CreateRestorePoint:
ShellIconOverlayIdentifiers: [.XLKKDesktopIcon] -> {4DB0021B-1EC2-4C31-BD79-FEA2892EEB43} => C:\Users\Public\Thunder Network\KKVideo\Addins\KKVIconHandler64.dll [2014-11-18] (深圳市迅雷网络技术有限公司)
ShellIconOverlayIdentifiers: [AAADesktopTips] -> {4562B511-62E9-4533-B7B2-56A8BB10B482} => C:\Users\Public\Thunder Network\KanKan\reghelper\xappex.1.1.1.85.(852).dll [2015-07-13] (深圳市迅雷网络技术有限公司)
HKU\S-1-5-21-3295371147-2942387223-962318981-1000\Software\Microsoft\Internet Explorer\Main,Start Page Redirect Cache = hxxp://www.msn.com/en-my/?ocid=iehp
FF Homepage: hxxp://www.google.com
FF Extension: No Name - C:\Users\Celine\AppData\Roaming\Mozilla\Firefox\Profiles\t0o8zt3e.default\extensions\{1B33E42F-EF14-4cd3-B6DC-174571C4349C} [not found]
CHR HomePage: Default -> hxxp://www.google.com/
CHR StartupUrls: Default -> "hxxp://www.google.com/"
R2 XLWFP; C:\Windows\System32\drivers\xlwfp.sys [56080 2015-08-31] (深圳市迅雷网络技术有限公司)
2015-10-24 17:26 - 2015-10-26 22:50 - 00000000 ____D C:\Program Files (x86)\Thunder Network
2015-10-24 14:34 - 2015-10-26 22:50 - 00000000 ____D C:\Users\Public\Thunder Network
2015-10-24 14:34 - 2015-10-24 17:27 - 00000000 ____D C:\Users\Celine\AppData\LocalLow\Thunder Network
2015-10-24 14:42 - 2014-06-17 15:33 - 00080264 _____ (深圳市迅雷技术有限公司) C:\Windows\xinstaller.1.3.0.22.dll
2015-10-24 14:42 - 2014-06-17 15:33 - 00080264 _____ (深圳市迅雷技术有限公司) C:\Windows\SysWOW64\xinstaller.dll
2015-10-24 14:42 - 2014-06-17 15:33 - 00035208 _____ (深圳市迅雷技术有限公司) C:\Windows\xinstaller.1.3.0.22.exe
2015-10-24 14:42 - 2014-06-17 15:33 - 00035208 _____ (深圳市迅雷技术有限公司) C:\Windows\SysWOW64\xInstaller.exe
2015-10-24 14:42 - 2015-10-24 14:42 - 00000000 ____D C:\Program Files\Common Files\Thunder Network
Task: {53E95992-E9EE-4E70-BF97-24BDB7BF05CA} - System32\Tasks\{1B79DEE9-C1C2-4C01-848F-06D2D401B556} => pcalua.exe -a "C:\Program Files (x86)\Thunder Network\Thunder\ThunderUninstall.exe"
Task: {DE628DA5-613E-4ED9-BC3B-4753755CF5A2} - System32\Tasks\{1ACFF802-8F1C-48BE-A7BF-509DF2813229} => pcalua.exe -a "C:\Program Files (x86)\Common Files\Thunder Network\Kankan\Uninstall.exe"
C:\Program Files (x86)\Common Files\Thunder Network
EmptyTemp: