 
FF - prefs.js..browser.search.defaultenginename: "Yahoo! Search"
FF - prefs.js..browser.search.selectedEngine: "Yahoo! Search"
FF - prefs.js..browser.startup.homepage: "http://www.google.com.sg/firefox?client=firefox-a&rls=org.mozilla:en-US:official"
FF - prefs.js..extensions.enabledItems: facepad@lazyrussian.com:0.8.0
FF - prefs.js..extensions.enabledItems: {6dd0bdba-0a02-429e-b595-87a7dfdca7a1}:0.7.12
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.1.5
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: personas@christopher.beard:1.6.1
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: npnami@npnami.com:1.3
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: {3f963a5b-e555-4543-90e2-c3908898db71}:10.0.0.1178
FF - prefs.js..extensions.enabledItems: {AB2CE124-6272-4b12-94A9-7303C7397BD1}:5.0.0.6778
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: 
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}:6.0.24
FF - prefs.js..keyword.URL: "http://sg.yhs.search.yahoo.com/avg/search?fr=yhs-avg&type=yahoo_avg_hs2-tb-web_sg&p="
FF - user.js - File not found
 
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF32_11_3_300_271.dll ()
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=:  File not found
FF - HKLM\Software\MozillaPlugins\@Apple.com/iTunes,version=1.0: C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll ()
FF - HKLM\Software\MozillaPlugins\@canon.com/EPPEX: C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL (CANON INC.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Browser Plugin,version=1.0.0: C:\Program Files\DivX\DivX Web Player\npdivx32.dll (DivX,Inc.)
FF - HKLM\Software\MozillaPlugins\@divx.com/DivX Player Plugin,version=1.0.0: C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll (DivX, Inc)
FF - HKLM\Software\MozillaPlugins\@Google.com/GoogleEarthPlugin: C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll (Google)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.7.2: C:\Windows\system32\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.7.2: C:\Program Files\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3508.1109: C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WPF,version=3.5: C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@real.com/nppl3260;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nppl3260.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpchromebrowserrecordext;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprphtml5videoshim;version=15.0.2.72: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nprpjplug;version=15.0.2.72: c:\program files\real\realplayer\Netscape6\nprpjplug.dll (RealNetworks, Inc.)
FF - HKLM\Software\MozillaPlugins\@real.com/nsJSRealPlayerPlugin;version=:  File not found
FF - HKLM\Software\MozillaPlugins\@SonyCreativeSoftware.com/Media Go,version=1.0: c:\Program Files\Sony\Media Go\npmediago.dll (Sony Creative Software Inc)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Program Files\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKLM\Software\MozillaPlugins\@videolan.org/vlc,version=2.0.1: C:\Program Files\VideoLAN\VLC\npvlc.dll (VideoLAN)
FF - HKLM\Software\MozillaPlugins\@xunlei.com/DapCtrlPlugin: C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(530).dll (ShenZhen Thunder Networking Technologies Ltd.)
FF - HKLM\Software\MozillaPlugins\@ylmf.com/UploadPlugin: C:\Program Files\115\UDown\NPUpLoadFile.dll File not found
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files\Adobe\Reader 9.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.1: C:\Users\Miss Yi Jun\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll ( )
FF - HKCU\Software\MozillaPlugins\@facebook.com/FBPlugin,version=1.0.3: C:\Users\Miss Yi Jun\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll ( )
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\Miss Yi Jun\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\Miss Yi Jun\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@yahoo.com/BrowserPlus,version=2.9.2: C:\Users\Miss Yi Jun\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll (Yahoo! Inc.)
 
