Oh~ Really thanks for your help...
but i have got 2 question right now ..
1...while i am scaning my computer, Avira warning pops up again, what should i select?delete?or ignore?
2...since my computer is in Chinese display, ans the logs seems to be Chinese too>__<
hope it would not affect too much for you
Here comes with my logs:
OTL------------------------
OTL logfile created on: 23/10/2009 0:46:06 - Run 3
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Christine Chow\桌面\*制造器\防毒
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C04 | Country: 香港特別行政區 | Language: ZHH | Date Format: d/M/yyyy
1.50 Gb Total Physical Memory | 0.90 Gb Available Physical Memory | 60.00% Memory free
2.11 Gb Paging File | 1.27 Gb Available in Paging File | 60.30% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 15.23 Gb Free Space | 9.93% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive T: | 931.51 Gb Total Space | 638.58 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
Computer Name: CHRISTINE
Current User Name: Christine Chow
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Processes (SafeList) ========== PRC - [2009/10/22 23:10:35 | 00,521,216 | ---- | M] (OldTimer Tools) -- C:\Documents and Settings\Christine Chow\桌面\*制造器\防毒\OTL.exe
PRC - [2009/10/18 00:21:24 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe
PRC - [2009/10/18 00:21:24 | 00,149,280 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jusched.exe
PRC - [2009/09/26 14:57:04 | 00,222,728 | ---- | M] (RealNetworks, Inc.) -- c:\program files\real\RealPlay.exe
PRC - [2009/09/26 14:57:00 | 00,198,160 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\Common Files\Real\Update_OB\realsched.exe
PRC - [2009/09/21 23:43:25 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe
PRC - [2009/09/21 23:43:25 | 00,520,024 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWTray.exe
PRC - [2009/09/06 03:00:03 | 01,172,992 | ---- | M] (Vitalwerks LLC) -- C:\Program Files\No-IP\DUC20.exe
PRC - [2009/08/18 00:07:23 | 00,081,000 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashDisp.exe
PRC - [2009/08/18 00:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe
PRC - [2009/08/18 00:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe
PRC - [2009/08/18 00:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe
PRC - [2009/08/17 23:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe
PRC - [2009/08/06 01:00:12 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe
PRC - [2009/07/26 16:44:40 | 03,883,840 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Live\Messenger\msnmsgr.exe
PRC - [2009/07/22 16:14:20 | 00,210,312 | ---- | M] (PPStream Inc) -- C:\Program Files\PPStream\ppsap.exe
PRC - [2009/07/01 02:48:59 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\1.2.183.7\GoogleCrashHandler.exe
PRC - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe
PRC - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe
PRC - [2009/03/02 13:08:47 | 00,209,153 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avgnt.exe
PRC - [2009/02/06 18:10:02 | 00,227,840 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\wmiprvse.exe
PRC - [2009/01/21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe
PRC - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe
PRC - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe
PRC - [2008/12/08 13:33:48 | 01,173,384 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsTray.exe
PRC - [2008/04/15 18:54:53 | 01,695,232 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Messenger\msmsgs.exe
PRC - [2008/04/15 18:54:48 | 00,978,432 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Explorer.EXE
PRC - [2007/03/25 17:48:35 | 00,118,784 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe
PRC - [2007/03/12 13:49:46 | 01,209,904 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexStoreSvr.exe
PRC - [2007/03/12 13:49:46 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe
PRC - [2007/03/12 13:49:26 | 00,153,136 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe
PRC - [2007/03/06 10:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe
PRC - [2007/03/03 13:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe
PRC - [2005/09/23 00:42:24 | 00,090,112 | R--- | M] (Realtek Semiconductor Corp.) -- C:\WINDOWS\SOUNDMAN.EXE
PRC - [2004/08/12 20:00:00 | 00,016,896 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\System32\wbem\unsecapp.exe
PRC - [2002/02/07 00:32:48 | 00,057,344 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe
========== Win32 Services (SafeList) ========== SRV - [2009/10/18 00:21:24 | 00,153,376 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\Java\jre6\bin\jqs.exe -- (JavaQuickStarterService [Auto | Running])
SRV - [2009/09/21 23:43:25 | 01,028,432 | ---- | M] (Lavasoft) -- C:\Program Files\Lavasoft\Ad-Aware\AAWService.exe -- (Lavasoft Ad-Aware Service [Auto | Running])
SRV - [2009/09/06 03:00:03 | 01,172,992 | ---- | M] (Vitalwerks LLC) -- C:\Program Files\No-IP\DUC20.exe -- (NoIPDUCService [Auto | Running])
SRV - [2009/08/18 00:07:17 | 00,138,680 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashServ.exe -- (avast! Antivirus [Auto | Running])
SRV - [2009/08/18 00:07:01 | 00,254,040 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashMaiSv.exe -- (avast! Mail Scanner [On_Demand | Running])
SRV - [2009/08/18 00:04:21 | 00,352,920 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\ashWebSv.exe -- (avast! Web Scanner [On_Demand | Running])
SRV - [2009/08/17 23:58:55 | 00,018,752 | ---- | M] (ALWIL Software) -- C:\Program Files\Alwil Software\Avast4\aswUpdSv.exe -- (aswUpdSv [Auto | Running])
SRV - [2009/08/06 01:00:12 | 00,185,089 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\avguard.exe -- (AntiVirService [Auto | Running])
SRV - [2009/05/19 11:36:18 | 00,240,512 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Microsoft\Search Enhancement Pack\SeaPort\SeaPort.exe -- (SeaPort [Auto | Running])
SRV - [2009/05/13 16:48:22 | 00,108,289 | ---- | M] (Avira GmbH) -- C:\Program Files\Avira\AntiVir Desktop\sched.exe -- (AntiVirSchedulerService [Auto | Running])
SRV - [2009/05/01 14:05:57 | 00,182,768 | ---- | M] (Google) -- C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe -- (gusvc [On_Demand | Stopped])
SRV - [2009/03/21 05:04:05 | 00,133,104 | ---- | M] (Google Inc.) -- C:\Program Files\Google\Update\GoogleUpdate.exe -- (gupdate1c9a99f754b4572 [Auto | Stopped])
SRV - [2009/01/21 13:08:06 | 01,095,560 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsSvc.exe -- (sdCoreService [Auto | Running])
SRV - [2009/01/07 12:40:56 | 00,348,752 | ---- | M] (PC Tools) -- C:\Program Files\Spyware Doctor\pctsAuxs.exe -- (sdAuxService [Auto | Running])
SRV - [2008/12/12 11:17:38 | 00,238,888 | ---- | M] (Apple Inc.) -- C:\Program Files\Bonjour\mDNSResponder.exe -- (Bonjour Service [Auto | Running])
SRV - [2008/11/04 01:06:28 | 00,441,712 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE -- (odserv [On_Demand | Stopped])
SRV - [2008/07/29 21:10:04 | 00,046,104 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe -- (FontCache3.0.0.0 [On_Demand | Stopped])
SRV - [2008/07/29 19:24:50 | 00,881,664 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe -- (idsvc [Unknown | Stopped])
