Jump to content

Welcome to Geeks to Go - Register now for FREE

Geeks To Go is a helpful hub, where thousands of volunteer geeks quickly serve friendly answers and support. Check out the forums and get free advice from the experts. Register now to gain access to all of our features, it's FREE and only takes one minute. Once registered and logged in, you will be able to create topics, post replies to existing threads, give reputation to your fellow members, get your own private messenger, post status updates, manage your profile and so much more.

Create Account How it Works
Photo

strange website in host file


  • Please log in to reply

#1
BMoonY

BMoonY

    New Member

  • Member
  • Pip
  • 3 posts
I scan my computer by using Hitman Pro, and found a strange website name in host file.
Then try to delete them, but it said unable to fix the problem.

Here is the OTL scan log:
OTL logfile created on: 2012/7/25 下午 05:51:32 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = D:\New Program
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000404 | Country: 台灣 | Language: CHT | Date Format: yyyy/M/d

7.91 Gb Total Physical Memory | 5.39 Gb Available Physical Memory | 68.09% Memory free
15.82 Gb Paging File | 12.64 Gb Available in Paging File | 79.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200.00 Gb Total Space | 146.27 Gb Free Space | 73.13% Space Free | Partition Type: NTFS
Drive D: | 240.76 Gb Total Space | 226.79 Gb Free Space | 94.20% Space Free | Partition Type: NTFS
Drive F: | 29.41 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Processes (SafeList) ==========

PRC - [2012/11/07 05:13:28 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
PRC - [2012/07/25 17:42:13 | 000,596,480 | ---- | M] (OldTimer Tools) -- D:\New Program\OTL.exe
PRC - [2012/07/17 20:57:12 | 000,469,136 | ---- | M] () -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe
PRC - [2012/06/17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe
PRC - [2012/06/17 15:44:44 | 003,367,328 | ---- | M] (Emsisoft GmbH) -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2guard.exe
PRC - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe
PRC - [2011/05/31 05:48:18 | 000,082,944 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\Splendid\ACMON.exe
PRC - [2011/05/31 05:48:16 | 000,155,648 | ---- | M] (ASUSTeK) -- C:\Windows\SysWOW64\ACEngSvr.exe
PRC - [2011/05/21 03:01:06 | 000,166,528 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControl.exe
PRC - [2011/04/08 13:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
PRC - [2011/03/26 09:55:16 | 000,091,464 | ---- | M] () -- C:\ExpressGateUtil\VAWinService.exe
PRC - [2011/03/14 02:59:18 | 000,138,400 | ---- | M] (Atheros) -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe
PRC - [2010/11/24 10:31:56 | 000,965,728 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\MediaEspresso\DeviceDetector\DeviceDetector.exe
PRC - [2010/11/16 02:42:12 | 000,305,792 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\SmartLogon\sensorsrv.exe
PRC - [2010/10/08 06:05:14 | 000,170,624 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe
PRC - [2010/09/24 08:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
PRC - [2010/08/21 01:57:06 | 000,107,816 | ---- | M] (CyberLink) -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvc.exe
PRC - [2010/08/18 06:55:42 | 005,732,992 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe
PRC - [2010/07/10 14:45:00 | 000,984,400 | ---- | M] (Virage Logic Corporation / Sonic Focus) -- C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe
PRC - [2010/02/03 16:08:56 | 000,087,336 | ---- | M] (CyberLink Corp.) -- C:\Program Files (x86)\CyberLink\PowerDVD10\PDVD10Serv.exe
PRC - [2010/01/21 14:22:04 | 000,909,824 | ---- | M] (Sonix Technology Co., Ltd.) -- C:\Windows\vsnp2uvc.exe
PRC - [2009/12/16 02:39:38 | 000,096,896 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe
PRC - [2009/06/20 02:29:42 | 000,105,016 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe
PRC - [2009/06/20 02:29:26 | 002,488,888 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\ATKOSD.exe
PRC - [2009/06/16 09:30:42 | 000,084,536 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe
PRC - [2008/12/23 09:15:34 | 000,174,648 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\WDC.exe
PRC - [2008/08/14 13:00:08 | 000,113,208 | ---- | M] (ASUS) -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\KBFiltr.exe


========== Modules (No Company Name) ==========

MOD - [2011/05/31 05:48:14 | 000,009,216 | ---- | M] () -- C:\Program Files (x86)\ASUS\Splendid\GLCDdll.dll
MOD - [2011/04/08 13:26:24 | 000,045,448 | ---- | M] () -- C:\ExpressGateUtil\VAWinAgent.exe
MOD - [2010/09/24 08:53:16 | 001,601,536 | ---- | M] () -- C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe
MOD - [2010/08/21 01:57:06 | 000,619,816 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMediaLibrary.dll
MOD - [2010/08/21 01:57:00 | 000,013,096 | ---- | M] () -- C:\Program Files (x86)\CyberLink\Power2Go\CLMLSvcPS.dll


========== Win32 Services (SafeList) ==========

SRV:64bit: - [2012/03/11 21:13:24 | 002,815,496 | ---- | M] (COMODO) [Auto | Running] -- C:\Program Files\COMODO\COMODO Internet Security\cmdagent.exe -- (cmdAgent)
SRV:64bit: - [2012/02/14 03:08:26 | 002,122,000 | ---- | M] (Blue Coat Systems, Inc.) [Auto | Running] -- C:\Program Files\Blue Coat K9 Web Protection\k9filter.exe -- (bckwfs)
SRV:64bit: - [2011/03/04 08:57:58 | 000,379,520 | ---- | M] (ASUSTeK Computer Inc.) [Auto | Running] -- C:\Windows\SysNative\FBAgent.exe -- (AFBAgent)
SRV:64bit: - [2010/09/23 09:10:10 | 000,057,184 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Program Files\Windows Live\Mesh\wlcrasvc.exe -- (wlcrasvc)
SRV:64bit: - [2010/04/17 08:07:42 | 000,134,928 | ---- | M] (Intel® Corporation) [Auto | Running] -- C:\Program Files\Intel\TurboBoost\TurboBoost.exe -- (TurboBoost)
SRV:64bit: - [2009/07/14 09:41:27 | 001,011,712 | ---- | M] (Microsoft Corporation) [Auto | Running] -- C:\Program Files\Windows Defender\MpSvc.dll -- (WinDefend)
SRV - [2012/07/17 20:57:12 | 000,469,136 | ---- | M] () [Auto | Running] -- C:\Program Files (x86)\Comodo\Dragon\dragon_updater.exe -- (DragonUpdater)
SRV - [2012/07/12 11:48:35 | 000,250,056 | ---- | M] (Adobe Systems Incorporated) [On_Demand | Stopped] -- C:\Windows\SysWOW64\Macromed\Flash\FlashPlayerUpdateService.exe -- (AdobeFlashPlayerUpdateSvc)
SRV - [2012/06/17 15:44:46 | 003,069,752 | ---- | M] (Emsisoft GmbH) [Auto | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2service.exe -- (a2AntiMalware)
SRV - [2012/04/05 02:49:16 | 000,099,600 | ---- | M] (SANDBOXIE L.T.D) [Auto | Running] -- D:\New Program\Sandboxies沙箱\SbieSvc.exe -- (SbieSvc)
SRV - [2011/08/12 07:38:04 | 000,140,672 | ---- | M] (SUPERAntiSpyware.com) [Auto | Running] -- D:\New Program\SASCore64.exe -- (!SASCORE)
SRV - [2011/06/06 12:55:28 | 000,064,952 | ---- | M] (Adobe Systems Incorporated) [Auto | Running] -- C:\Program Files (x86)\Common Files\Adobe\ARM\1.0\armsvc.exe -- (AdobeARMservice)
SRV - [2011/06/05 07:22:00 | 001,997,416 | ---- | M] (NVIDIA Corporation) [Auto | Stopped] -- C:\Program Files (x86)\NVIDIA Corporation\NVIDIA Updatus\daemonu.exe -- (nvUpdatusService)
SRV - [2011/03/26 09:55:16 | 000,091,464 | ---- | M] () [Auto | Running] -- C:\ExpressGateUtil\VAWinService.exe -- (VideAceWindowsService)
SRV - [2011/03/14 02:59:18 | 000,138,400 | ---- | M] (Atheros) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\Ath_CoexAgent.exe -- (Atheros Bt&Wlan Coex Agent)
SRV - [2011/03/14 02:58:30 | 000,074,912 | ---- | M] (Atheros Commnucations) [Auto | Running] -- C:\Program Files (x86)\Bluetooth Suite\AdminService.exe -- (AtherosSvc)
SRV - [2010/08/19 16:52:04 | 000,229,376 | ---- | M] () [Auto | Stopped] -- C:\ProgramData\DataCardService\DCService.exe -- (DCService.exe)
SRV - [2010/03/19 04:16:28 | 000,130,384 | ---- | M] (Microsoft Corporation) [Auto | Stopped] -- C:\Windows\Microsoft.NET\Framework\v4.0.30319\mscorsvw.exe -- (clr_optimization_v4.0.30319_32)
SRV - [2009/12/16 02:39:38 | 000,096,896 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\GFNEXSrv.exe -- (ATKGFNEXSrv)
SRV - [2009/06/16 09:30:42 | 000,084,536 | ---- | M] (ASUS) [Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\AsLdrSrv.exe -- (ASLDRService)
SRV - [2009/06/11 05:23:09 | 000,066,384 | ---- | M] (Microsoft Corporation) [Disabled | Stopped] -- C:\Windows\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32)


========== Driver Services (SafeList) ==========

DRV:64bit: - [2012/03/11 21:13:40 | 000,022,696 | ---- | M] (COMODO) [File_System | System | Running] -- C:\Windows\SysNative\drivers\cmderd.sys -- (cmderd)
DRV:64bit: - [2012/03/01 14:46:16 | 000,023,408 | ---- | M] (Microsoft Corporation) [Recognizer | Boot | Unknown] -- C:\Windows\SysNative\drivers\fs_rec.sys -- (Fs_Rec)
DRV:64bit: - [2012/02/14 03:07:34 | 000,108,304 | ---- | M] (Blue Coat Systems, Inc.) [Kernel | System | Running] -- C:\Windows\SysNative\drivers\bckd.sys -- (bckd)
DRV:64bit: - [2012/01/10 16:44:58 | 000,219,648 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIc.sys -- (FLxHCIc)
DRV:64bit: - [2012/01/10 16:44:58 | 000,065,024 | ---- | M] (Fresco Logic) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\FLxHCIh.sys -- (FLxHCIh)
DRV:64bit: - [2011/10/18 11:41:44 | 000,107,904 | ---- | M] (Advanced Micro Devices) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsata.sys -- (amdsata)
DRV:64bit: - [2011/10/18 11:41:44 | 000,027,008 | ---- | M] (Advanced Micro Devices) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\amdxata.sys -- (amdxata)
DRV:64bit: - [2011/06/05 07:22:00 | 000,025,960 | ---- | M] (NVIDIA Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\nvpciflt.sys -- (nvpciflt)
DRV:64bit: - [2011/05/14 06:37:54 | 000,048,488 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\fssfltr.sys -- (fssfltr)
DRV:64bit: - [2011/04/20 17:24:56 | 000,169,584 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\L1C62x64.sys -- (L1C)
DRV:64bit: - [2011/04/13 05:18:08 | 000,142,632 | ---- | M] (ELAN Microelectronics Corp.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ETD.sys -- (ETD)
DRV:64bit: - [2011/03/14 02:58:44 | 000,280,224 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btfilter.sys -- (BtFilter)
DRV:64bit: - [2011/03/14 02:58:44 | 000,201,376 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_hcrp.sys -- (BTATH_HCRP)
DRV:64bit: - [2011/03/14 02:58:44 | 000,154,272 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_rcp.sys -- (BTATH_RCP)
DRV:64bit: - [2011/03/14 02:58:44 | 000,055,456 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_lwflt.sys -- (BTATH_LWFLT)
DRV:64bit: - [2011/03/14 02:58:42 | 000,298,656 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_a2dp.sys -- (BTATH_A2DP)
DRV:64bit: - [2011/03/14 02:58:42 | 000,036,000 | ---- | M] (Atheros) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\btath_flt.sys -- (AthBTPort)
DRV:64bit: - [2011/03/14 02:58:42 | 000,028,832 | ---- | M] (Atheros) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\btath_bus.sys -- (BTATH_BUS)
DRV:64bit: - [2011/01/27 08:57:12 | 012,273,408 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\igdkmd64.sys -- (igfx)
DRV:64bit: - [2010/11/20 21:33:36 | 000,078,720 | ---- | M] (Hewlett-Packard Company) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\HpSAMD.sys -- (HpSAMD)
DRV:64bit: - [2010/11/20 19:07:06 | 000,059,392 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbFlt.sys -- (TsUsbFlt)
DRV:64bit: - [2010/11/20 19:07:06 | 000,031,232 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\TsUsbGD.sys -- (TsUsbGD)
DRV:64bit: - [2010/10/15 00:28:16 | 000,317,440 | ---- | M] (Intel® Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\IntcDAud.sys -- (IntcDAud)
DRV:64bit: - [2010/09/22 01:59:38 | 000,056,344 | ---- | M] (Intel Corporation) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\HECIx64.sys -- (MEIx64)
DRV:64bit: - [2010/09/14 10:24:26 | 000,437,272 | ---- | M] (Intel Corporation) [Kernel | Boot | Running] -- C:\Windows\SysNative\drivers\iaStor.sys -- (iaStor)
DRV:64bit: - [2010/09/07 17:19:38 | 001,800,832 | ---- | M] (Sonix Technology Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\snp2uvc.sys -- (SNP2UVC)
DRV:64bit: - [2010/08/07 17:49:04 | 000,121,600 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ewusbmdm.sys -- (hwdatacard)
DRV:64bit: - [2010/07/27 15:26:34 | 000,086,016 | ---- | M] (Huawei Technologies Co., Ltd.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\ew_jubusenum.sys -- (huawei_enumerator)
DRV:64bit: - [2010/07/08 18:03:48 | 002,228,736 | ---- | M] (Atheros Communications, Inc.) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\athrx.sys -- (athr)
DRV:64bit: - [2010/05/03 11:46:04 | 000,044,032 | ---- | M] (Alcor Micro, Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\AmUStor.sys -- (AmUStor)
DRV:64bit: - [2010/04/17 08:07:28 | 000,013,832 | ---- | M] () [Kernel | Auto | Running] -- C:\Windows\SysNative\drivers\TurboB.sys -- (TurboB)
DRV:64bit: - [2009/07/20 17:29:40 | 000,015,416 | ---- | M] ( ) [Kernel | On_Demand | Running] -- C:\Windows\SysNative\drivers\kbfiltr.sys -- (kbfiltr)
DRV:64bit: - [2009/07/14 09:52:20 | 000,194,128 | ---- | M] (AMD Technologies Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\amdsbs.sys -- (amdsbs)
DRV:64bit: - [2009/07/14 09:48:04 | 000,065,600 | ---- | M] (LSI Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\lsi_sas2.sys -- (LSI_SAS2)
DRV:64bit: - [2009/07/14 09:45:55 | 000,024,656 | ---- | M] (Promise Technology) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\stexstor.sys -- (stexstor)
DRV:64bit: - [2009/07/14 07:21:48 | 000,038,400 | ---- | M] (Microsoft Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\tpm.sys -- (TPM)
DRV:64bit: - [2009/06/11 04:35:57 | 000,056,832 | ---- | M] (Silicon Integrated Systems Corp.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\SiSG664.sys -- (SiSGbeLH)
DRV:64bit: - [2009/06/11 04:34:33 | 003,286,016 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\evbda.sys -- (ebdrv)
DRV:64bit: - [2009/06/11 04:34:28 | 000,468,480 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\bxvbda.sys -- (b06bdrv)
DRV:64bit: - [2009/06/11 04:34:23 | 000,270,848 | ---- | M] (Broadcom Corporation) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\b57nd60a.sys -- (b57nd60a)
DRV:64bit: - [2009/06/11 04:31:59 | 000,031,232 | ---- | M] (Hauppauge Computer Works, Inc.) [Kernel | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\hcw85cir.sys -- (hcw85cir)
DRV:64bit: - [2008/05/24 09:27:28 | 000,154,168 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysNative\drivers\WimFltr.sys -- (WimFltr)
DRV - [2012/04/30 18:45:28 | 000,066,320 | ---- | M] (Emsisoft GmbH) [File_System | On_Demand | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2accx64.sys -- (a2acc)
DRV - [2012/04/30 18:45:00 | 000,044,688 | ---- | M] (Emsisoft GmbH) [File_System | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2dix64.sys -- (a2injectiondriver)
DRV - [2012/04/05 02:49:14 | 000,163,992 | ---- | M] (SANDBOXIE L.T.D) [Kernel | On_Demand | Running] -- D:\New Program\Sandboxies沙箱\SbieDrv.sys -- (SbieDrv)
DRV - [2011/07/23 00:26:56 | 000,014,928 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\New Program\sasdifsv64.sys -- (SASDIFSV)
DRV - [2011/07/13 05:55:18 | 000,012,368 | ---- | M] (SUPERAdBlocker.com and SUPERAntiSpyware.com) [Kernel | System | Running] -- D:\New Program\saskutil64.sys -- (SASKUTIL)
DRV - [2011/05/26 11:06:20 | 000,017,536 | ---- | M] (ASUS) [Kernel | System | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATK WMIACPI\atkwmiacpi64.sys -- (ATKWMIACPIIO)
DRV - [2011/05/19 14:10:34 | 000,023,208 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2ddax64.sys -- (A2DDA)
DRV - [2010/05/05 09:40:54 | 000,014,720 | ---- | M] (Emsi Software GmbH) [Kernel | System | Running] -- C:\Program Files (x86)\Emsisoft Anti-Malware\a2util64.sys -- (a2util)
DRV - [2009/07/14 09:19:10 | 000,019,008 | ---- | M] (Microsoft Corporation) [File_System | On_Demand | Stopped] -- C:\Windows\SysWOW64\drivers\wimmount.sys -- (WIMMount)
DRV - [2009/07/03 09:36:14 | 000,015,416 | ---- | M] (ASUS) [Kernel | Auto | Running] -- C:\Program Files (x86)\ASUS\ATK Package\ATKGFNEX\ASMMAP64.sys -- (ASMMAP64)