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{1E73965B-8B48-48be-9C8D-68B920ABC1C4}: C:\Program Files\AVG\AVG2012\Firefox4\ [2012/09/11 12:52:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\Firefox\Ext [2012/02/29 00:03:13 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Firefox\Extensions\\{F53C93F1-07D5-430c-86D4-C9531B27DFAF}: C:\Program Files\AVG\AVG2012\Firefox\DoNotTrack\ [2012/08/29 13:34:18 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Components: C:\Program Files\Flock\components [2012/05/18 14:26:59 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Flock 2.0.3\extensions\\Plugins: C:\Program Files\Flock\plugins [2012/08/17 14:44:33 | 000,000,000 | ---D | M]
 
[2009/07/28 21:24:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Extensions
[2009/07/28 21:24:37 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Extensions\{a463f10c-3994-11da-9945-000d60ca027b}
[2012/09/13 21:09:14 | 000,000,000 | ---D | M] (No name found) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions
[2010/05/29 01:08:22 | 000,000,000 | ---D | M] (Microsoft .NET Framework Assistant) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2011/02/07 21:10:37 | 000,000,000 | ---D | M] (GameFOX) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\{6dd0bdba-0a02-429e-b595-87a7dfdca7a1}
[2011/04/22 01:58:38 | 000,000,000 | ---D | M] ("DVDVideoSoft Menu") -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\{ACAA314B-EEBA-48e4-AD47-84E31C44796C}
[2011/02/07 21:10:37 | 000,000,000 | ---D | M] (User Agent Switcher) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\{e968fc70-8f95-4ab9-9e79-304de2a71ee1}
[2010/10/23 15:10:18 | 000,000,000 | ---D | M] (FacePAD: Facebook Photo Album Downloader) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\facepad@lazyrussian.com
[2010/08/15 03:26:47 | 000,000,000 | ---D | M] (Nami Plugin) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\npnami@npnami.com
[2010/09/12 22:13:04 | 000,000,000 | ---D | M] (Personas) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\personas@christopher.beard
[2011/02/07 21:10:37 | 000,000,000 | ---D | M] (Mitter Toolbar) -- C:\Users\Miss Yi Jun\AppData\Roaming\Mozilla\Firefox\Profiles\gdrfjdab.default\extensions\tagiritoolbar@tagiri.jp
File not found (No name found) -- C:\PROGRAM FILES\AVG\AVG10\FIREFOX
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{AB2CE124-6272-4B12-94A9-7303C7397BD1}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0017-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0019-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0020-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0021-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0022-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0023-ABCDEFFEDCBA}
File not found (No name found) -- C:\PROGRAM FILES\MOZILLA FIREFOX\EXTENSIONS\{CAFEEFAC-0016-0000-0024-ABCDEFFEDCBA}
[2012/02/29 00:03:13 | 000,000,000 | ---D | M] (RealPlayer Browser Record Plugin) -- C:\PROGRAMDATA\REAL\REALPLAYER\BROWSERRECORDPLUGIN\FIREFOX\EXT
File not found (No name found) -- C:\USERS\MISS YI JUN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GDRFJDAB.DEFAULT\EXTENSIONS\{872B5B88-9DB5-4310-BDD0-AC189557E5F5}
File not found (No name found) -- C:\USERS\MISS YI JUN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GDRFJDAB.DEFAULT\EXTENSIONS\{CD90BF73-20F6-44EF-993D-BB920303BD2E}
File not found (No name found) -- C:\USERS\MISS YI JUN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GDRFJDAB.DEFAULT\EXTENSIONS\ENGINE@CONDUIT.COM
File not found (No name found) -- C:\USERS\MISS YI JUN\APPDATA\ROAMING\MOZILLA\FIREFOX\PROFILES\GDRFJDAB.DEFAULT\EXTENSIONS\QUICKSTORES@QUICKSTORES.DE
 
[color=#E56717]========== Chrome  ==========[/color]
 