SRV - [2008/07/29 19:16:38 | 00,132,096 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe -- (NetTcpPortSharing [Disabled | Stopped])
SRV - [2008/07/25 11:17:02 | 00,069,632 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe -- (clr_optimization_v2.0.50727_32 [On_Demand | Stopped])
SRV - [2008/07/25 11:16:40 | 00,034,312 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe -- (aspnet_state [On_Demand | Stopped])
SRV - [2008/04/15 18:54:36 | 00,038,400 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\PCHealth\HelpCtr\Binaries\pchsvc.dll -- (helpsvc [Auto | Running])
SRV - [2007/08/30 21:15:22 | 00,654,848 | ---- | M] (Macrovision Europe Ltd.) -- C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe -- (FLEXnet Licensing Service [On_Demand | Stopped])
SRV - [2007/03/25 17:48:35 | 00,118,784 | ---- | M] (B.H.A Corporation) -- C:\WINDOWS\System32\bgsvcgen.exe -- (bgsvcgen [Auto | Running])
SRV - [2007/03/14 19:19:10 | 00,779,824 | ---- | M] (Nero AG) -- C:\Program Files\Nero\Nero 7\Nero BackItUp\NBService.exe -- (NBService [On_Demand | Stopped])
SRV - [2007/03/12 13:49:46 | 00,271,920 | ---- | M] (Nero AG) -- C:\Program Files\Common Files\Ahead\Lib\NMIndexingService.exe -- (NMIndexingService [On_Demand | Running])
SRV - [2007/03/06 10:35:02 | 00,198,168 | ---- | M] (InterVideo Inc.) -- C:\Program Files\Common Files\InterVideo\DeviceService\DevSvc.exe -- (Capture Device Service [Auto | Running])
SRV - [2007/03/03 13:48:28 | 00,067,056 | ---- | M] (Ulead Systems, Inc.) -- C:\Program Files\Common Files\Ulead Systems\DVD\ULCDRSvr.exe -- (UleadBurningHelper [Auto | Running])
SRV - [2006/11/02 23:09:48 | 00,897,024 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Windows Media Player\WMPNetwk.exe -- (WMPNetworkSvc [On_Demand | Stopped])
SRV - [2006/10/26 14:03:08 | 00,145,184 | ---- | M] (Microsoft Corporation) -- C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE -- (ose [On_Demand | Stopped])
SRV - [2005/04/04 00:41:10 | 00,069,632 | ---- | M] (Macrovision Corporation) -- C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe -- (IDriverT [On_Demand | Stopped])
SRV - [2002/02/07 00:32:48 | 00,057,344 | R--- | M] (NVIDIA Corporation) -- C:\WINDOWS\System32\nvsvc32.exe -- (NVSvc [Auto | Running])
========== Standard Registry (SafeList) ========== ========== Internet Explorer ========== IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Page_URL =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Search_URL =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Default_Secondary_Page_URL = [binary data]
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Extensions Off Page = about:NoAdd-ons
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://go.microsoft....k/?LinkId=54896IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Security Risk Page = about:SecurityRisk
IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page =
http://go.microsoft....k/?LinkId=69157IE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,CustomizeSearch =
http://ie.search.msn...st/srchcust.htmIE - HKLM\SOFTWARE\Microsoft\Internet Explorer\Search,SearchAssistant =
http://ie.search.msn...st/srchasst.htm IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Local Page = C:\WINDOWS\system32\blank.htm
IE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Search Page =
http://www.microsoft...amp;ar=iesearchIE - HKCU\SOFTWARE\Microsoft\Internet Explorer\Main,Start Page = hk.yahoo.com
IE - HKCU\..\URLSearchHook: {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyEnable" = 0
IE - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings: "ProxyOverride" = *.local
========== FireFox ========== FF - prefs.js..browser.search.selectedEngine: "Yahoo!擐葛 蝬脤???"
FF - prefs.js..browser.search.useDBForOrder: true
FF - prefs.js..browser.startup.homepage: "
http://www.facebook.com/home.php"FF - prefs.js..extensions.enabledItems: {d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}:1.1.1
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0.6
FF - prefs.js..extensions.enabledItems: {097d3191-e6fa-4728-9826-b533d755359d}:0.7.10
FF - prefs.js..extensions.enabledItems:
[email protected]:0.3.0
FF - prefs.js..extensions.enabledItems: {B042753D-F57E-4e8e-A01B-7379A6D4CEFB}:1.10
FF - prefs.js..extensions.enabledItems: {47624dda-b77e-4feb-820a-e4f077d5d4ca}:9.8.6
FF - prefs.js..extensions.enabledItems: {b9db16a4-6edc-47ec-a1f4-b86292ed211d}:4.6.2
FF - prefs.js..extensions.enabledItems: {DDC359D1-844A-42a7-9AA1-88A850A938A8}:1.1.6
FF - prefs.js..extensions.enabledItems: {c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}:1.6
FF - prefs.js..extensions.enabledItems: {3bbdd952-cf6f-44a7-9d23-354a8792b598}:1.3
FF - prefs.js..extensions.enabledItems: {89506680-e3f4-484c-a2c0-ed711d481eda}:0.9.5
FF - prefs.js..extensions.enabledItems: {0b457cAA-602d-484a-8fe7-c1d894a011ba}:0.78
FF - prefs.js..extensions.enabledItems: {000a9d1c-beef-4f90-9363-039d445309b8}:0.5.32.0
FF - prefs.js..extensions.enabledItems: {77b819fa-95ad-4f2c-ac7c-486b356188a9}:1.5.20090525
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}:6.0.13
FF - prefs.js..extensions.enabledItems: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}:6.0.16
FF - prefs.js..extensions.enabledItems:
[email protected]:1.0
FF - prefs.js..extensions.enabledItems: {20a82645-c095-46ed-80e3-08825760534b}:1.1
FF - prefs.js..extensions.enabledItems: {ABDE892B-13A8-4d1b-88E6-365A6E755758}:1.0
FF - prefs.js..extensions.enabledItems: smftn@clowwindy:1.7.5
FF - prefs.js..extensions.enabledItems:
[email protected]:0.6
FF - prefs.js..extensions.enabledItems: {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.5.3
FF - prefs.js..network.proxy.autoconfig_url: "
http://localhost:941...15/tudouva.pac"FF - prefs.js..network.proxy.no_proxies_on: "*.local"
FF - prefs.js..network.proxy.type: 2
FF - HKLM\software\mozilla\Firefox\Extensions\\{20a82645-c095-46ed-80e3-08825760534b}: C:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\ [2009/09/02 02:23:23 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{000a9d1c-beef-4f90-9363-039d445309b8}: C:\Program Files\Google\Google Gears\Firefox\ [2009/09/05 03:54:51 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\{ABDE892B-13A8-4d1b-88E6-365A6E755758}: c:\program files\real\browserrecord\firefox\ext [2009/09/26 14:57:57 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Firefox\Extensions\\
[email protected]: C:\Program Files\Java\jre6\lib\deploy\jqs\ff [2009/10/18 00:21:25 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Components: C:\Program Files\Mozilla Firefox\components [2009/10/12 23:38:39 | 00,000,000 | ---D | M]
FF - HKLM\software\mozilla\Mozilla Firefox 3.5.3\extensions\\Plugins: C:\Program Files\Mozilla Firefox\plugins [2009/10/12 23:38:39 | 00,000,000 | ---D | M]
[2009/01/24 04:24:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Extensions
[2009/01/24 04:24:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Extensions\{ec8030f7-c20a-464f-9b0e-13a3a9e97384}
[2009/10/22 23:33:25 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions
[2009/05/27 19:45:17 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{0200c2a9-70da-4f6d-b527-f5f7d7877228}
[2009/03/17 01:43:54 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{097d3191-e6fa-4728-9826-b533d755359d}
[2009/09/12 12:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{0b457cAA-602d-484a-8fe7-c1d894a011ba}
[2009/09/03 01:33:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{20a82645-c095-46ed-80e3-08825760534b}