========== Standard Registry (SafeList) ==========


========== Internet Explorer ==========

IE:64bit: - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE:64bit: - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE:64bit: - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\Windows\SysWOW64\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com
IE - HKLM\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKLM\..\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}: "URL" = http://www.bing.com/...rc=IE-SearchBox


IE - HKU\.DEFAULT\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0

IE - HKU\S-1-5-18\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0



IE - HKU\S-1-5-21-4001696799-3722537429-2969441357-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL = http://asus.msn.com
IE - HKU\S-1-5-21-4001696799-3722537429-2969441357-1000\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com

IE - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = http://asus.msn.com/
IE - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001\..\SearchScopes,DefaultScope = {0633EE93-D776-472f-A0FF-E1416B8B2E3A}
IE - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0


========== FireFox ==========

FF - prefs.js..browser.startup.homepage: "www.google.com.tw"
FF - prefs.js..network.proxy.type: 0
FF - user.js - File not found

FF:64bit: - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\system32\Macromed\Flash\NPSWF64_11_3_300_265.dll File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF:64bit: - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~1\MICROS~2\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@adobe.com/FlashPlayer: C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_3_300_265.dll ()
FF - HKLM\Software\MozillaPlugins\@adobe.com/ShockwavePlayer: C:\Windows\SysWOW64\Adobe\Director\np32dsw.dll (Adobe Systems, Inc.)
FF - HKLM\Software\MozillaPlugins\@java.com/DTPlugin,version=10.5.1: C:\Windows\SysWOW64\npDeployJava1.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin: C:\Program Files (x86)\Java\jre7\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@java.com/JavaPlugin,version=10.5.1: C:\Program Files (x86)\Oracle\JavaFX 2.1 Runtime\bin\plugin2\npjp2.dll (Oracle Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/GENUINE: disabled File not found
FF - HKLM\Software\MozillaPlugins\@Microsoft.com/NpCtrl,version=1.0: C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll ( Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/OfficeAuthz,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/SharePoint,version=14.0: C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3502.0922: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\@microsoft.com/WLPG,version=15.4.3538.0513: C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll (Microsoft Corporation)
FF - HKLM\Software\MozillaPlugins\Adobe Reader: C:\Program Files (x86)\Adobe\Reader 10.0\Reader\AIR\nppdf32.dll (Adobe Systems Inc.)
FF - HKLM\Software\MozillaPlugins\ZEON/PDF,version=2.0: C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll (Zeon Corporation)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=3: C:\Users\ASUS\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)
FF - HKCU\Software\MozillaPlugins\@tools.google.com/Google Update;version=9: C:\Users\ASUS\AppData\Local\Google\Update\1.3.21.115\npGoogleUpdate3.dll (Google Inc.)

FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Components: D:\New Program\FireFox\components [2012/06/20 20:36:16 | 000,000,000 | ---D | M]
FF - HKEY_LOCAL_MACHINE\software\mozilla\Mozilla Firefox 11.0\extensions\\Plugins: D:\New Program\FireFox\plugins

[2012/11/07 15:25:58 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Extensions
[2012/06/20 18:39:16 | 000,000,000 | ---D | M] (No name found) -- C:\Users\ASUS\AppData\Roaming\mozilla\Firefox\Profiles\f4o2kfyi.default\extensions

========== Chrome ==========

CHR - homepage: http://www.google.com/
CHR - default_search_provider: Google (Enabled)
CHR - default_search_provider: search_url = {google:baseURL}search?{google:RLZ}{google:acceptedSuggestion}{google:originalQueryForSuggestion}{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}sourceid=chrome&ie={inputEncoding}&q={searchTerms}
CHR - default_search_provider: suggest_url = {google:baseSuggestURL}search?{google:searchFieldtrialParameter}{google:instantFieldTrialGroupParameter}client=chrome&hl={language}&q={searchTerms}
CHR - homepage: http://www.google.com/
CHR - plugin: Remoting Viewer (Enabled) = internal-remoting-viewer
CHR - plugin: Native Client (Enabled) = C:\Users\ASUS\AppData\Local\Google\Chrome\Application\19.0.1084.56\ppGoogleNaClPluginChrome.dll
CHR - plugin: Chrome PDF Viewer (Enabled) = C:\Users\ASUS\AppData\Local\Google\Chrome\Application\19.0.1084.56\pdf.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Users\ASUS\AppData\Local\Google\Chrome\Application\19.0.1084.56\gcswf32.dll
CHR - plugin: Shockwave Flash (Enabled) = C:\Windows\SysWOW64\Macromed\Flash\NPSWF32_11_2_202_235.dll
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPAUTHZ.DLL
CHR - plugin: Microsoft Office 2010 (Enabled) = C:\PROGRA~2\MICROS~1\Office14\NPSPWRAP.DLL
CHR - plugin: Java™ Platform SE 6 U31 (Enabled) = C:\Program Files (x86)\Java\jre6\bin\plugin2\npjp2.dll
CHR - plugin: Silverlight Plug-In (Enabled) = C:\Program Files (x86)\Microsoft Silverlight\4.1.10329.0\npctrl.dll
CHR - plugin: Zeon Plus (Enabled) = C:\Program Files (x86)\Nuance\PDF Reader\bin\nppdf.dll
CHR - plugin: Windows Live\u0099 Photo Gallery (Enabled) = C:\Program Files (x86)\Windows Live\Photo Gallery\NPWLPG.dll
CHR - plugin: Google Update (Enabled) = C:\Users\ASUS\AppData\Local\Google\Update\1.3.21.111\npGoogleUpdate3.dll
CHR - Extension: YouTube = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\blpcfgokakmgnkcojhhkbfbldkacnbeo\4.2.5_0\
CHR - Extension: Google \u641C\u5C0B = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\coobgpohoikkiipiblmjeljniedjpjpf\0.0.0.19_0\
CHR - Extension: Gmail = C:\Users\ASUS\AppData\Local\Google\Chrome\User Data\Default\Extensions\pjkljhegncpnkpknbcohdijeoejaedia\7_0\