CHR - homepage: http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1285164070&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?q={searchTerms}&{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}sourceid=chrome&ie={inputEncoding}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://login.live.com/login.srf?wa=wsignin1.0&rpsnv=11&ct=1285164070&rver=6.0.5285.0&wp=MBI&wreply=http:%2F%2Fmail.live.com%2Fdefault.aspx&lc=1033&id=64855&mkt=en-us
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\Application\21.0.1180.89\gcswf32.dll
CHR - plugin: Shockwave Flash (Disabled) = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\PepperFlash\11.2.31.144\pepflashplayer.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\system32\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: AVG Internet Security (Enabled) = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2161_0\plugins/avgnpss.dll
CHR - plugin: Adobe Acrobat (Disabled) = C:\Program Files\Adobe\Reader 9.0\Reader\Browser\nppdf32.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin2.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin3.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin4.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin5.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin6.dll
CHR - plugin: QuickTime Plug-in 7.7.1 (Enabled) = C:\Program Files\QuickTime\plugins\npqtplugin7.dll
CHR - plugin: Microsoft\u00AE Windows Media Player Firefox Plugin (Enabled) = C:\Program Files\Windows Media Player\np-mswmp.dll
CHR - plugin: 115.COM Upload Plugin (Enabled) = C:\Program Files\115\UDown\NPUpLoadFile.dll
CHR - plugin: CANON iMAGE GATEWAY Album Plugin Utility (Enabled) = C:\Program Files\Canon\Easy-PhotoPrint EX\NPEZFFPI.DLL
CHR - plugin: Thunder DapCtrl Plugin (Enabled) = C:\Program Files\Common Files\Thunder Network\KanKan\npDapCtrlFirefox.2.0.5901.12.(530).dll
CHR - plugin: DivX Player Netscape Plugin (Enabled) = C:\Program Files\DivX\DivX Player\npDivxPlayerPlugin.dll
CHR - plugin: DivX Web Player (Enabled) = C:\Program Files\DivX\DivX Web Player\npdivx32.dll
CHR - plugin: Google Earth Plugin (Enabled) = C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll
CHR - plugin: Google Update (Enabled) = C:\Program Files\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - plugin: Java(TM) Platform SE 6 U31 (Enabled) = C:\Program Files\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files\Microsoft Silverlight\5.1.10411.0\npctrl.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: iTunes Application Detector (Enabled) = C:\Program Files\iTunes\Mozilla Plugins\npitunes.dll
CHR - plugin: RealNetworks(tm) Chrome Background Extension Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprpchromebrowserrecordext.dll
CHR - plugin: RealPlayer(tm) HTML5VideoShim Plug-In (32-bit)  (Enabled) = C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\MozillaPlugins\nprphtml5videoshim.dll
CHR - plugin: RealPlayer(tm) G2 LiveConnect-Enabled Plug-In (32-bit)  (Enabled) = c:\program files\real\realplayer\Netscape6\nppl3260.dll
CHR - plugin: RealPlayer Version Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprpjplug.dll
CHR - plugin: QvodInsert (Enabled) = C:\QvodPlayerQvodPlayer\npQvodInsert.dll
CHR - plugin: BrowserPlus (from Yahoo!) v2.9.2 (Enabled) = C:\Users\Miss Yi Jun\AppData\Local\Yahoo!\BrowserPlus\2.9.2\Plugins\npybrowserplus_2.9.2.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Miss Yi Jun\AppData\Roaming\Facebook\npfbplugin_1_0_1.dll
CHR - plugin: Facebook Plugin (Enabled) = C:\Users\Miss Yi Jun\AppData\Roaming\Facebook\npfbplugin_1_0_3.dll
CHR - plugin: Windows Presentation Foundation (Enabled) = C:\Windows\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll
CHR - plugin: Media Go Detector (Enabled) = c:\Program Files\Sony\Media Go\npmediago.dll
CHR - plugin: RealJukebox NS Plugin (Enabled) = c:\program files\real\realplayer\Netscape6\nprjplug.dll
CHR - Extension: YouTube = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google Search = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: RealPlayer HTML5Video Downloader Extension = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\jfmjfhklogoienhpfnppmbcbjfjnkonk\1.5_0\
CHR - Extension: AVG Safe Search = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\jmfkcklnlgedgbglfkkgedjfmejoahla\12.0.0.2210_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.7.6_0\
CHR - Extension: FastestChrome - Browse Faster = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\mmffncokckfccddfenhkhnllmlobdahm\6.7.7_0\
CHR - Extension: AVG Do Not Track = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\ndibdjnfmopecpmkdieinmbadjfpblof\12.0.0.2166_0\
CHR - Extension: Gmail = C:\Users\Miss Yi Jun\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\
 