[2009/02/27 01:50:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{3bbdd952-cf6f-44a7-9d23-354a8792b598}
[2009/09/26 12:12:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{47624dda-b77e-4feb-820a-e4f077d5d4ca}
[2009/07/09 14:47:43 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{77b819fa-95ad-4f2c-ac7c-486b356188a9}
[2009/09/12 12:54:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{89506680-e3f4-484c-a2c0-ed711d481eda}
[2009/01/25 01:26:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{916ab64c-bc3e-471b-8e60-29551922a7ba}
[2009/10/12 23:38:41 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{B042753D-F57E-4e8e-A01B-7379A6D4CEFB}
[2009/09/12 12:54:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{b9db16a4-6edc-47ec-a1f4-b86292ed211d}
[2009/07/02 01:51:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{c0c9a2c7-2e5c-4447-bc53-97718bc91e1b}
[2009/09/12 13:17:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{d10d0bf8-f5b5-c8b4-a8b2-2b9879e08c5d}
[2009/09/26 12:12:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\{DDC359D1-844A-42a7-9AA1-88A850A938A8}
[2009/07/02 01:50:42 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\
[email protected][2009/09/12 12:54:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\
[email protected][2009/10/14 13:23:37 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\smftn@clowwindy
[2009/09/12 12:54:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\mozilla\Firefox\Profiles\r0k939qy.default\extensions\
[email protected][2009/04/18 12:40:52 | 00,001,421 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\google-search-for-friendbar-toolbar.xml
[2009/04/18 12:40:52 | 00,001,186 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\twitter-search.xml
[2009/01/25 03:02:17 | 00,020,283 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\yahoo-.xml
[2009/01/25 01:26:19 | 00,000,655 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\yahoo-search.xml
[2009/08/11 23:26:10 | 00,000,872 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\yahoo.gif
[2009/08/11 23:26:10 | 00,000,466 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\yahoo.src
[2009/08/11 23:26:06 | 00,001,767 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Mozilla\FireFox\Profiles\r0k939qy.default\searchplugins\yahoo.xml
[2009/10/22 23:33:25 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions
[2009/09/11 23:42:49 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{972ce4c6-7e08-4474-a285-3208198ce6fd}
[2009/04/22 00:24:27 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0013-ABCDEFFEDCBA}
[2009/10/18 00:21:41 | 00,000,000 | ---D | M] -- C:\Program Files\mozilla firefox\extensions\{CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
[2009/09/11 23:42:38 | 00,023,544 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\browserdirprovider.dll
[2009/09/11 23:42:38 | 00,137,208 | ---- | M] (Mozilla Foundation) -- C:\Program Files\mozilla firefox\components\brwsrcmp.dll
[2009/07/17 16:40:12 | 00,704,512 | ---- | M] (BitComet) -- C:\Program Files\mozilla firefox\plugins\npBitCometAgent.dll
[2009/10/18 00:21:24 | 00,411,368 | ---- | M] (Sun Microsystems, Inc.) -- C:\Program Files\mozilla firefox\plugins\npdeploytk.dll
[2009/09/11 23:42:42 | 00,065,016 | ---- | M] (mozilla.org) -- C:\Program Files\mozilla firefox\plugins\npnul32.dll
[2009/02/27 12:13:42 | 00,103,792 | ---- | M] (Adobe Systems Inc.) -- C:\Program Files\mozilla firefox\plugins\nppdf32.dll
[2009/09/26 14:57:51 | 00,140,864 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nppl3260.dll
[2009/09/26 14:58:03 | 00,008,192 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprjplug.dll