O1 HOSTS File: ([2012/07/25 17:10:50 | 000,001,701 | ---- | M]) - C:\Windows\SysNative\drivers\etc\hosts
O1 - Hosts: 127.0.0.1 localhost
O1 - Hosts: 216.239.32.20 www.google.ae # bck9
O1 - Hosts: 216.239.32.20 www.google.at # bck9
O1 - Hosts: 216.239.32.20 www.google.be # bck9
O1 - Hosts: 216.239.32.20 www.google.ca # bck9
O1 - Hosts: 216.239.32.20 www.google.ch # bck9
O1 - Hosts: 216.239.32.20 www.google.cl # bck9
O1 - Hosts: 216.239.32.20 www.google.co.il # bck9
O1 - Hosts: 216.239.32.20 www.google.co.in # bck9
O1 - Hosts: 216.239.32.20 www.google.co.jp # bck9
O1 - Hosts: 216.239.32.20 www.google.co.kr # bck9
O1 - Hosts: 216.239.32.20 www.google.co.nz # bck9
O1 - Hosts: 216.239.32.20 www.google.co.uk # bck9
O1 - Hosts: 216.239.32.20 www.google.co.ve # bck9
O1 - Hosts: 216.239.32.20 www.google.co.za # bck9
O1 - Hosts: 216.239.32.20 www.google.com # bck9
O1 - Hosts: 216.239.32.20 www.google.com.ar # bck9
O1 - Hosts: 216.239.32.20 www.google.com.au # bck9
O1 - Hosts: 216.239.32.20 www.google.com.br # bck9
O1 - Hosts: 216.239.32.20 www.google.com.co # bck9
O1 - Hosts: 216.239.32.20 www.google.com.gr # bck9
O1 - Hosts: 216.239.32.20 www.google.com.hk # bck9
O1 - Hosts: 216.239.32.20 www.google.com.mx # bck9
O1 - Hosts: 216.239.32.20 www.google.com.my # bck9
O1 - Hosts: 216.239.32.20 www.google.com.pe # bck9
O1 - Hosts: 39 more lines...
O2 - BHO: (Java™ Plug-In SSV Helper) - {761497BB-D6F0-462C-B6EB-D4DAF1D92D43} - C:\Program Files (x86)\Java\jre7\bin\ssv.dll (Oracle Corporation)
O2 - BHO: (CIESpeechBHO Class) - {8D10F6C4-0E01-4BD4-8601-11AC1FDF8126} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O2 - BHO: (Java™ Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files (x86)\Java\jre7\bin\jp2ssv.dll (Oracle Corporation)
O3 - HKLM\..\Toolbar: (no name) - Locked - No CLSID value found.
O4:64bit: - HKLM..\Run: [AmIcoSinglun64] C:\Program Files (x86)\AmIcoSingLun\AmIcoSinglun64.exe (Alcor Micro Corp.)
O4:64bit: - HKLM..\Run: [AthBtTray] C:\Program Files (x86)\Bluetooth Suite\AthBtTray.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [AtherosBtStack] C:\Program Files (x86)\Bluetooth Suite\BtvStack.exe (Atheros Commnucations)
O4:64bit: - HKLM..\Run: [COMODO Internet Security] C:\Program Files\COMODO\COMODO Internet Security\cfp.exe (COMODO)
O4:64bit: - HKLM..\Run: [ETDCtrl] C:\Program Files\Elantech\ETDCtrl.exe (ELAN Microelectronics Corp.)
O4:64bit: - HKLM..\Run: [HotKeysCmds] C:\Windows\SysNative\hkcmd.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IgfxTray] C:\Windows\SysNative\igfxtray.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [IntelTBRunOnce] wscript.exe //b //nologo "C:\Program Files\Intel\TurboBoost\RunTBGadgetOnce.vbs" File not found
O4:64bit: - HKLM..\Run: [Persistence] C:\Windows\SysNative\igfxpers.exe (Intel Corporation)
O4:64bit: - HKLM..\Run: [RtHDVBg] C:\Program Files\Realtek\Audio\HDA\RAVBg64.exe (Realtek Semiconductor)
O4:64bit: - HKLM..\Run: [snp2uvc] C:\Windows\vsnp2uvc.exe (Sonix Technology Co., Ltd.)
O4 - HKLM..\Run: [ASUSPRP] C:\Program Files (x86)\ASUS\APRP\APRP.EXE (ASUSTek Computer Inc.)
O4 - HKLM..\Run: [ASUSWebStorage] C:\Program Files (x86)\ASUS\ASUS WebStorage\3.0.108.222\AsusWSPanel.exe (ecareme)
O4 - HKLM..\Run: [ATKMEDIA] C:\Program Files (x86)\ASUS\ATK Package\ATK Media\DMedia.exe (ASUS)
O4 - HKLM..\Run: [ATKOSD2] C:\Program Files (x86)\ASUS\ATK Package\ATKOSD2\ATKOSD2.exe (ASUS)
O4 - HKLM..\Run: [emsisoft anti-malware] c:\program files (x86)\emsisoft anti-malware\a2guard.exe (Emsisoft GmbH)
O4 - HKLM..\Run: [FLxHCIm64] C:\Program Files\Fresco Logic\Fresco Logic USB3.0 Host Controller\amd64_host\FLxHCIm.exe (Windows ® Win 7 DDK provider)
O4 - HKLM..\Run: [HControlUser] C:\Program Files (x86)\ASUS\ATK Package\ATK Hotkey\HControlUser.exe (ASUS)
O4 - HKLM..\Run: [Nuance PDF Reader-reminder] C:\Program Files (x86)\Nuance\PDF Reader\Ereg\Ereg.exe (Nuance Communications, Inc.)
O4 - HKLM..\Run: [RemoteControl10] C:\Program Files (x86)\Cyberlink\PowerDVD10\PDVD10Serv.exe (CyberLink Corp.)
O4 - HKLM..\Run: [SonicMasterTray] C:\Program Files (x86)\ASUS\SonicMaster\SonicMasterTray.exe (Virage Logic Corporation / Sonic Focus)
O4 - HKLM..\Run: [UpdatePSTShortCut] C:\Program Files (x86)\Cyberlink\DVD Suite\MUITransfer\MUIStartMenu.exe (CyberLink Corp.)
O4 - HKLM..\Run: [VAWinAgent] C:\ExpressGateUtil\VAWinAgent.exe ()
O4 - HKLM..\Run: [Wireless Console 3] C:\Program Files (x86)\ASUS\Wireless Console 3\wcourier.exe ()
O4 - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001..\Run: [SandboxieControl] D:\New Program\Sandboxies沙箱\SbieCtrl.exe (SANDBOXIE L.T.D)
O4 - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001..\Run: [SUPERAntiSpyware] D:\New Program\SUPERANTISPYWARE.EXE (SUPERAntiSpyware.com)
O6 - HKLM\Software\Policies\Microsoft\Internet Explorer\Restrictions present
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorAdmin = 5
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: ConsentPromptBehaviorUser = 3
O7 - HKU\.DEFAULT\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-18\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-19\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-20\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4001696799-3722537429-2969441357-1000\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKU\S-1-5-21-4001696799-3722537429-2969441357-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O7 - HKU\S-1-5-21-4001696799-3722537429-2969441357-1002\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O9:64bit: - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - Reg Error: Value error. File not found
O9 - Extra 'Tools' menuitem : Send by Bluetooth to - {7815BE26-237D-41A8-A98F-F7BD75F71086} - C:\Program Files (x86)\Bluetooth Suite\IEPlugIn.dll (Atheros Commnucations)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93} http://java.sun.com/...indows-i586.cab (Java Plug-in 10.5.0)
O16 - DPF: {CAFEEFAC-0017-0000-0005-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA} http://java.sun.com/...indows-i586.cab (Java Plug-in 1.7.0_05)
O18:64bit: - Protocol\Handler\livecall - No CLSID value found
O18:64bit: - Protocol\Handler\ms-help - No CLSID value found
O18:64bit: - Protocol\Handler\msnim - No CLSID value found
O18:64bit: - Protocol\Handler\wlmailhtml - No CLSID value found
O18:64bit: - Protocol\Handler\wlpg - No CLSID value found
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\nvinitx.dll) - C:\Windows\SysNative\nvinitx.dll (NVIDIA Corporation)
O20:64bit: - AppInit_DLLs: (C:\Windows\System32\guard64.dll) - C:\Windows\SysNative\guard64.dll (COMODO)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\nvinit.dll) - C:\Windows\SysWOW64\nvinit.dll (NVIDIA Corporation)
O20 - AppInit_DLLs: (C:\Windows\SysWOW64\guard32.dll) - C:\Windows\SysWOW64\guard32.dll (COMODO)
O20:64bit: - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\explorer.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysNative\userinit.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (SystemPropertiesPerformance.exe) - C:\Windows\SysNative\SystemPropertiesPerformance.exe (Microsoft Corporation)
O20:64bit: - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\Windows\SysWow64\explorer.exe (Microsoft Corporation)
O20 - HKLM Winlogon: UserInit - (C:\Windows\system32\userinit.exe) - C:\Windows\SysWOW64\userinit.exe (Microsoft Corporation)
O20 - HKLM Winlogon: VMApplet - (/pagefile) - File not found
O20:64bit: - Winlogon\Notify\igfxcui: DllName - (igfxdev.dll) - C:\Windows\SysNative\igfxdev.dll (Intel Corporation)
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2010/08/20 08:49:08 | 000,126,976 | R--- | M] () - F:\AutoRun.exe -- [ CDFS ]
O32 - AutoRun File - [2008/10/01 09:12:34 | 000,000,045 | R--- | M] () - F:\AUTORUN.INF -- [ CDFS ]
O34 - HKLM BootExecute: (autocheck autochk *)
O35:64bit: - HKLM\..comfile [open] -- "%1" %*
O35:64bit: - HKLM\..exefile [open] -- "%1" %*
O35 - HKLM\..comfile [open] -- "%1" %*
O35 - HKLM\..exefile [open] -- "%1" %*
O37:64bit: - HKLM\...com [@ = ComFile] -- "%1" %*
O37:64bit: - HKLM\...exe [@ = exefile] -- "%1" %*
O37 - HKLM\...com [@ = ComFile] -- "%1" %*
O37 - HKLM\...exe [@ = exefile] -- "%1" %*
O38 - SubSystems\\Windows: (ServerDll=winsrv:UserServerDllInitialization,3)
O38 - SubSystems\\Windows: (ServerDll=winsrv:ConServerDllInitialization,2)
O38 - SubSystems\\Windows: (ServerDll=sxssrv,4)