O1 HOSTS File: ([2010/08/10 22:54:02 | 000,000,098 | ---- | M]) - C:\Windows\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1       localhost
O1 - Hosts: ::1       localhost
O2 - BHO: (Octh Class) - {000123B4-9B42-4900-B3F7-F4B073EFC214} - C:\Program Files\Orbitdownloader\orbitcth.dll (Orbitdownloader.com)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - C:\ProgramData\Real\RealPlayer\BrowserRecordPlugin\IE\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (AVG Do Not Track) - {31332EEF-CB9F-458F-AFEB-D30E9A66B6BA} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (Canon Easy-WebPrint EX BHO) - {3785D0AD-BFFF-47F6-BF5B-A587C162FED9} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexbho.dll (CANON INC.)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVG2012\avgssie.dll (AVG Technologies CZ, s.r.o.)
O2 - BHO: (xiamistart Class) - {658D2C4F-158A-46FB-8C96-B1C8F56DBBE9} - C:\PROGRA~1\Shark\XIAMIP~1.DLL File not found
O2 - BHO: (Java(tm) Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (Java(tm) Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O3 - HKLM\..\Toolbar: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O3 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\..\Toolbar\WebBrowser: (Canon Easy-WebPrint EX) - {759D9886-0C6F-4498-BAB6-4A5F47C6C72F} - C:\Program Files\Canon\Easy-WebPrint EX\ewpexhlp.dll (CANON INC.)
O4 - HKLM..\Run: [APSDaemon] C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe (Apple Inc.)
O4 - HKLM..\Run: [AVG_TRAY] C:\Program Files\AVG\AVG2012\avgtray.exe (AVG Technologies CZ, s.r.o.)
O4 - HKLM..\Run: [CanonMyPrinter] C:\Program Files\Canon\MyPrinter\BJMyPrt.exe (CANON INC.)
O4 - HKLM..\Run: [CanonSolutionMenuEx] C:\Program Files\Canon\Solution Menu EX\CNSEMAIN.EXE (CANON INC.)
O4 - HKLM..\Run: [Grid Service] C:\Program Files\GridService\peer.exe (FS2YOU)
O4 - HKLM..\Run: [NeroFilterCheck] C:\Program Files\Common Files\Nero\Lib\NeroCheck.exe (Nero AG)
O4 - HKLM..\Run: [RtHDVCpl] C:\Windows\RtHDVCpl.exe (Realtek Semiconductor)
O4 - HKLM..\Run: [SingTel_McciTrayApp] C:\Program Files\SingTel\McciTrayApp.exe (Motive Communications, Inc.)
O4 - HKLM..\Run: [Sony Ericsson PC Suite] C:\Program Files\Sony Ericsson\Mobile2\Application Launcher\Application Launcher.exe ()
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Real\RealPlayer\update\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [Windows Defender] C:\Program Files\Windows Defender\MSASCui.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Windows Mobile-based device management] C:\Windows\WindowsMobile\wmdSync.exe (Microsoft Corporation)
O4 - HKLM..\Run: [Zune Launcher] C:\Program Files\Zune\ZuneLauncher.exe (Microsoft Corporation)
O4 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000..\Run: [DBank_ClickUp] C:\Program Files\DBank\ClickUp\DBank_ClickUp.exe (华为软件技术有限公司 版权所有)
O4 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000..\Run: [KiesHelper] C:\Program Files\Samsung\Kies\KiesHelper.exe (Samsung)
O4 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000..\Run: [KiesPDLR] C:\Program Files\Samsung\Kies\External\FirmwareUpdate\KiesPDLR.exe ()
O4 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000..\Run: [KiesTrayAgent] C:\Program Files\Samsung\Kies\KiesTrayAgent.exe (Samsung Electronics Co., Ltd.)
O4 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000..\Run: [Sony Ericsson PC Companion] C:\Program Files\Sony Ericsson\Sony Ericsson PC Companion\PCCompanion.exe (Sony Ericsson Mobile Communications AB)
O4 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000..\Run: [同步盘] "C:\Users\Miss Yi Jun\AppData\Roaming\115\Box\115Box.exe" autorun File not found
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &Download All with FlashGet - C:\Program Files\FlashGet\JC_ALL.HTM ()
O8 - Extra context menu item: &Download with FlashGet - C:\Program Files\FlashGet\JC_LINK.HTM ()
O9 - Extra Button: @C:\Windows\WindowsMobile\INetRepl.dll,-222 - {2EAF5BB1-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : @C:\Windows\WindowsMobile\INetRepl.dll,-223 - {2EAF5BB2-070F-11D3-9307-00C04FAE2D4F} - C:\Windows\WindowsMobile\INetRepl.dll (Microsoft Corporation)
O9 - Extra Button: AVG Do Not Track - {68BCFFE1-A2DA-4B40-9068-87ECBFC19D16} - C:\Program Files\AVG\AVG2012\avgdtiex.dll (AVG Technologies CZ, s.r.o.)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\flashget.exe (FlashGet.com)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000008 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKU\S-1-5-21-631317932-1057005952-1023814535-1000\..Trusted Domains: security_PPStream.exe ([]about in Trusted sites)
O16 - DPF: Microsoft XML Parser for Java file:///C:/Windows/Java/classes/xmldso.cab (Reg Error: Key error.)
O17 - HKLM\System\CCS\Services\Tcpip\Parameters: DhcpNameServer = 192.168.1.254
O17 - HKLM\System\CCS\Services\Tcpip\Parameters\Interfaces\{92833653-E5A0-4C2D-870F-10A4A9E9EC78}: DhcpNameServer = 192.168.1.254
O18 - Protocol\Handler\linkscanner {F274614C-63F8-47D5-A4D1-FBDDE494F8D1} - C:\Program Files\AVG\AVG2012\avgpp.dll (AVG Technologies CZ, s.r.o.)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\System32\userinit.exe (Microsoft Corporation)
O24 - Desktop WallPaper: C:\Users\Miss Yi Jun\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O24 - Desktop BackupWallPaper: C:\Users\Miss Yi Jun\AppData\Roaming\Microsoft\Windows Photo Gallery\Windows Photo Gallery Wallpaper.jpg
O28 - HKLM ShellExecuteHooks: {AEB6717E-7E19-11d0-97EE-00C04FD91972} - No CLSID value found.
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2006/09/19 05:43:36 | 000,000,024 | ---- | M] () - C:\autoexec.bat -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O34 - HKLM BootExecute: (lsdelete)
O34 - HKLM BootExecute: (C:\PROGRA~1\AVG\AVG2012\avgrsx.exe /sync /restart)
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37 - HKLM\...com [@ = comfile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
 
[color=#E56717]========== Files/Folders - Created Within 30 Days ==========[/color]
 
[2012/09/13 21:08:19 | 000,000,000 | ---D | C] -- C:\_OTL
[2012/09/11 12:52:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\AVG
[2012/09/10 14:40:08 | 004,731,392 | ---- | C] (AVAST Software) -- C:\Users\Miss Yi Jun\Desktop\aswMBR.exe
[2012/09/07 16:33:56 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Java
[2012/09/05 20:31:51 | 000,000,000 | ---D | C] -- C:\Users\Miss Yi Jun\Documents\DBank
[2012/08/24 15:43:18 | 000,301,920 | ---- | C] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/08/22 01:27:27 | 000,000,000 | ---D | C] -- C:\Users\Miss Yi Jun\AppData\Roaming\tiger-k
[2012/08/22 01:27:26 | 000,000,000 | ---D | C] -- C:\Users\Miss Yi Jun\Documents\Leawo
[2012/08/22 01:27:26 | 000,000,000 | ---D | C] -- C:\Users\Miss Yi Jun\AppData\Roaming\Leawo
[2012/08/22 01:27:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Leawo
[2012/08/22 01:17:26 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Leawo
[2012/08/22 01:16:52 | 000,000,000 | ---D | C] -- C:\Program Files\Leawo
[2012/08/22 01:11:29 | 000,000,000 | ---D | C] -- C:\Program Files\Uibia
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files - Modified Within 30 Days ==========[/color]
 
[2012/09/17 01:02:15 | 000,000,896 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineUA.job
[2012/09/17 00:27:00 | 000,000,830 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/09/17 00:24:25 | 000,005,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-1.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 00:24:25 | 000,005,456 | -H-- | M] () -- C:\Windows\System32\7B296FB0-376B-497e-B012-9C450E1B7327-2P-0.C7483456-A289-439d-8115-601632D005A0
[2012/09/17 00:18:00 | 000,000,932 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-631317932-1057005952-1023814535-1000UA.job
[2012/09/17 00:09:44 | 000,001,852 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Roaming\network.dat
[2012/09/16 20:29:38 | 094,961,329 | ---- | M] () -- C:\Windows\System32\drivers\AVG\incavi.avm
[2012/09/16 20:24:23 | 000,000,892 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskMachineCore.job
[2012/09/16 20:24:19 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/09/16 01:26:58 | 000,000,012 | ---- | M] () -- C:\Windows\bthservsdp.dat
[2012/09/16 01:18:01 | 000,000,880 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-631317932-1057005952-1023814535-1000Core.job
[2012/09/15 22:07:03 | 000,000,064 | ---- | M] () -- C:\Windows\System32\rp_stats.dat
[2012/09/15 22:07:03 | 000,000,044 | ---- | M] () -- C:\Windows\System32\rp_rules.dat
[2012/09/15 18:36:10 | 049,907,968 | ---- | M] () -- C:\Windows\System32\perfh009.dat
[2012/09/15 18:36:09 | 019,224,846 | ---- | M] () -- C:\Windows\System32\perfc009.dat
[2012/09/13 00:29:51 | 000,179,200 | ---- | M] () -- C:\Users\Miss Yi Jun\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2012/09/11 12:52:16 | 000,000,842 | ---- | M] () -- C:\Users\Public\Desktop\AVG 2012.lnk
[2012/09/10 22:34:39 | 000,000,512 | ---- | M] () -- C:\Users\Miss Yi Jun\Desktop\MBR.dat
[2012/09/07 17:40:40 | 000,393,366 | ---- | M] () -- C:\Windows\System32\drivers\AVG\iavichjg.avm
[2012/09/05 13:21:16 | 000,002,072 | ---- | M] () -- C:\Users\Miss Yi Jun\Desktop\Google Chrome.lnk
[2012/09/05 13:21:16 | 000,002,034 | ---- | M] () -- C:\Users\Miss Yi Jun\Application Data\Microsoft\Internet Explorer\Quick Launch\Google Chrome.lnk
[2012/08/24 15:43:18 | 000,301,920 | ---- | M] (AVG Technologies CZ, s.r.o.) -- C:\Windows\System32\drivers\avgtdix.sys
[2012/08/22 01:17:31 | 000,000,985 | ---- | M] () -- C:\Users\Public\Desktop\Leawo Video Converter.lnk
[1 C:\Windows\System32\*.tmp files -> C:\Windows\System32\*.tmp -> ]
 
[color=#E56717]========== Files Created - No Company Name ==========[/color]
 