========== Files/Folders - Created Within 30 Days ==========

[2012/11/07 17:33:12 | 000,000,000 | ---D | C] -- C:\ProgramData\CPA_VA
[2012/11/07 17:32:08 | 000,000,000 | ---D | C] -- C:\Users\Public\Documents\COMODO
[2012/11/07 17:31:48 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\l蒪w砫滴`r俞videace
[2012/11/07 17:30:16 | 000,000,000 | ---D | C] -- C:\Program Files\COMODO
[2012/11/07 17:30:14 | 001,700,352 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/11/07 17:30:14 | 001,060,864 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012/11/07 17:30:14 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Comodo
[2012/11/07 16:36:36 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\FLEXnet
[2012/11/07 16:36:34 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Nuance
[2012/11/07 16:33:10 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Zeon
[2012/11/07 16:13:19 | 000,000,000 | ---D | C] -- C:\temp
[2012/11/07 15:56:58 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Sandboxie
[2012/11/07 15:25:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Mozilla
[2012/11/07 15:25:51 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Mozilla
[2012/11/07 15:14:19 | 000,000,000 | ---D | C] -- C:\VritualRoot
[2012/11/07 15:14:05 | 000,000,000 | ---D | C] -- C:\videace
[2012/11/07 15:04:27 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\COMODO
[2012/11/07 15:04:25 | 000,000,000 | ---D | C] -- C:\ProgramData\Comodo
[2012/11/07 14:58:20 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Mobile Partner
[2012/11/07 14:58:07 | 000,000,000 | ---D | C] -- C:\ProgramData\DataCardService
[2012/11/07 14:58:06 | 001,721,576 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\drivers\WdfCoInstaller01009.dll
[2012/11/07 14:58:06 | 000,196,608 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juwwanecm.sys
[2012/11/07 14:58:06 | 000,091,648 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcacm.sys
[2012/11/07 14:58:06 | 000,086,016 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jubusenum.sys
[2012/11/07 14:58:06 | 000,054,784 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_jucdcecm.sys
[2012/11/07 14:58:06 | 000,030,208 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_juextctrl.sys
[2012/11/07 14:58:06 | 000,022,528 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwupgrade.sys
[2012/11/07 14:58:03 | 000,999,936 | ---- | C] (DiBcom SA) -- C:\Windows\SysNative\drivers\mod7700.sys
[2012/11/07 14:58:03 | 000,256,000 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbnet.sys
[2012/11/07 14:58:03 | 000,121,600 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ewusbmdm.sys
[2012/11/07 14:58:03 | 000,032,768 | ---- | C] (Huawei Tech. Co., Ltd.) -- C:\Windows\SysNative\drivers\ewdcsc.sys
[2012/11/07 14:58:03 | 000,013,952 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_usbenumfilter.sys
[2012/11/07 14:57:59 | 000,117,248 | ---- | C] (Huawei Technologies Co., Ltd.) -- C:\Windows\SysNative\drivers\ew_hwusbdev.sys
[2012/11/07 05:37:52 | 000,000,000 | ---D | C] -- C:\eSupport
[2012/11/07 05:16:16 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\CyberLink Media Suite
[2012/11/07 05:13:29 | 000,080,512 | ---- | C] (ASUS) -- C:\Windows\ASUS_N3_Series Uninstaller.exe
[2012/11/07 05:13:28 | 064,702,955 | ---- | C] (Axialis Software) -- C:\Windows\SysNative\ASUS_N3_Series.scr
[2012/11/07 05:13:27 | 003,058,304 | ---- | C] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/11/07 05:11:14 | 000,029,480 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012/11/07 05:08:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2012/11/07 05:07:26 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\CyberLink
[2012/11/07 05:07:25 | 000,000,000 | ---D | C] -- C:\ProgramData\CyberLink
[2012/11/07 05:07:24 | 000,000,000 | ---D | C] -- C:\ProgramData\Temp
[2012/11/07 05:06:36 | 000,000,000 | ---D | C] -- C:\ExpressGateUtil
[2012/11/07 05:03:42 | 000,155,648 | ---- | C] (ASUSTeK) -- C:\Windows\SysWow64\ACEngSvr.exe
[2012/11/07 05:01:25 | 000,379,520 | ---- | C] (ASUSTeK Computer Inc.) -- C:\Windows\SysNative\FBAgent.exe
[2012/11/07 05:01:25 | 000,000,000 | ---D | C] -- C:\Program Files\ASUS
[2012/11/07 04:59:31 | 000,000,000 | ---D | C] -- C:\ProgramData\P4G
[2012/11/07 04:59:31 | 000,000,000 | ---D | C] -- C:\Program Files\P4G
[2012/11/07 04:59:08 | 000,000,000 | ---D | C] -- C:\Program Files\Intel
[2012/11/07 04:56:16 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\BT Program
[2012/11/07 04:56:16 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Atheros
[2012/11/07 04:56:15 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Bluetooth Suite
[2012/11/07 04:55:38 | 002,228,736 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\drivers\athrx.sys
[2012/11/07 04:55:38 | 002,228,736 | ---- | C] (Atheros Communications, Inc.) -- C:\Windows\SysNative\athrx.sys
[2012/11/07 04:55:38 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Atheros
[2012/11/07 04:55:32 | 000,000,000 | ---D | C] -- C:\ProgramData\Atheros
[2012/11/07 04:53:31 | 000,000,000 | ---D | C] -- C:\Program Files\Elantech
[2012/11/07 04:53:24 | 000,000,000 | ---D | C] -- C:\Program Files\Fresco Logic Inc
[2012/11/07 04:53:20 | 000,000,000 | ---D | C] -- C:\ProgramData\AmUStor
[2012/11/07 04:53:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\AmIcoSingLun
[2012/11/07 04:52:57 | 000,000,000 | ---D | C] -- C:\ProgramData\Intel
[2012/11/07 04:52:34 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\NV
[2012/11/07 04:52:34 | 000,000,000 | ---D | C] -- C:\Windows\SysNative\NV
[2012/11/07 04:51:11 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Virage Logic, Corp
[2012/11/07 04:51:06 | 000,000,000 | ---D | C] -- C:\ProgramData\SonicFocus
[2012/11/07 04:51:04 | 000,000,000 | ---D | C] -- C:\Program Files\Realtek
[2012/11/07 04:51:03 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\RTCOM
[2012/11/07 04:50:56 | 002,628,200 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkAPO64.dll
[2012/11/07 04:50:56 | 002,580,824 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\WavesGUILib.dll
[2012/11/07 04:50:56 | 002,048,616 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtPgEx64.dll
[2012/11/07 04:50:56 | 001,146,984 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTSnMg64.cpl
[2012/11/07 04:50:56 | 000,613,480 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkApi64.dll
[2012/11/07 04:50:56 | 000,518,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSX64.dll
[2012/11/07 04:50:56 | 000,372,936 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEP64A.dll
[2012/11/07 04:50:56 | 000,332,392 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtlCPAPI64.dll
[2012/11/07 04:50:56 | 000,220,496 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFNHK64.dll
[2012/11/07 04:50:56 | 000,211,184 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSTSH64.dll
[2012/11/07 04:50:56 | 000,198,896 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSHP64.dll
[2012/11/07 04:50:56 | 000,180,048 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFProc64.dll
[2012/11/07 04:50:56 | 000,155,888 | ---- | C] (SRS Labs, Inc.) -- C:\Windows\SysNative\SRSWOW64.dll
[2012/11/07 04:50:56 | 000,149,608 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RtkCfg64.dll
[2012/11/07 04:50:56 | 000,099,016 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEL64A.dll
[2012/11/07 04:50:56 | 000,086,352 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFComm64.dll
[2012/11/07 04:50:56 | 000,083,792 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFSAPO64.dll
[2012/11/07 04:50:56 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFHAPO64.dll
[2012/11/07 04:50:56 | 000,082,768 | ---- | C] (Sonic Focus, Inc.) -- C:\Windows\SysNative\SFDAPO64.dll
[2012/11/07 04:50:56 | 000,081,232 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFCOM64.dll
[2012/11/07 04:50:56 | 000,078,160 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysNative\SFAPO64.dll
[2012/11/07 04:50:56 | 000,076,488 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEEG64A.dll
[2012/11/07 04:50:56 | 000,074,064 | ---- | C] (Virage Logic Corporation / Sonic Focus) -- C:\Windows\SysWow64\SFCOM.dll
[2012/11/07 04:50:55 | 002,197,264 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioEQ.dll
[2012/11/07 04:50:55 | 001,325,792 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2SpeakerDLL64.dll
[2012/11/07 04:50:55 | 001,229,416 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RTCOM64.dll
[2012/11/07 04:50:55 | 001,178,336 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSS2HeadphoneDLL64.dll
[2012/11/07 04:50:55 | 001,110,240 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBoostDLL64.dll
[2012/11/07 04:50:55 | 000,503,520 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSBassEnhancementDLL64.dll
[2012/11/07 04:50:55 | 000,477,800 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoRes64.dat
[2012/11/07 04:50:55 | 000,474,336 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSVoiceClarityDLL64.dll
[2012/11/07 04:50:55 | 000,338,336 | ---- | C] (Fortemedia Corporation) -- C:\Windows\SysNative\FMAPO64.dll
[2012/11/07 04:50:55 | 000,318,808 | ---- | C] (Waves Audio Ltd.) -- C:\Windows\SysNative\MaxxAudioAPO20.dll
[2012/11/07 04:50:55 | 000,315,616 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSNeoPCDLL64.dll
[2012/11/07 04:50:55 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DHT64.dll
[2012/11/07 04:50:55 | 000,307,920 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RP3DAA64.dll
[2012/11/07 04:50:55 | 000,268,512 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLimiterDLL64.dll
[2012/11/07 04:50:55 | 000,265,440 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGainCompensatorDLL64.dll
[2012/11/07 04:50:55 | 000,201,928 | ---- | C] (Dolby Laboratories, Inc.) -- C:\Windows\SysNative\RTEED64A.dll
[2012/11/07 04:50:55 | 000,124,640 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSLFXAPO64.dll
[2012/11/07 04:50:55 | 000,124,128 | ---- | C] (DTS) -- C:\Windows\SysNative\DTSGFXAPO64.dll
[2012/11/07 04:50:55 | 000,079,976 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\SysNative\RCoInst64.dll
[2012/11/07 04:50:54 | 001,251,944 | ---- | C] (Realtek Semiconductor Corp.) -- C:\Windows\RtlExUpd.dll
[2012/11/07 04:50:54 | 000,200,800 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAC64.dll
[2012/11/07 04:50:54 | 000,108,960 | ---- | C] (Andrea Electronics Corporation) -- C:\Windows\SysNative\AERTAR64.dll
[2012/11/07 04:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Temp
[2012/11/07 04:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Realtek
[2012/11/07 04:50:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\InstallShield Installation Information
[2012/11/07 04:50:52 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\InstallShield
[2012/11/07 04:50:48 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA
[2012/11/07 04:50:06 | 000,000,000 | ---D | C] -- C:\ProgramData\NVIDIA Corporation
[2012/11/07 04:50:04 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\NVIDIA Corporation
[2012/11/07 04:49:53 | 002,207,336 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvapi64.dll
[2012/11/07 04:49:53 | 001,970,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvapi.dll
[2012/11/07 04:49:53 | 001,626,728 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdispco6420141.dll
[2012/11/07 04:49:53 | 001,394,280 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvgenco642061.dll
[2012/11/07 04:49:52 | 008,106,088 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvwgf2umx.dll
[2012/11/07 04:49:52 | 006,029,928 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvwgf2um.dll
[2012/11/07 04:49:52 | 000,764,008 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvumdshimx.dll
[2012/11/07 04:49:52 | 000,645,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvumdshim.dll
[2012/11/07 04:49:52 | 000,067,176 | ---- | C] (Khronos Group) -- C:\Windows\SysNative\OpenCL.dll
[2012/11/07 04:49:52 | 000,057,960 | ---- | C] (Khronos Group) -- C:\Windows\SysWow64\OpenCL.dll
[2012/11/07 04:49:52 | 000,025,960 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvpciflt.sys
[2012/11/07 04:49:52 | 000,011,240 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\drivers\nvBridge.kmd
[2012/11/07 04:49:51 | 020,465,256 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoglv64.dll
[2012/11/07 04:49:51 | 018,580,072 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcompiler.dll
[2012/11/07 04:49:51 | 015,051,368 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoglv32.dll
[2012/11/07 04:49:51 | 013,011,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcompiler.dll
[2012/11/07 04:49:51 | 012,842,600 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvd3dumx.dll
[2012/11/07 04:49:51 | 010,061,416 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvd3dum.dll
[2012/11/07 04:49:51 | 006,597,736 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuda.dll
[2012/11/07 04:49:51 | 004,936,808 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuda.dll
[2012/11/07 04:49:51 | 003,182,184 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvid.dll
[2012/11/07 04:49:51 | 002,954,856 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvid.dll
[2012/11/07 04:49:51 | 002,871,400 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvcuvenc.dll
[2012/11/07 04:49:51 | 002,579,560 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvcuvenc.dll
[2012/11/07 04:49:51 | 000,446,056 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvoptimusmft.dll
[2012/11/07 04:49:51 | 000,391,784 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvdecodemft.dll
[2012/11/07 04:49:51 | 000,380,520 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvoptimusmft.dll
[2012/11/07 04:49:51 | 000,320,104 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvdecodemft.dll
[2012/11/07 04:49:51 | 000,226,920 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysNative\nvinitx.dll
[2012/11/07 04:49:51 | 000,193,128 | ---- | C] (NVIDIA Corporation) -- C:\Windows\SysWow64\nvinit.dll
[2012/11/07 04:49:40 | 000,000,000 | ---D | C] -- C:\Program Files\NVIDIA Corporation
[2012/11/07 04:49:38 | 000,000,000 | R--D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Intel
[2012/11/07 04:49:36 | 000,000,000 | ---D | C] -- C:\Program Files\Common Files\Intel
[2012/11/07 04:49:35 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Intel
[2012/11/07 04:46:54 | 000,053,248 | ---- | C] (Windows XP Bundled build C-Centric Single User) -- C:\Windows\SysWow64\CSVer.dll
[2012/11/07 04:46:54 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Intel
[2012/11/07 04:46:50 | 000,000,000 | ---D | C] -- C:\Intel
[2012/11/07 04:44:03 | 000,180,736 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ifsutil.dll
[2012/11/07 04:44:03 | 000,148,992 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ifsutil.dll
[2012/11/07 04:42:05 | 000,000,000 | ---D | C] -- C:\Windows\SoftwareDistribution
[2012/11/07 04:41:49 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\ASUS Utility
[2012/11/07 04:38:42 | 000,000,000 | -HSD | C] -- C:\System Volume Information
[2012/11/06 15:24:36 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\l綖w砫rw€tvideace
[2012/11/06 15:02:06 | 000,000,000 | -HSD | C] -- C:\Windows\SysWow64\AI_RecycleBin
[2012/11/06 15:02:00 | 000,000,000 | ---D | C] -- C:\Program Files\Fresco Logic
[2012/11/06 15:01:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Macromedia
[2012/11/06 15:01:35 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Adobe
[2012/11/06 14:57:07 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\ASUS
[2012/11/06 14:56:55 | 000,000,000 | ---D | C] -- C:\ProgramData\ASUS
[2012/11/06 14:56:54 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\ASUS
[2012/11/06 14:56:03 | 000,000,000 | ---D | C] -- C:\ProgramData\Sun
[2012/11/06 14:55:55 | 000,687,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/11/06 14:55:49 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Java
[2012/11/06 14:55:39 | 000,000,000 | ---D | C] -- C:\ProgramData\PassMark
[2012/11/06 14:54:21 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\ASUS WebStorage
[2012/11/06 14:35:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\BMExplorer
[2012/11/06 14:35:43 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Bluetooth Folder
[2012/11/06 14:34:13 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Power2Go
[2012/11/06 14:33:49 | 000,000,000 | R--D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Startup
[2012/11/06 14:33:49 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Searches
[2012/11/06 14:33:49 | 000,000,000 | R--D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Administrative Tools
[2012/11/06 14:33:49 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\User Pinned
[2012/11/06 14:33:42 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Identities
[2012/11/06 14:33:40 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Contacts
[2012/11/06 14:33:38 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\VirtualStore
[2012/11/06 14:33:31 | 000,000,000 | R-SD | C] -- C:\Users\Public\Desktop\ASUS
[2012/11/06 14:33:31 | 000,000,000 | ---D | C] -- C:\ProgramData\FolderView
[2012/11/06 14:33:31 | 000,000,000 | ---D | C] -- C:\ASUS.DAT
[2012/11/06 14:33:23 | 000,000,000 | --SD | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Videos
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Saved Games
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Pictures
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Music
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Maintenance
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Links
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Favorites
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Downloads
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Documents
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\Desktop
[2012/11/06 14:33:23 | 000,000,000 | R--D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Accessories
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\AppData\Local\Temporary Internet Files
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Templates
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\SendTo
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Recent
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\PrintHood
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\NetHood
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Documents\My Videos
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Documents\My Pictures
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Documents\My Music
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\My Documents
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Local Settings
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\AppData\Local\History
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Cookies
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\Application Data
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\AppData\Local\Application Data
[2012/11/06 14:33:23 | 000,000,000 | -HSD | C] -- C:\Users\ASUS\[開始] 功能表
[2012/11/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Temp
[2012/11/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Microsoft
[2012/11/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Media Center Programs
[2012/11/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\ASUS Video Magic
[2012/11/06 14:33:23 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData
[2012/07/25 17:01:44 | 000,000,000 | ---D | C] -- C:\ProgramData\HitmanPro
[2012/07/25 16:24:30 | 000,000,000 | -HSD | C] -- C:\$RECYCLE.BIN
[2012/07/25 16:22:19 | 000,000,000 | ---D | C] -- C:\Windows\temp
[2012/07/25 16:16:16 | 000,518,144 | ---- | C] (SteelWerX) -- C:\Windows\SWREG.exe
[2012/07/25 16:16:16 | 000,406,528 | ---- | C] (SteelWerX) -- C:\Windows\SWSC.exe
[2012/07/25 16:16:16 | 000,060,416 | ---- | C] (NirSoft) -- C:\Windows\NIRCMD.exe
[2012/07/25 16:12:38 | 004,584,441 | R--- | C] (Swearware) -- C:\Users\ASUS\Desktop\ComboFix.exe
[2012/07/25 16:07:23 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\饔蠉饔xt蓋videace
[2012/07/23 09:30:12 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\蠉xt坼videace
[2012/07/21 20:23:27 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Mw蠉Mwxt閱videace
[2012/07/21 13:08:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\蠉xt珮videace
[2012/07/20 08:51:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\鈖蠉鈖xt許videace
[2012/07/19 16:14:26 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\唪蠉唪xt娉videace
[2012/07/19 16:14:11 | 000,000,000 | ---D | C] -- C:\Windows\Minidump
[2012/07/19 09:01:28 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\菉蠉菉xt廄videace
[2012/07/18 09:25:29 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\Diagnostics
[2012/07/18 06:18:44 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Xw蠉Xwxt餐videace
[2012/07/17 18:01:40 | 000,000,000 | ---D | C] -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Emsisoft Anti-Malware
[2012/07/17 18:00:47 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Emsisoft Anti-Malware
[2012/07/17 18:00:47 | 000,000,000 | ---D | C] -- C:\Users\ASUS\Documents\Anti-Malware
[2012/07/17 17:58:32 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\烅蠉烅xt縷videace
[2012/07/17 10:01:20 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\qw蠉qwxt崤videace
[2012/07/16 19:20:16 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\黲蠉黲xt幋videace
[2012/07/16 15:30:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{AB99237C-5637-43E0-93EA-D8C954EEA2C8}
[2012/07/16 15:30:41 | 000,000,000 | ---D | C] -- C:\Users\ASUS\AppData\Local\{622ECAE9-5A9F-4B81-A8D5-167549C4617C}
[2012/07/16 10:00:59 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\6w蠉6wXr岤videace
[2012/07/15 20:46:09 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Common Files\Java
[2012/07/15 20:45:20 | 000,000,000 | ---D | C] -- C:\Program Files (x86)\Oracle
[2012/07/15 20:44:51 | 000,772,544 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/07/15 20:44:51 | 000,227,824 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/15 20:44:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/07/15 20:44:31 | 000,174,064 | ---- | C] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/07/12 09:04:07 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\uw蠉uwxtvideace
[2012/07/12 08:56:37 | 000,237,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\url.dll
[2012/07/12 08:56:37 | 000,231,936 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\url.dll
[2012/07/12 08:56:37 | 000,096,768 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\mshtmled.dll
[2012/07/12 08:56:37 | 000,073,216 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\mshtmled.dll
[2012/07/12 08:56:36 | 000,248,320 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieui.dll
[2012/07/12 08:56:36 | 000,176,640 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieui.dll
[2012/07/12 08:56:35 | 000,173,056 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ieUnatt.exe
[2012/07/12 08:56:35 | 000,142,848 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\ieUnatt.exe
[2012/07/12 08:56:34 | 002,311,680 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript9.dll
[2012/07/12 08:56:34 | 001,494,528 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\inetcpl.cpl
[2012/07/12 08:56:34 | 001,427,968 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\inetcpl.cpl
[2012/07/12 08:56:34 | 000,818,688 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\jscript.dll
[2012/07/12 08:56:34 | 000,716,800 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\jscript.dll
[2012/07/11 09:54:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3r.dll
[2012/07/11 09:54:20 | 000,002,048 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\msxml3r.dll
[2012/07/11 09:54:12 | 000,307,200 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\ncrypt.dll
[2012/07/11 09:54:04 | 000,805,376 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysWow64\cdosys.dll
[2012/07/11 09:54:03 | 001,133,568 | ---- | C] (Microsoft Corporation) -- C:\Windows\SysNative\cdosys.dll
[2012/07/08 06:14:17 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\蠉xtvideace
[2012/07/07 21:41:58 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\bw蠉bwxt胐videace
[2012/07/07 21:38:29 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\歡蠉歡xt吭videace
[2012/07/05 14:40:15 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\5w蠉5wxt餐videace
[2012/07/04 08:15:37 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\0w蠉0wxt么videace
[2012/06/29 09:53:14 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\9w蠉9wxt垥videace
[2012/06/27 09:23:56 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\Lw蠉Lwxtvideace
[2012/06/26 12:09:19 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\漙蠉漙xt苒videace
[2012/06/26 10:17:55 | 000,000,000 | ---D | C] -- C:\Windows\SysWow64\籌蠉籌xt苒videace