[2012/09/13 22:59:05 | 000,001,852 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Roaming\network.dat
[2012/09/10 17:40:08 | 000,000,512 | ---- | C] () -- C:\Users\Miss Yi Jun\Desktop\MBR.dat
[2012/08/22 01:17:31 | 000,000,985 | ---- | C] () -- C:\Users\Public\Desktop\Leawo Video Converter.lnk
[2012/03/23 22:03:21 | 000,000,911 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Roaming\coreavc.ini
[2012/03/01 10:47:08 | 000,006,220 | ---- | C] () -- C:\Users\Miss Yi Jun\funshion.ini
[2011/12/02 14:06:28 | 000,018,760 | ---- | C] () -- C:\Windows\System32\QQVistaHelper.dll
[2011/09/19 17:44:16 | 000,001,130 | ---- | C] () -- C:\Windows\System32\funshion.ini
[2011/04/27 19:49:39 | 000,000,064 | ---- | C] () -- C:\Windows\System32\rp_stats.dat
[2011/04/27 19:49:39 | 000,000,044 | ---- | C] () -- C:\Windows\System32\rp_rules.dat
[2011/03/09 02:11:22 | 000,004,096 | -H-- | C] () -- C:\Users\Miss Yi Jun\AppData\Local\keyfile3.drm
[2011/03/02 23:57:44 | 000,030,568 | ---- | C] () -- C:\Windows\MusiccityDownload.exe
[2011/03/02 23:57:40 | 000,974,848 | ---- | C] () -- C:\Windows\System32\cis-2.4.dll
[2011/03/02 23:57:40 | 000,081,920 | ---- | C] () -- C:\Windows\System32\issacapi_bs-2.3.dll
[2011/03/02 23:57:40 | 000,065,536 | ---- | C] () -- C:\Windows\System32\issacapi_pe-2.3.dll
[2011/03/02 23:57:40 | 000,057,344 | ---- | C] () -- C:\Windows\System32\issacapi_se-2.3.dll
[2011/02/20 20:32:32 | 000,000,050 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Roaming\Syscfg.ini
[2010/12/13 21:47:34 | 000,000,056 | -H-- | C] () -- C:\ProgramData\ezsidmv.dat
[2010/08/20 22:17:52 | 000,000,552 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Local\d3d8caps.dat
[2010/03/30 00:30:11 | 000,000,000 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Local\prvlcl.dat
[2008/09/20 23:57:40 | 000,000,258 | RHS- | C] () -- C:\ProgramData\ntuser.pol
[2008/09/18 20:19:05 | 000,037,165 | ---- | C] () -- C:\ProgramData\LUUnInstall.LiveUpdate
[2008/06/21 19:39:38 | 000,179,200 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Local\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2008/06/20 16:45:56 | 000,001,356 | ---- | C] () -- C:\Users\Miss Yi Jun\AppData\Local\d3d9caps.dat
 
[color=#E56717]========== LOP Check ==========[/color]
 
[2012/02/10 15:15:14 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\115
[2012/07/07 13:21:12 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\360Login
[2012/08/22 01:01:14 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\360se
[2008/10/10 22:25:18 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Ashampoo
[2011/10/14 22:34:45 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\AVG2012
[2012/08/09 00:15:15 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\baiduwangpan
[2011/03/24 23:16:03 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\BitTorrent
[2009/03/01 23:38:10 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\BonkEnc
[2012/01/27 00:15:29 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Canon
[2009/10/27 21:57:05 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\com.adobe.mauby.4875E02D9FB21EE389F73B8D1702B320485DF8CE.1
[2008/12/19 22:16:36 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\CravingExplorer
[2011/12/31 23:47:59 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\DBank
[2012/03/24 18:27:35 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Digiarty
[2012/03/24 15:52:22 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\DVDVideoSoft
[2011/04/22 02:10:21 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\DVDVideoSoftIEHelpers
[2010/03/01 13:46:18 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Facebook
[2008/06/22 18:13:40 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\FlashGet
[2012/07/07 14:34:05 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\flash_se
[2009/07/28 21:24:29 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Flock
[2010/08/20 22:24:21 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\funshionAddr
[2012/03/27 12:25:16 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\HandBrake
[2012/08/22 01:27:26 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Leawo
[2012/08/23 19:17:05 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Mp3tag
[2009/11/26 00:13:15 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\NCH Swift Sound
[2012/09/11 00:21:59 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Orbit
[2011/11/14 00:55:30 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\PhotoScape
[2010/08/15 01:04:05 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\PPStream
[2012/05/18 18:49:08 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\ProgSense
[2012/05/18 18:34:20 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Recordpad
[2010/08/17 01:10:10 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Runscanner.net
[2011/11/07 21:39:51 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Samsung
[2011/01/24 21:09:47 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Sony
[2011/01/24 20:59:23 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Sony Setup
[2009/06/12 23:12:48 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Teleca
[2012/08/22 01:29:00 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\tiger-k
[2011/02/20 20:57:25 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\UDown
[2009/10/19 02:09:13 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\Windows Live Writer
[2010/11/27 17:04:37 | 000,000,000 | ---D | M] -- C:\Users\Miss Yi Jun\AppData\Roaming\YouSendIt
[2012/09/16 01:26:57 | 000,032,600 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT
 