========== Files - Modified Within 30 Days ==========

[2012/11/07 17:32:37 | 000,001,846 | ---- | M] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2012/11/07 17:30:44 | 000,000,428 | ---- | M] () -- C:\Windows\SysWow64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2012/11/07 17:30:14 | 001,700,352 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\gdiplus.dll
[2012/11/07 17:30:14 | 001,060,864 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\mfc71.dll
[2012/11/07 15:56:58 | 000,000,795 | ---- | M] () -- C:\Users\ASUS\Desktop\從沙盤開啟網頁瀏覽器.lnk
[2012/11/07 15:56:58 | 000,000,795 | ---- | M] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\從沙盤開啟網頁瀏覽器.lnk
[2012/11/07 14:58:20 | 000,000,749 | ---- | M] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012/11/07 14:58:07 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2012/11/07 14:35:29 | 000,001,228 | ---- | M] () -- C:\Users\ASUS\Desktop\Windows Explorer.lnk
[2012/11/07 05:31:03 | 000,388,701 | ---- | M] () -- C:\Windows\SysWow64\license.rtf
[2012/11/07 05:31:03 | 000,388,701 | ---- | M] () -- C:\Windows\SysNative\license.rtf
[2012/11/07 05:15:12 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N43SN_N43SL_V70_WIN7.MRK
[2012/11/07 05:13:29 | 000,080,512 | ---- | M] (ASUS) -- C:\Windows\ASUS_N3_Series Uninstaller.exe
[2012/11/07 05:13:28 | 003,058,304 | ---- | M] (ASUS) -- C:\Windows\AsScrPro.exe
[2012/11/07 05:11:13 | 000,029,480 | ---- | M] (Microsoft Corporation) -- C:\Windows\SysWow64\msxml3a.dll
[2012/11/07 05:05:16 | 000,000,080 | ---- | M] () -- C:\Windows\SysNative\Defrag.ini
[2012/11/07 05:01:34 | 000,000,716 | ---- | M] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/11/07 05:01:28 | 000,002,617 | ---- | M] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2012/11/07 04:57:20 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/11/07 04:56:19 | 000,246,804 | ---- | M] () -- C:\Windows\SysNative\drivers\AtherosBt.bin
[2012/11/07 04:53:26 | 000,000,000 | -H-- | M] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/11/07 04:52:53 | 000,015,858 | ---- | M] () -- C:\Windows\SysNative\results.xml
[2012/11/06 15:01:28 | 000,001,355 | ---- | M] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/06 14:45:26 | 000,000,000 | ---- | M] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N43SL.alu
[2012/07/25 18:03:55 | 001,474,832 | ---- | M] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/07/25 17:47:00 | 000,000,526 | ---- | M] () -- C:\Windows\tasks\Adobe Flash Player Updater.job
[2012/07/25 17:42:36 | 000,002,228 | ---- | M] () -- C:\Windows\Sandboxie.ini
[2012/07/25 17:10:50 | 000,001,701 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts
[2012/07/25 17:07:17 | 000,001,701 | ---- | M] () -- C:\Windows\SysNative\drivers\etc\hosts.hitmanpro
[2012/07/25 17:07:01 | 000,000,548 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4001696799-3722537429-2969441357-1001UA.job
[2012/07/25 16:31:46 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-1.C7483456-A289-439d-8115-601632D005A0
[2012/07/25 16:31:46 | 000,009,920 | -H-- | M] () -- C:\Windows\SysNative\7B296FB0-376B-497e-B012-9C450E1B7327-5P-0.C7483456-A289-439d-8115-601632D005A0
[2012/07/25 16:31:41 | 000,663,560 | ---- | M] () -- C:\Windows\SysNative\perfh009.dat
[2012/07/25 16:31:41 | 000,410,870 | ---- | M] () -- C:\Windows\SysNative\prfh0404.dat
[2012/07/25 16:31:41 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\prfc0404.dat
[2012/07/25 16:31:41 | 000,124,832 | ---- | M] () -- C:\Windows\SysNative\perfc009.dat
[2012/07/25 16:31:40 | 001,329,576 | ---- | M] () -- C:\Windows\SysNative\PerfStringBackup.INI
[2012/07/25 16:24:32 | 000,045,056 | ---- | M] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/07/25 16:24:01 | 000,067,584 | --S- | M] () -- C:\Windows\bootstat.dat
[2012/07/25 16:23:54 | 2077,306,879 | -HS- | M] () -- C:\hiberfil.sys
[2012/07/25 16:13:46 | 004,584,441 | R--- | M] (Swearware) -- C:\Users\ASUS\Desktop\ComboFix.exe
[2012/07/24 20:07:01 | 000,000,496 | ---- | M] () -- C:\Windows\tasks\GoogleUpdateTaskUserS-1-5-21-4001696799-3722537429-2969441357-1001Core.job
[2012/07/19 16:14:07 | 523,048,164 | ---- | M] () -- C:\Windows\MEMORY.DMP
[2012/07/18 10:24:07 | 000,001,046 | ---- | M] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/07/18 06:20:39 | 000,002,396 | ---- | M] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/07/18 06:20:30 | 000,001,323 | ---- | M] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/07/17 18:01:40 | 000,001,121 | ---- | M] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/07/17 18:01:40 | 000,001,097 | ---- | M] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2012/07/16 15:34:27 | 000,000,750 | ---- | M] () -- C:\Users\Public\Desktop\Malwarebytes Anti-Malware.lnk
[2012/07/15 20:44:19 | 000,227,824 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaws.exe
[2012/07/15 20:44:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\javaw.exe
[2012/07/15 20:44:19 | 000,174,064 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\java.exe
[2012/07/12 22:03:07 | 000,002,360 | ---- | M] () -- C:\Users\ASUS\Desktop\Google Chrome.lnk
[2012/07/12 11:48:34 | 000,426,184 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerApp.exe
[2012/07/12 11:48:34 | 000,070,344 | ---- | M] (Adobe Systems Incorporated) -- C:\Windows\SysWow64\FlashPlayerCPLApp.cpl
[2012/07/12 09:03:57 | 000,351,096 | ---- | M] () -- C:\Windows\SysNative\FNTCACHE.DAT
[2012/07/05 22:06:30 | 000,772,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\npDeployJava1.dll
[2012/07/05 22:06:20 | 000,687,544 | ---- | M] (Oracle Corporation) -- C:\Windows\SysWow64\deployJava1.dll
[2012/07/03 13:46:44 | 000,024,904 | ---- | M] (Malwarebytes Corporation) -- C:\Windows\SysNative\drivers\mbam.sys

========== Files Created - No Company Name ==========

[2012/11/07 17:32:37 | 000,001,846 | ---- | C] () -- C:\Users\Public\Desktop\COMODO Internet Security.lnk
[2012/11/07 17:30:44 | 000,000,428 | ---- | C] () -- C:\Windows\SysWow64\{7995330B-E01F-4645-B702-53481E7CB778}.cmdfile
[2012/11/07 15:57:09 | 000,000,795 | ---- | C] () -- C:\Users\ASUS\Desktop\從沙盤開啟網頁瀏覽器.lnk
[2012/11/07 15:57:09 | 000,000,795 | ---- | C] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\從沙盤開啟網頁瀏覽器.lnk
[2012/11/07 15:57:07 | 000,002,228 | ---- | C] () -- C:\Windows\Sandboxie.ini
[2012/11/07 15:04:49 | 001,474,832 | ---- | C] () -- C:\Windows\SysNative\drivers\sfi.dat
[2012/11/07 14:58:20 | 000,000,749 | ---- | C] () -- C:\Users\Public\Desktop\Mobile Partner.lnk
[2012/11/07 14:58:07 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_ew_jubusenum_01009.Wdf
[2012/11/07 14:35:29 | 000,001,228 | ---- | C] () -- C:\Users\ASUS\Desktop\Windows Explorer.lnk
[2012/11/07 05:15:12 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTEK_N43SN_N43SL_V70_WIN7.MRK
[2012/11/07 05:01:34 | 000,000,716 | ---- | C] () -- C:\Users\Public\Desktop\eManual.Lnk
[2012/11/07 05:01:33 | 000,003,116 | ---- | C] () -- C:\Windows\SysNative\wimfltr.inf
[2012/11/07 05:01:28 | 000,002,617 | ---- | C] () -- C:\ProgramData\Microsoft\Windows\Start Menu\Programs\Startup\FancyStart daemon.lnk
[2012/11/07 05:01:25 | 000,002,396 | ---- | C] () -- C:\Windows\SysNative\AutoRunFilter.ini
[2012/11/07 05:01:25 | 000,001,323 | ---- | C] () -- C:\Windows\SysNative\ServiceFilter.ini
[2012/11/07 05:01:25 | 000,000,105 | ---- | C] () -- C:\Windows\SysNative\FastBoot.ini
[2012/11/07 05:01:25 | 000,000,080 | ---- | C] () -- C:\Windows\SysNative\Defrag.ini
[2012/11/07 05:01:25 | 000,000,052 | ---- | C] () -- C:\Windows\SysNative\RemoveFont.ini
[2012/11/07 05:01:25 | 000,000,015 | ---- | C] () -- C:\Windows\SysNative\BootTime.ini
[2012/11/07 04:57:20 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_btath_hcrp_01009.Wdf
[2012/11/07 04:55:38 | 000,355,542 | ---- | C] () -- C:\Windows\SysNative\netathrx.inf
[2012/11/07 04:55:38 | 000,056,092 | ---- | C] () -- C:\Windows\SysNative\athrextx.cat
[2012/11/07 04:53:26 | 000,000,000 | -H-- | C] () -- C:\Windows\SysNative\drivers\Msft_Kernel_FLxHCIc_01009.Wdf
[2012/11/07 04:52:53 | 000,015,858 | ---- | C] () -- C:\Windows\SysNative\results.xml
[2012/11/07 04:50:57 | 000,000,520 | ---- | C] () -- C:\Windows\SysNative\drivers\SamSfPa.dat
[2012/11/07 04:49:52 | 000,007,621 | ---- | C] () -- C:\Windows\SysNative\nvinfo.pb
[2012/11/07 04:38:42 | 2077,306,879 | -HS- | C] () -- C:\hiberfil.sys
[2012/11/06 15:01:28 | 000,001,355 | ---- | C] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Launch Internet Explorer Browser.lnk
[2012/11/06 14:45:26 | 000,000,000 | ---- | C] () -- C:\Windows\SysWow64\drivers\1043_ASUSTeK_N43SL.alu
[2012/11/06 14:34:38 | 000,001,327 | ---- | C] () -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer (64-bit).lnk
[2012/11/06 14:33:53 | 000,001,361 | ---- | C] () -- C:\Users\ASUS\AppData\Roaming\Microsoft\Windows\Start Menu\Programs\Internet Explorer.lnk
[2012/11/06 14:33:42 | 000,045,056 | ---- | C] () -- C:\Windows\SysWow64\acovcnt.exe
[2012/11/06 14:33:23 | 000,000,290 | ---- | C] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Shows Desktop.lnk
[2012/11/06 14:33:23 | 000,000,272 | ---- | C] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Window Switcher.lnk
[2012/07/25 16:16:16 | 000,256,000 | ---- | C] () -- C:\Windows\PEV.exe
[2012/07/25 16:16:16 | 000,208,896 | ---- | C] () -- C:\Windows\MBR.exe
[2012/07/25 16:16:16 | 000,098,816 | ---- | C] () -- C:\Windows\sed.exe
[2012/07/25 16:16:16 | 000,080,412 | ---- | C] () -- C:\Windows\grep.exe
[2012/07/25 16:16:16 | 000,068,096 | ---- | C] () -- C:\Windows\zip.exe
[2012/07/19 16:14:07 | 523,048,164 | ---- | C] () -- C:\Windows\MEMORY.DMP
[2012/07/18 10:24:07 | 000,001,046 | ---- | C] () -- C:\Users\Public\Desktop\Comodo Dragon.lnk
[2012/07/17 18:01:40 | 000,001,121 | ---- | C] () -- C:\Users\ASUS\Application Data\Microsoft\Internet Explorer\Quick Launch\Emsisoft Anti-Malware.lnk
[2012/07/17 18:01:40 | 000,001,097 | ---- | C] () -- C:\Users\Public\Desktop\Emsisoft Anti-Malware.lnk
[2011/10/18 12:17:57 | 002,180,480 | ---- | C] () -- C:\Windows\SysWow64\PerfStringBackup.INI
[2011/09/22 10:01:42 | 000,960,940 | ---- | C] () -- C:\Windows\SysWow64\igkrng600.bin
[2011/09/22 10:01:37 | 000,213,332 | ---- | C] () -- C:\Windows\SysWow64\igfcg600m.bin
[2011/09/22 10:01:35 | 000,145,804 | ---- | C] () -- C:\Windows\SysWow64\igcompkrng600.bin
[2011/09/22 09:57:41 | 000,015,497 | ---- | C] () -- C:\Windows\snp2uvc.ini

========== LOP Check ==========

[2012/11/06 14:54:21 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\ASUS WebStorage
[2012/06/13 13:11:40 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Azureus
[2012/06/07 23:15:45 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\FPAV
[2012/11/07 16:36:34 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Nuance
[2012/06/14 10:11:44 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\sns
[2012/11/07 16:33:10 | 000,000,000 | ---D | M] -- C:\Users\ASUS\AppData\Roaming\Zeon
[2009/07/14 13:08:49 | 000,023,680 | ---- | M] () -- C:\Windows\Tasks\SCHEDLGU.TXT

========== Purity Check ==========



< End of report >

And here is the Extra log file:
OTL Extras logfile created on: 2012/7/25 下午 05:51:32 - Run 1
OTL by OldTimer - Version 3.2.54.1 Folder = D:\New Program
64bit- Home Premium Edition Service Pack 1 (Version = 6.1.7601) - Type = NTWorkstation
Internet Explorer (Version = 9.0.8112.16421)
Locale: 00000404 | Country: 台灣 | Language: CHT | Date Format: yyyy/M/d

7.91 Gb Total Physical Memory | 5.39 Gb Available Physical Memory | 68.09% Memory free
15.82 Gb Paging File | 12.64 Gb Available in Paging File | 79.87% Paging File free
Paging file location(s): ?:\pagefile.sys [binary data]

%SystemDrive% = C: | %SystemRoot% = C:\Windows | %ProgramFiles% = C:\Program Files (x86)
Drive C: | 200.00 Gb Total Space | 146.27 Gb Free Space | 73.13% Space Free | Partition Type: NTFS
Drive D: | 240.76 Gb Total Space | 226.79 Gb Free Space | 94.20% Space Free | Partition Type: NTFS
Drive F: | 29.41 Mb Total Space | 0.00 Mb Free Space | 0.00% Space Free | Partition Type: CDFS

Computer Name: ASUS-PC | User Name: ASUS | Logged in as Administrator.
Boot Mode: Normal | Scan Mode: All users | Include 64bit Scans
Company Name Whitelist: Off | Skip Microsoft Files: Off | No Company Name Whitelist: On | File Age = 30 Days

========== Extra Registry (SafeList) ==========


========== File Associations ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.url[@ = InternetShortcut] -- C:\Windows\SysNative\rundll32.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.cpl [@ = cplfile] -- C:\Windows\SysWow64\control.exe (Microsoft Corporation)

[HKEY_USERS\S-1-5-21-4001696799-3722537429-2969441357-1001\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- D:\New Program\FireFox\firefox.exe (Mozilla Corporation)

========== Shell Spawning ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
htmlfile [print] -- rundll32.exe %SystemRoot%\system32\mshtml.dll,PrintHTML "%1" (Microsoft Corporation)
inffile [install] -- %SystemRoot%\System32\rundll32.exe setupapi,InstallHinfSection DefaultInstall 132 %1 (Microsoft Corporation)
InternetShortcut [open] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\ieframe.dll",OpenURL %l (Microsoft Corporation)
InternetShortcut [print] -- "C:\Windows\System32\rundll32.exe" "C:\Windows\System32\mshtml.dll",PrintHTML "%1" (Microsoft Corporation)
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

[HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %*
cmdfile [open] -- "%1" %*
comfile [open] -- "%1" %*
cplfile [cplopen] -- %SystemRoot%\System32\control.exe "%1",%* (Microsoft Corporation)
exefile [open] -- "%1" %*
helpfile [open] -- Reg Error: Key error.
piffile [open] -- "%1" %*
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1"
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l
scrfile [open] -- "%1" /S
txtfile [edit] -- Reg Error: Key error.
Unknown [openas] -- %SystemRoot%\system32\rundll32.exe %SystemRoot%\system32\shell32.dll,OpenAs_RunDLL %1
Directory [cmd] -- cmd.exe /s /k pushd "%V" (Microsoft Corporation)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [open] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Folder [explore] -- Reg Error: Value error.
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)

========== Security Center Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"cval" = 1
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]
"VistaSp1" = 28 4D B2 76 41 04 CA 01 [binary data]
"AntiVirusOverride" = 0
"AntiSpywareOverride" = 0
"FirewallOverride" = 0

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc\Vol]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirewallDisableNotify" = 0
"AntiVirusDisableNotify" = 0
"UpdatesDisableNotify" = 0

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Svc]

========== System Restore Settings ==========

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\SystemRestore]
"DisableSR" = 0

========== Firewall Settings ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\DomainProfile]

[HKEY_LOCAL_MACHINE\SOFTWARE\Policies\Microsoft\WindowsFirewall\StandardProfile]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\PublicProfile]
"DisableNotifications" = 0
"EnableFirewall" = 0

========== Authorized Applications List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]


========== Vista Active Open Ports Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{07A99DB6-FEB6-432B-8B6A-F700E24B99BC}" = lport=2869 | protocol=6 | dir=in | name=windows live communications platform (upnp) |
"{460F78A7-251A-4A93-8000-D1E308FC2591}" = lport=808 | protocol=6 | dir=in | svc=nettcpactivator | app=c:\windows\microsoft.net\framework64\v4.0.30319\smsvchost.exe |
"{F1C3E909-19A2-4A13-9284-721D2B7BC942}" = lport=1900 | protocol=17 | dir=in | name=windows live communications platform (ssdp) |

========== Vista Active Application Exception List ==========

[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\FirewallRules]
"{0932CEAB-7360-45A7-A0CA-45748E064F43}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |
"{195329F7-49B7-47FA-BF4D-5FC738502C34}" = dir=in | app=c:\program files (x86)\windows live\contacts\wlcomm.exe |
"{3087490F-0166-4066-95E1-93B28BA314B2}" = protocol=6 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{67E8F34F-8EFF-4ABB-883F-79CE716B0468}" = protocol=17 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{7155768C-310A-4F92-A2E0-D640C2D4B68F}" = protocol=6 | dir=in | app=c:\program files (x86)\microsoft office\office14\onenote.exe |
"{788E5C11-E4A1-4434-9C39-E415F2C0A410}" = protocol=17 | dir=in | app=d:\new program\vudownload s\azureus.exe |
"{9311E0C9-43C4-48F1-BFA3-46CC37CA7E24}" = dir=in | app=c:\program files (x86)\windows live\mesh\moe.exe |
"{B1D7CCAA-4236-4860-85BF-8A9ADEF48F9D}" = protocol=6 | dir=in | app=d:\new program\vudownload s\azureus.exe |
"{B303AFA7-D690-4F1F-BDD1-1659AB760D97}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd10.exe |
"{BB632656-9AF8-499F-B4D8-EDB6F059C7CF}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr_im.exe |
"{BF0F0FA6-8F7E-48A5-B40A-3F1AD3E9A295}" = dir=in | app=c:\program files (x86)\windows live\messenger\msnmsgr.exe |
"{E81E46CC-AFBB-4988-A7E1-CD195720BF26}" = dir=in | app=c:\program files (x86)\cyberlink\powerdvd10\powerdvd cinema\powerdvdcinema10.exe |
"{F419A40B-F6DA-4064-93B6-83A1060C87BA}" = dir=in | app=c:\program files (x86)\cyberlink\powerdirector\pdr8.exe |
"{F4CD54E1-E0F1-4B5F-96A7-74FAA0B4450C}" = protocol=17 | dir=in | app=c:\program files (x86)\raptr\raptr.exe |

========== HKEY_LOCAL_MACHINE Uninstall List ==========

64bit: [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{13F4A7F3-EABC-4261-AF6B-1317777F0755}" = Fast Boot
"{180C8888-50F1-426B-A9DC-AB83A1989C65}" = Windows Live Language Selector
"{1A4FE2D5-88B4-45EB-B58E-AB9134FEAA26}" = Fresco Logic USB3.0 Host Controller
"{1ACC8FFB-9D84-4C05-A4DE-D28A9BC91698}" = Windows Live ID Sign-in Assistant
"{1EB2CFC3-E1C5-4FC4-B1F8-549DD6242C67}" = Windows Live Remote Service Resources
"{1FB31F44-D4D0-4D76-944A-A1A5D79FD321}" = Windows Live Family Safety
"{206BD2C5-DE08-4577-A0D7-D441A79D5A3A}" = Windows Live Remote Client Resources
"{230D1595-57DA-4933-8C4E-375797EBB7E1}" = Bluetooth Win7 Suite (64)
"{23170F69-40C1-2702-0920-000001000000}" = 7-Zip 9.20 (x64 edition)
"{39F4C6F9-618A-4E5B-8FB2-6BD661174E32}" = Intel® Turbo Boost Technology Monitor
"{3CE222BA-66A6-4D18-BEE9-5D21C5798C3E}" = Windows Live Family Safety
"{3D7F836A-AE1F-4FA6-8DB9-4FE06697AB0A}" = Windows Live Family Safety
"{5E2CD4FB-4538-4831-8176-05D653C3E6D4}" = Windows Live Remote Service Resources
"{656DEEDE-F6AC-47CA-A568-A1B4E34B5760}" = Windows Live Remote Service Resources
"{692CCE55-9EAE-4F57-A834-092882E7FE0B}" = Windows Live Remote Client Resources
"{6ce5bae9-d3ca-4b99-891a-1dc6c118a5fc}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{6DDCFF78-6F91-438C-9567-C5CAA9D7F56C}" = Windows Live Family Safety
"{749BE6FF-815E-4F36-901B-7AC301B50330}" = Windows Live Family Safety
"{825C7D3F-D0B3-49D5-A42B-CBB0FBE85E99}" = Windows Live Remote Client Resources
"{847B0532-55E3-4AAF-8D7B-E3A1A7CD17E5}" = Windows Live Remote Client Resources
"{8E34682C-8118-31F1-BC4C-98CD9675E1C2}" = Microsoft .NET Framework 4 Extended
"{8EB588BD-D398-40D0-ADF7-BE1CEEF7C116}" = Windows Live Remote Client Resources
"{90140000-0028-0404-1000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2010
"{90140000-002A-0000-1000-0000000FF1CE}" = Microsoft Office Office 64-bit Components 2010
"{90140000-002A-0404-1000-0000000FF1CE}" = Microsoft Office Shared 64-bit MUI (Chinese (Traditional)) 2010
"{95120000-00B9-0409-1000-0000000FF1CE}" = Microsoft Application Error Reporting
"{9B6239BF-4E85-4590-8D72-51E30DB1A9AA}" = ASUS Power4Gear Hybrid
"{A679FBE4-BA2D-4514-8834-030982C8B31A}" = Windows Live Remote Service Resources
"{ad8a2fa1-06e7-4b0d-927d-6e54b3d31028}" = Microsoft Visual C++ 2005 Redistributable (x64)
"{AE91E0F3-C49A-4EF4-8B98-A07BD409EB90}" = Windows Live Remote Service Resources
"{B2FE1952-0186-46c3-BAEC-A80AA35AC5B8}_Display.ControlPanel" = NVIDIA Control Panel 268.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Driver" = NVIDIA Graphics Driver 268.83
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_Display.Optimus" = NVIDIA Optimus 1.0.23
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_installer" = NVIDIA Install Application
"{B2FE1952-0186-46C3-BAEC-A80AA35AC5B8}_NVIDIA.Update" = NVIDIA Update Components
"{B750FA38-7AB0-42CB-ACBB-E7DBE9FF603F}" = Windows Live Remote Client Resources
"{CDDCBBF1-2703-46BC-938B-BCC81A1EEAAA}" = SUPERAntiSpyware
"{CEA21F20-DBF4-464C-8B81-28B8508AFDDD}" = Windows Live Family Safety
"{D6AB1F5B-FED6-49A9-9747-327BD28FB3C7}" = COMODO Internet Security
"{DA54F80E-261C-41A2-A855-549A144F2F59}" = Windows Live MIME IFilter
"{DF6D988A-EEA0-4277-AAB8-158E086E439B}" = Windows Live Remote Client
"{E01819BD-709F-43A1-9600-6F5E4C584C37}" = Windows Live Family Safety
"{E02A6548-6FDE-40E2-8ED9-119D7D7E641F}" = Windows Live Remote Service
"{F5B09CFD-F0B2-36AF-8DF4-1DF6B63FC7B4}" = Microsoft .NET Framework 4 Client Profile
"{FAA3933C-6F0D-4350-B66B-9D7F7031343E}" = Windows Live Remote Service Resources
"Blue Coat K9 Web Protection" = Blue Coat K9 Web Protection
"CutePDF Writer Installation" = CutePDF Writer 2.8
"Elantech" = ETDWare PS/2-X64 8.0.5.3_WHQL
"Microsoft .NET Framework 4 Client Profile" = Microsoft .NET Framework 4 Client Profile
"Microsoft .NET Framework 4 Extended" = Microsoft .NET Framework 4 Extended
"Sandboxie" = Sandboxie 3.67.03 (64-bit)
"USB2.0 UVC 2M WebCam" = USB2.0 UVC 2M WebCam