[color=#E56717]========== Purity Check ==========[/color]
 
 
 
[color=#E56717]========== Files - Unicode (All) ==========[/color]
[2012/07/08 02:15:56 | 000,000,000 | ---D | M](C:\360????) -- C:\360高速下载
[2012/07/07 15:50:41 | 000,000,000 | ---D | C](C:\360????) -- C:\360高速下载
[2012/07/07 13:21:15 | 000,000,897 | ---- | M] ()(C:\Users\Miss Yi Jun\Desktop\360?????.lnk) -- C:\Users\Miss Yi Jun\Desktop\360安全浏览器.lnk
[2012/07/07 13:21:15 | 000,000,897 | ---- | C] ()(C:\Users\Miss Yi Jun\Desktop\360?????.lnk) -- C:\Users\Miss Yi Jun\Desktop\360安全浏览器.lnk
[2012/07/07 13:21:15 | 000,000,877 | ---- | M] ()(C:\Users\Miss Yi Jun\Application Data\Microsoft\Internet Explorer\Quick Launch\360?????.lnk) -- C:\Users\Miss Yi Jun\Application Data\Microsoft\Internet Explorer\Quick Launch\360安全浏览器.lnk
[2012/07/07 13:21:15 | 000,000,877 | ---- | C] ()(C:\Users\Miss Yi Jun\Application Data\Microsoft\Internet Explorer\Quick Launch\360?????.lnk) -- C:\Users\Miss Yi Jun\Application Data\Microsoft\Internet Explorer\Quick Launch\360安全浏览器.lnk
[2012/07/02 12:59:18 | 000,014,347 | ---- | M] ()(C:\Users\Miss Yi Jun\Documents\???.docx) -- C:\Users\Miss Yi Jun\Documents\迪迪宅.docx
[2012/07/02 12:59:16 | 000,014,347 | ---- | C] ()(C:\Users\Miss Yi Jun\Documents\???.docx) -- C:\Users\Miss Yi Jun\Documents\迪迪宅.docx
[2012/06/20 13:01:47 | 000,000,162 | -H-- | M] ()(C:\Users\Miss Yi Jun\Documents\~$?????.docx) -- C:\Users\Miss Yi Jun\Documents\~$自己想要的.docx
[2012/06/20 13:01:47 | 000,000,162 | -H-- | C] ()(C:\Users\Miss Yi Jun\Documents\~$?????.docx) -- C:\Users\Miss Yi Jun\Documents\~$自己想要的.docx
[2012/03/08 22:30:34 | 000,000,000 | ---D | M](C:\Users\Miss Yi Jun\Documents\115???) -- C:\Users\Miss Yi Jun\Documents\115浏览器
[2012/03/08 21:31:25 | 000,000,000 | ---D | C](C:\Users\Miss Yi Jun\Documents\115???) -- C:\Users\Miss Yi Jun\Documents\115浏览器
(C:\Users\Miss Yi Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360????) -- C:\Users\Miss Yi Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\360安全中心
(C:\Users\Miss Yi Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\????) -- C:\Users\Miss Yi Jun\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\百度网盘
 
[color=#E56717]========== Alternate Data Streams ==========[/color]
 
@Alternate Data Stream - 97 bytes -> C:\ProgramData\TEMP:2A81F9CE
@Alternate Data Stream - 130 bytes -> C:\ProgramData\TEMP:63238B95
@Alternate Data Stream - 109 bytes -> C:\ProgramData\TEMP:4F227235

< End of report >