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{000F2A10-9CDF-47BF-9CF2-9AC87567B433}" = Windows Live Photo Common
"{03241D8D-2217-42F7-9FCB-6A68D141C14D}" = Windows Live 软件包
"{04668DF2-D32F-4555-9C7E-35523DCD6544}" = Control ActiveX de Windows Live Mesh para conexiones remotas
"{05E379CC-F626-4E7D-8354-463865B303BF}" = Windows Live UX Platform Language Pack
"{062E4D94-8306-46D5-81B6-45E6AD09C799}" = Windows Live Messenger
"{0969AF05-4FF6-4C00-9406-43599238DE0D}" = ASUS Splendid Video Enhancement Technology
"{09BCB9CE-964B-4BDA-AE46-B5A0ABEF1D3F}" = SonicMaster
"{0B0F231F-CE6A-483D-AA23-77B364F75917}" = Windows Live Installer
"{0D261C88-454B-46FE-B43B-640E621BDA11}" = Windows Live Mail
"{0EC0B576-90F9-43C3-8FAD-A4902DF4B8F4}" = Galeria de Fotografias do Windows Live
"{1111706F-666A-4037-7777-211328764D10}" = JavaFX 2.1.1
"{198EA334-8A3F-4CB2-9D61-6C10B8168A6F}" = Windows Live Writer
"{19BA08F7-C728-469C-8A35-BFBD3633BE08}" = Windows Live Movie Maker
"{1DBD1F12-ED93-49C0-A7CC-56CBDE488158}" = ASUS LifeFrame3
"{1F6AB0E7-8CDD-4B93-8A23-AA9EB2FEFCE4}" = Junk Mail filter update
"{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"{200FEC62-3C34-4D60-9CE8-EC372E01C08F}" = Windows Live SOXE Definitions
"{20FDF948-C8ED-4543-A539-F7F4AEF5AFA2}" = Wireless Console 3
"{25A381E1-0AB9-4E7A-ACCE-BA49D519CF4E}" = Windows Live Mail
"{26A24AE4-039D-4CA4-87B4-2F83217005FF}" = Java™ 7 Update 5
"{28006915-2739-4EBE-B5E8-49B25D32EB33}" = Atheros Client Installation Program
"{2902F983-B4C1-44BA-B85D-5C6D52E2C441}" = Windows Live Mesh ActiveX Control for Remote Connections
"{29373E24-AC72-424E-8F2A-FB0F9436F21F}" = Windows Live Photo Common
"{2A3FC24C-6EC0-4519-A52B-FDA4EA9B2D24}" = Windows Live Messenger
"{2C865FB0-051E-4D22-AC62-428E035AEAF0}" = Windows Live Mesh
"{2D49C296-BCCA-4800-BAF6-A0269EBDCF74}" = Windows Live Messenger
"{317D56AC-0DB3-48F5-929A-42032DAC9AD7}" = Windows Live Writer
"{3336F667-9049-4D46-98B6-4C743EEBC5B1}" = Windows Live Photo Gallery
"{34319F1F-7CF2-4CC9-B357-1AE7D2FF3AC5}" = Windows Live
"{34F4D9A4-42C2-4348-BEF4-E553C84549E7}" = Windows Live Photo Gallery
"{368BEC2C-B7A2-4762-9213-2D8465D533CA}" = Windows Live UX Platform Language Pack
"{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud
"{370F888E-42A7-4911-9E34-7D74632E17EB}" = Windows Live Photo Common
"{3B9A92DA-6374-4872-B646-253F18624D5F}" = Windows Live Writer
"{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"{488F0347-C4A7-4374-91A7-30818BEDA710}" = Galerie de photos Windows Live
"{48C0DC5E-820A-44F2-890E-29B68EDD3C78}" = Windows Live Writer
"{4A03706F-666A-4037-7777-5F2748764D10}" = Java Auto Updater
"{506FC723-8E6C-4417-9CFF-351F99130425}" = Windows Live UX Platform Language Pack
"{55D003F4-9599-44BF-BA9E-95D060730DD3}" = Contrôle ActiveX Windows Live Mesh pour connexions à distance
"{579684A4-DDD5-4CA3-9EA8-7BE7D9593DB4}" = Windows Live UX Platform Language Pack
"{588CE0C0-860B-49A8-AFCF-3C69465B345F}" = Windows Live Mesh
"{5D273F60-0525-48BA-A5FB-D0CAA4A952AE}" = Windows Live Movie Maker
"{612C34C7-5E90-47D8-9B5C-0F717DD82726}" = swMSM
"{622DE1BE-9EDE-49D3-B349-29D64760342A}" = 適用遠端連線的 Windows Live Mesh ActiveX 控制項
"{62687B11-58B5-4A18-9BC3-9DF4CE03F194}" = Windows Live Writer Resources
"{64452561-169F-4A36-A2FF-B5E118EC65F5}" = ASUS SmartLogon
"{6807427D-8D68-4D30-AF5B-0B38F8F948C8}" = Windows Live Writer Resources
"{682B3E4F-696A-42DE-A41C-4C07EA1678B4}" = Windows Live SOXE
"{6CB36609-E3A6-446C-A3C1-C71E311D2B9C}" = Windows Live Movie Maker
"{6DEC8BD5-7574-47FA-B080-492BBBE2FEA3}" = Windows Live Movie Maker
"{710f4c1c-cc18-4c49-8cbf-51240c89a1a2}" = Microsoft Visual C++ 2005 Redistributable
"{7115EEBC-DA7B-434C-B81C-EA5B26EA9A94}" = Windows Live Writer Resources
"{753F0A72-59C3-41CE-A36A-F2DF2079275C}" = Windows Live Mail
"{77477AEA-5757-47D8-8B33-939F43D82218}" = Windows Live UX Platform Language Pack
"{78DAE910-CA72-450E-AD22-772CB1A00678}" = Windows Live Mesh
"{7B982EBD-D017-4527-BF1A-FC489EC6B100}" = Windows Live 照片库
"{7D1C7B9F-2744-4388-B128-5C75B8BCCC84}" = Windows Live Essentials
"{83C292B7-38A5-440B-A731-07070E81A64F}" = Windows Live PIMT Platform
"{841F1FB4-FDF8-461C-A496-3E1CFD84C0B5}" = Windows Live Mesh
"{89F4137D-6C26-4A84-BDB8-2E5A4BB71E00}" = Microsoft Silverlight
"{8C6D6116-B724-4810-8F2D-D047E6B7D68E}" = Mesh Runtime
"{8DD46C6A-0056-4FEC-B70A-28BB16A1F11F}" = MSVCRT
"{8F21291E-0444-4B1D-B9F9-4370A73E346D}" = WinFlash
"{8FF3891F-01B5-4A71-BFCD-20761890471C}" = Windows Live Messenger
"{90140000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2010
"{90140000-0015-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2010
"{90140000-0016-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2010
"{90140000-0018-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2010
"{90140000-0019-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2010
"{90140000-001A-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2010
"{90140000-001B-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2010
"{90140000-001F-0404-0000-0000000FF1CE}_Office14.SingleImage_{B87E50FB-B8F9-4B81-8D63-F5A3C5A330B3}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2010
"{90140000-001F-0409-0000-0000000FF1CE}_Office14.SingleImage_{99ACCA38-6DD3-48A8-96AE-A283C9759279}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2010
"{90140000-0028-0404-0000-0000000FF1CE}_Office14.SingleImage_{3ECE53A5-4BA5-49EA-828F-FD071F2652F0}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-0028-0404-1000-0000000FF1CE}_Office14.SingleImage_{51739025-3F28-46D2-9BB2-4E2A130C8C4C}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0000-1000-0000000FF1CE}_Office14.SingleImage_{967EF02C-5C7E-4718-8FCB-BDC050190CCF}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002A-0404-1000-0000000FF1CE}_Office14.SingleImage_{B8238131-3761-4A88-98B5-2356DF5B0A71}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2010
"{90140000-002C-0404-0000-0000000FF1CE}_Office14.SingleImage_{C82D6AFC-1F97-4F03-8A8A-564D647E483E}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-003D-0000-0000-0000000FF1CE}" = Microsoft Office Single Image 2010
"{90140000-003D-0000-0000-0000000FF1CE}_Office14.SingleImage_{047B0968-E622-4FAA-9B4B-121FA109EDDE}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2010
"{90140000-006E-0404-0000-0000000FF1CE}_Office14.SingleImage_{A7F0BFAF-D706-40CD-9C1C-4B1809614797}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{90140000-00A1-0404-0000-0000000FF1CE}" = Microsoft Office OneNote MUI (Chinese (Traditional)) 2010
"{90140000-00A1-0404-0000-0000000FF1CE}_Office14.SingleImage_{70C51D0C-D8E7-488A-8205-33FF4E05D543}" = Microsoft Office 2010 Service Pack 1 (SP1)
"{903EDF14-4E28-4463-AA5E-4AEE71C0263B}" = Windows Live Movie Maker
"{92EA4134-10D1-418A-91E1-5A0453131A38}" = Windows Live Movie Maker
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE518E6-ECC6-35A9-88E4-87755C07200F}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.6161
"{9D56775A-93F3-44A3-8092-840E3826DE30}" = Windows Live Mail
"{9FAE6E8D-E686-49F5-A574-0A58DFD9580C}" = Windows Live Mail
"{A0B91308-6666-4249-8FF6-1E11AFD75FE1}" = Windows Live Mail
"{A0C91188-C88F-4E86-93E6-CD7C9A266649}" = Windows Live Mesh
"{A41A708E-3BE6-4561-855D-44027C1CF0F8}" = Windows Live Photo Common
"{A726AE06-AAA3-43D1-87E3-70F510314F04}" = Windows Live Writer
"{A9BDCA6B-3653-467B-AC83-94367DA3BFE3}" = Windows Live Photo Common
"{AAAFC670-569B-4A2F-82B4-42945E0DE3EF}" = Windows Live Writer
"{AAF454FC-82CA-4F29-AB31-6A109485E76E}" = Windows Live Writer
"{AB5C933E-5C7D-4D30-B314-9C83A49B94BE}" = ATK Package
"{AB61A2E9-37D3-485D-9085-19FBDF8CEF4A}" = Windows Live Messenger
"{AC76BA86-7AD7-1028-7B44-AA1000000001}" = Adobe Reader X (10.1.0) - Chinese Traditional
"{B480904D-F73F-4673-B034-8A5F492C9184}" = Nuance PDF Reader
"{B618C3BF-5142-4630-81DD-F96864F97C7E}" = Windows Live Essentials
"{BAEE89D5-6E87-4F89-9603-A1C100479181}" = Windows Live Messenger
"{BC30E5E7-047D-4232-A7E8-F2CB7CC7B2E0}_is1" = Emsisoft Anti-Malware
"{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"{C66824E4-CBB3-4851-BB3F-E8CFD6350923}" = Windows Live Mail
"{C893D8C0-1BA0-4517-B11C-E89B65E72F70}" = Windows Live Photo Common
"{C944B4C5-1C4D-4D95-8AC0-7CEF13914131}" = ASUS FancyStart
"{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"{CE95A79E-E4FC-4FFF-8A75-29F04B942FF2}" = Windows Live UX Platform
"{D0B44725-3666-492D-BEF6-587A14BD9BD9}" = MSVCRT_amd64
"{D299197D-CDEA-41A6-A363-F532DE4114FD}" = Windows Live UX Platform Language Pack
"{D39F0676-163E-4595-A917-E28F99BBD4D2}" = ASUS AI Recovery
"{D436F577-1695-4D2F-8B44-AC76C99E0002}" = Windows Live Photo Common
"{D45240D3-B6B3-4FF9-B243-54ECE3E10066}" = Windows Live Communications Platform
"{DAEF48AD-89C8-4A93-B1DD-45B7E4FB6071}" = Windows Live Movie Maker
"{DDC8BDEE-DCAC-404D-8257-3E8D4B782467}" = Windows Live Writer Resources
"{DE8F99FD-2FC7-4C98-AA67-2729FDE1F040}" = Windows Live Writer Resources
"{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"{DECDCB7C-58CC-4865-91AF-627F9798FE48}" = Windows Live Mesh
"{E09C4DB7-630C-4F06-A631-8EA7239923AF}" = D3DX10
"{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"{E54EEB5D-41ED-40FE-B4A8-8565DB81469B}" = Controlo ActiveX do Windows Live Mesh para Ligações Remotas
"{E5B21F11-6933-4E0B-A25C-7963E3C07D11}" = Windows Live Messenger
"{E62E0550-C098-43A2-B54B-03FB1E634483}" = Windows Live Writer
"{E727A662-AF9F-4DEE-81C5-F4A1686F3DFC}" = Windows Live Writer Resources
"{E85A4EFC-82F2-4CEE-8A8E-62FDAD353A66}" = Galería fotográfica de Windows Live
"{EC8BD21F-0CA0-4BBF-97D9-4A52B30041A1}" = ASUS Virtual Camera
"{EEF99142-3357-402C-B298-DEC303E12D92}" = Windows Live 影像中心
"{EF7EAB13-46FC-49DD-8E3C-AAF8A286C5BB}" = Windows Live 程式集
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E3AD40-2BBD-4360-9C76-B9AC9A5886EA}" = Intel® Processor Graphics
"{F132AF7F-7BCA-4EDE-8A7C-958108FE7DBC}" = Realtek High Definition Audio Driver
"{F8A9085D-4C7A-41a9-8A77-C8998A96C421}" = Intel® Control Center
"{F992409C-9D10-4AE2-BAEB-B5409AD3785E}" = 用于远程连接的 Windows Live Mesh ActiveX 控件(简体中文)
"{FCDE76CB-989D-4E32-9739-6A272D2B0ED7}" = Windows Live Mesh
"{FE044230-9CA5-43F7-9B58-5AC5A28A1F33}" = Windows Live Essentials
"Adobe Flash Player Plugin" = Adobe Flash Player 11 Plugin
"Adobe Shockwave Player" = Adobe Shockwave Player 11.6
"Asus Vibe2.0" = AsusVibe2.0
"ASUS WebStorage" = ASUS WebStorage
"ASUS_N3_Series" = ASUS_N3_Series
"Comodo Dragon" = Comodo Dragon
"InstallShield_{1F7424F8-F992-48BC-90EF-7C4DB0405E3F}" = Alcor Micro USB Card Reader
"InstallShield_{1FBF6C24-C1FD-4101-A42B-0C564F9E8E79}" = ASUS Video Magic
"InstallShield_{36B0DC39-3282-40EB-8587-B875CE46C3A7}" = ExpressGateCloud
"InstallShield_{40BF1E83-20EB-11D8-97C5-0009C5020658}" = CyberLink Power2Go
"InstallShield_{C59C179C-668D-49A9-B6EA-0121CCFC1243}" = CyberLink LabelPrint
"InstallShield_{CB099890-1D5F-11D5-9EA9-0050BAE317E1}" = CyberLink PowerDirector
"InstallShield_{DEC235ED-58A4-4517-A278-C41E8DAEAB3B}" = CyberLink PowerDVD 10
"InstallShield_{E3739848-5329-48E3-8D28-5BBD6E8BE384}" = CyberLink MediaEspresso
"Malwarebytes' Anti-Malware_is1" = Malwarebytes Anti-Malware 版本 1.62.0.1300
"Mobile Partner" = Mobile Partner
"Mozilla Firefox 11.0 (x86 zh-TW)" = Mozilla Firefox 11.0 (x86 zh-TW)
"Office14.SingleImage" = Microsoft Office Home and Student 2010
"WinLiveSuite" = Windows Live Essentials

========== HKEY_USERS Uninstall List ==========

[HKEY_USERS\S-1-5-21-4001696799-3722537429-2969441357-1001\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"Google Chrome" = Google Chrome

========== Last 20 Event Log Errors ==========

[ Application Events ]
Error - 2012/6/25 下午 10:18:51 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: FBAgent.exe,版本: 1.0.10.0,時間戳記: 0x4d6f576c 失敗的模組名稱: ntdll.dll,版本:
6.1.7601.17725,時間戳記: 0x4ec4aa8e 例外狀況碼: 0xc0000005 錯誤位移: 0x00000000000532d0 失敗的處理程序識別碼:
0x610 失敗的應用程式開始時間: 0x01cd5341e1217cae 失敗的應用程式路徑: C:\Windows\system32\FBAgent.exe 失敗的模組路徑:
C:\Windows\SYSTEM32\ntdll.dll 報告識別碼: 44eff2c6-bf35-11e1-9a44-e0b9a5453a43

Error - 2012/6/26 上午 08:54:30 | Computer Name = ASUS-PC | Source = RasClient | ID = 20227
Description =

Error - 2012/6/26 上午 08:54:31 | Computer Name = ASUS-PC | Source = RasClient | ID = 20227
Description =

Error - 2012/6/26 下午 09:25:47 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: FBAgent.exe,版本: 1.0.10.0,時間戳記: 0x4d6f576c 失敗的模組名稱: ntdll.dll,版本:
6.1.7601.17725,時間戳記: 0x4ec4aa8e 例外狀況碼: 0xc0000005 錯誤位移: 0x00000000000532d0 失敗的處理程序識別碼:
0x620 失敗的應用程式開始時間: 0x01cd5403808011d6 失敗的應用程式路徑: C:\Windows\system32\FBAgent.exe 失敗的模組路徑:
C:\Windows\SYSTEM32\ntdll.dll 報告識別碼: 0527d8fc-bff7-11e1-9981-f46d0489e683

Error - 2012/6/27 下午 09:13:10 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: Mobile Partner.exe,版本: 1.0.0.1,時間戳記: 0x4a24ce38 失敗的模組名稱:
ntdll.dll,版本: 6.1.7601.17725,時間戳記: 0x4ec49b8f 例外狀況碼: 0xc0000005 錯誤位移: 0x00033e04 失敗的處理程序識別碼:
0x11c0 失敗的應用程式開始時間: 0x01cd546a57184a96 失敗的應用程式路徑: D:\FET Wireless Com\Mobile Partner\Mobile
Partner.exe 失敗的模組路徑: C:\Windows\SysWOW64\ntdll.dll 報告識別碼: 6ca1d627-c0be-11e1-ab5e-f46d0489e683

Error - 2012/6/28 下午 09:55:16 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: FBAgent.exe,版本: 1.0.10.0,時間戳記: 0x4d6f576c 失敗的模組名稱: FBAgent.exe,版本:
1.0.10.0,時間戳記: 0x4d6f576c 例外狀況碼: 0xc0000005 錯誤位移: 0x0000000000023177 失敗的處理程序識別碼: 0x61c
失敗的應用程式開始時間:
0x01cd5599eccb7c6a 失敗的應用程式路徑: C:\Windows\system32\FBAgent.exe 失敗的模組路徑: C:\Windows\system32\FBAgent.exe
報告識別碼:
78b9ec27-c18d-11e1-bcd8-f46d0489e683

Error - 2012/7/2 下午 11:39:53 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: FBAgent.exe,版本: 1.0.10.0,時間戳記: 0x4d6f576c 失敗的模組名稱: ntdll.dll,版本:
6.1.7601.17725,時間戳記: 0x4ec4aa8e 例外狀況碼: 0xc0000005 錯誤位移: 0x00000000000532d0 失敗的處理程序識別碼:
0x620 失敗的應用程式開始時間: 0x01cd58caee71d612 失敗的應用程式路徑: C:\Windows\system32\FBAgent.exe 失敗的模組路徑:
C:\Windows\SYSTEM32\ntdll.dll 報告識別碼: bfc5ccdc-c4c0-11e1-a507-f46d0489e683

Error - 2012/7/3 下午 08:16:31 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: FBAgent.exe,版本: 1.0.10.0,時間戳記: 0x4d6f576c 失敗的模組名稱: ntdll.dll,版本:
6.1.7601.17725,時間戳記: 0x4ec4aa8e 例外狀況碼: 0xc0000005 錯誤位移: 0x00000000000532d0 失敗的處理程序識別碼:
0x608 失敗的應用程式開始時間: 0x01cd597a1eb5f6e2 失敗的應用程式路徑: C:\Windows\system32\FBAgent.exe 失敗的模組路徑:
C:\Windows\SYSTEM32\ntdll.dll 報告識別碼: 80e44979-c56d-11e1-b3d9-e0b9a5453a43

Error - 2012/7/4 上午 07:07:32 | Computer Name = ASUS-PC | Source = RasClient | ID = 20227
Description =

Error - 2012/7/5 上午 02:40:34 | Computer Name = ASUS-PC | Source = Application Error | ID = 1000
Description = 失敗的應用程式名稱: FBAgent.exe,版本: 1.0.10.0,時間戳記: 0x4d6f576c 失敗的模組名稱: ntdll.dll,版本:
6.1.7601.17725,時間戳記: 0x4ec4aa8e 例外狀況碼: 0xc0000005 錯誤位移: 0x00000000000532d0 失敗的處理程序識別碼:
0x630 失敗的應用程式開始時間: 0x01cd5a79081982bf 失敗的應用程式路徑: C:\Windows\system32\FBAgent.exe 失敗的模組路徑:
C:\Windows\SYSTEM32\ntdll.dll 報告識別碼: 5204753b-c66c-11e1-ab8f-e0b9a5453a43

Error - 2012/7/5 下午 09:04:39 | Computer Name = ASUS-PC | Source = RasClient | ID = 20227
Description =

[ Media Center Events ]
Error - 2012/6/29 下午 11:14:46 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 上午 11:14:46 - 連線到網際網路時發生錯誤。 上午 11:14:46 - 無法連絡伺服器。.

Error - 2012/6/30 上午 12:14:51 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 下午 12:14:51 - 連線到網際網路時發生錯誤。 下午 12:14:51 - 無法連絡伺服器。.

Error - 2012/6/30 上午 12:14:56 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 下午 12:14:56 - 連線到網際網路時發生錯誤。 下午 12:14:56 - 無法連絡伺服器。.

Error - 2012/7/1 上午 08:55:30 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 下午 08:55:29 - 連線到網際網路時發生錯誤。 下午 08:55:30 - 無法連絡伺服器。.

Error - 2012/7/1 上午 08:55:40 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 下午 08:55:35 - 連線到網際網路時發生錯誤。 下午 08:55:35 - 無法連絡伺服器。.

Error - 2012/7/2 下午 09:04:48 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 上午 09:04:48 - 連線到網際網路時發生錯誤。 上午 09:04:48 - 無法連絡伺服器。.

Error - 2012/7/2 下午 09:05:00 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 上午 09:04:53 - 連線到網際網路時發生錯誤。 上午 09:04:53 - 無法連絡伺服器。.

Error - 2012/7/3 下午 08:23:40 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 上午 08:23:40 - 連線到網際網路時發生錯誤。 上午 08:23:40 - 無法連絡伺服器。.

Error - 2012/7/3 下午 08:23:48 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 上午 08:23:46 - 連線到網際網路時發生錯誤。 上午 08:23:46 - 無法連絡伺服器。.

Error - 2012/7/4 下午 07:54:04 | Computer Name = ASUS-PC | Source = MCUpdate | ID = 0
Description = 上午 07:53:58 - 連線到網際網路時發生錯誤。 上午 07:53:58 - 無法連絡伺服器。.

[ System Events ]
Error - 2012/7/14 上午 02:15:51 | Computer Name = ASUS-PC | Source = BTHUSB | ID = 327697
Description = 本機 Bluetooth 介面卡在無法斷定的情況下將無法使用。已解除載入驅動程式。

Error - 2012/7/14 上午 10:00:24 | Computer Name = ASUS-PC | Source = DCOM | ID = 10010
Description =

Error - 2012/7/15 上午 07:49:48 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: rqkdql vhjrap

Error - 2012/7/15 上午 07:51:17 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = AFBAgent 服務意外地終止。已經發生 1 次。

Error - 2012/7/15 下午 10:00:59 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: rqkdql vhjrap

Error - 2012/7/16 上午 07:20:22 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: rqkdql vhjrap

Error - 2012/7/16 上午 09:27:21 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: rqkdql vhjrap

Error - 2012/7/16 上午 09:31:21 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = AFBAgent 服務意外地終止。已經發生 1 次。

Error - 2012/7/16 下午 10:01:27 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7026
Description = 下列開機啟動或系統啟動驅動程式無法載入: rqkdql vhjrap

Error - 2012/7/16 下午 10:04:24 | Computer Name = ASUS-PC | Source = Service Control Manager | ID = 7034
Description = AFBAgent 服務意外地終止。已經發生 1 次。


< End of report >
  • 0

Advertisements


#2
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
Doesn't look strange to me. See: http://forums.blueco...hp?f=13&t=15572

If it bothers you then uninstall the Blue Coat K9 Web Protection and use HostsXpert
http://www.funkytoad...m_content&id=13
to restore the hosts file to the default if Blue Coat K9 Web Protection doesn't do it when you uninstall.

Ron
  • 0

#3
BMoonY

BMoonY

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi, Ron,

Ohhhh, Thanks, it is only K9 filter, that would be acceptable.
Do you see any infection sign of my PC ?
  • 0

#4
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
Don't see anything obvious. Can't read your event log so no idea what it is complaining about other than FBAgent.exe not working correctly. This is ASUS Fast Boot so you might check for a newer version on their website.

You can run an ESET online scan if you want to be sure but it takes hours:

Use IE and go to http://eset.com/onlinescan and click on ESET online Scanner. Accept the terms then press Start (If you get a warning from your browser tell it you want to run it).

# Check Scan Archives
# Push the Start button.
# ESET will then download updates for itself, install itself, and begin scanning your computer. Please be patient as this can take some time.
# When the scan completes, push LIST OF THREATS FOUND
# Push EXPORT TO TEXT FILE , and save the file to your desktop using a unique name, such as ESETScan. Include the contents of this report in your next reply.
# Push the BACK button.
# Push Finish
# Once the scan is completed, you may close the window.
# Use Notepad to open the logfile located at C:\Program Files\EsetOnlineScanner\log.txt
# Copy and paste that log as a reply.
  • 0

#5
BMoonY

BMoonY

    New Member

  • Topic Starter
  • Member
  • Pip
  • 3 posts
Hi, RKinner,

Thanks for the prompt reply, and very sorry to reply you late, cause of one Typhoon came over during these few days in Taiwan.
And here is the scanning log of ESET online scan.

Found one, and it is a program that I uninstall it some time ago.

[email protected] as downloader log:
all ok
[email protected] as downloader log:
all ok
# version=7
# OnlineScannerApp.exe=1.0.0.1
# OnlineScanner.ocx=1.0.0.6583
# api_version=3.0.2
# EOSSerial=6b1922bb59f1364d995a6e1c66d0d847
# end=finished
# remove_checked=true
# archives_checked=false
# unwanted_checked=true
# unsafe_checked=false
# antistealth_checked=true
# utc_time=2012-08-01 01:10:53
# local_time=2012-08-01 09:10:53 )
# country="Taiwan"
# lang=1033
# osver=6.1.7601 NT Service Pack 1
# compatibility_mode=512 16777215 100 0 0 0 0 0
# compatibility_mode=3073 16777213 80 71 0 19528997 0 0
# compatibility_mode=5893 16776573 100 94 0 95451233 0 0
# compatibility_mode=8192 67108863 100 0 0 0 0 0
# scanned=132556
# found=1
# cleaned=1
# scan_time=5270
D:\d\長壽\cnet_RevoUninProSetup_exe.exe a variant of Win32/InstallCore.D application (cleaned by deleting - quarantined) 00000000000000000000000000000000
  • 0

#6
RKinner

RKinner

    Malware Expert

  • Expert
  • 20,029 posts
  • MVP
No problem with delay. I don't keep track and I totally understand about typhoons - I used to live in Florida where we got the Atlantic version called hurricanes. Hope everyone came through it OK.

I think you are clean then. Following is a truncated version of my usual cleanup speech:

Make sure you have the latest versions of any adobe.com products you use like Shockwave, Flash or Acrobat.

Whether you use adobe reader, acrobat or fox-it to read pdf files you need to disable Javascript in the program. There is an exploit out there now that can use it to get on your PC. For Adobe Reader: Start, All Programs, Adobe Reader, Edit, Preferences, Click on Javascript in the left column and uncheck Enable Acrobat Javascript. OK Close program. It's the same for Foxit reader except you uncheck Enable Javascript Actions.

To help keep your programs up-to-date you should download and run the UpdateChecker:
http://www.filehippo.../updatechecker/
(You don't need to download Betas and if there is a program you don't use you can just uninstall it rather than update it. Exception is MSN messenger which appears to be part of Windows. You can also tell it not to show you updates from programs you don't care about.)
If you get a blocked program notice after installing updatechecker then change it to not run at start then manually run it once a week.
Seems to work best if Firefox is the default browser. You can also try Secunia PSI http://secunia.com/v...l/download_psi/ Same kind of info. You don't need both.
If you use Firefox or Chrome then get the AdBlock Plus Add-on. WOT (Web of Trust) is another you might want to try.
The equivalent to AdBlock Plus for IE is called Simple Adblock and you should install it too: http://simple-adblock.com/ tho the free version only blocks 200 ads a day. Another reason to use Firefox or Chrome.

If Firefox is slow loading make sure it only has the current Java add-on. Then download and run Speedy Fox.
http://www.crystalidea.com/speedyfox . You can run it any time that Firefox seems slow or after any changes like new add-ons or updates.

Be warned: If you use Limewire, utorrent or any of the other P2P programs you will almost certain be coming back to the Malware Removal forum. If you must use P2P then submit any files you get to http://virustotal.com before you open them.


If you have a router, log on to it today and change the default password! If using a Wireless router you really should be using encryption on the link. Use the strongest (newest) encryption method that your router and PC wireless adapter support especially if you own a business. See http://www.king5.com...-120637284.html and http://www.seattlepi...ted-1344185.php for why encryption is important. If you don't know how, visit the router maker's website. They all have detailed step by step instructions or a wizard you can download.

Ron
  • 0






Similar Topics

0 user(s) are reading this topic

0 members, 0 guests, 0 anonymous users

As Featured On:

Microsoft Yahoo BBC MSN PC Magazine Washington Post HP