[2009/09/26 14:57:37 | 00,094,208 | ---- | M] (RealNetworks, Inc.) -- C:\Program Files\mozilla firefox\plugins\nprpjplug.dll
[2009/09/01 23:14:54 | 00,001,534 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\creativecommons.xml
[2009/09/01 23:14:55 | 00,002,310 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\findbook-zh-TW.xml
[2009/09/01 23:14:55 | 00,002,371 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\google.xml
[2009/09/01 23:14:55 | 00,001,222 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\wikipedia-zh-TW.xml
[2009/09/01 23:14:55 | 00,001,360 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-answer-zh-TW.xml
[2009/09/01 23:14:55 | 00,000,843 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-bid-zh-TW.xml
[2009/09/01 23:14:55 | 00,000,857 | ---- | M] () -- C:\Program Files\mozilla firefox\searchplugins\yahoo-zh-TW.xml
O1 HOSTS File: (727 bytes) - C:\WINDOWS\System32\drivers\etc\Hosts
O1 - Hosts: 127.0.0.1 localhost
O2 - BHO: (WebThunder Browser Helper) - {00000AAA-A363-466E-BEF5-9BB68697AA7F} - C:\Program Files\Thunder Network\WebThunder\WebThunderBHO_Now.dll (Thunder Networking Technologies,LTD)
O2 - BHO: (&Yahoo! Toolbar Helper) - {02478D38-C3F9-4EFB-9B51-7695ECA05670} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O2 - BHO: (IE2EMBHO Class) - {0A0DDBD3-6641-40B9-873F-BBDD26D6C14E} - C:\Program Files\easyMule\modules\IE2EM.dll (VeryCD.com)
O2 - BHO: (Adobe PDF Link Helper) - {18DF081C-E8AD-4283-A596-FA578C2EBDC3} - C:\Program Files\Common Files\Adobe\Acrobat\ActiveX\AcroIEHelperShim.dll (Adobe Systems Incorporated)
O2 - BHO: (FGCatchUrl) - {2F364306-AA45-47B5-9F9D-39A8B94E7EF7} - C:\Program Files\FlashGet\jccatch.dll (www.flashget.com)
O2 - BHO: (RealPlayer Download and Record Plugin for Internet Explorer) - {3049C3E9-B461-4BC5-8870-4C09146192CA} - c:\program files\real\rpbrowserrecordplugin.dll (RealPlayer)
O2 - BHO: (BitComet Helper) - {39F7E362-828A-4B5A-BCAF-5B79BFDFEA60} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O2 - BHO: (AVG Safe Search) - {3CA2F312-6F6E-4B53-A66E-4E65E497C8C0} - C:\Program Files\AVG\AVGLS\avgssie.dll File not found
O2 - BHO: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O2 - BHO: (no name) - {5C255C8A-E604-49b4-9D64-90988571CECB} - No CLSID value found.
O2 - BHO: (Search Helper) - {6EBF7485-159F-4bff-A14F-B9E3AAC4465B} - C:\Program Files\Microsoft\Search Enhancement Pack\Search Helper\SEPsearchhelperie.dll (Microsoft Corporation)
O2 - BHO: (Windows Live 登入小幫手) - {9030D464-4C02-4ABF-8ECC-5164760863C6} - C:\Program Files\Common Files\Microsoft Shared\Windows Live\WindowsLiveLogin.dll (Microsoft Corporation)
O2 - BHO: (Google Toolbar Helper) - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O2 - BHO: (Google Toolbar Notifier BHO) - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.2.4204.1700\swg.dll (Google Inc.)
O2 - BHO: (Google Dictionary Compression sdch) - {C84D72FE-E17D-4195-BB24-76C02E2E7C4E} - C:\Program Files\Google\Google Toolbar\Component\fastsearch_B7C5AC242193BB3E.dll (Google Inc.)
O2 - BHO: (Java Plug-In 2 SSV Helper) - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll (Sun Microsystems, Inc.)
O2 - BHO: (Google Gears Helper) - {E0FEFE40-FBF9-42AE-BA58-794CA7E3FB53} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll (Google Inc.)
O2 - BHO: (Windows Live Toolbar Helper) - {E15A8DC0-8516-42A1-81EA-DC94EC1ACF10} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O2 - BHO: (JQSIEStartDetectorImpl Class) - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll (Sun Microsystems, Inc.)
O2 - BHO: (FlashGet GetFlash Class) - {F156768E-81EF-470C-9057-481BA8380DBA} - C:\Program Files\FlashGet\getflash.dll (www.flashget.com)
O2 - BHO: (SingleInstance Class) - {FDAD4DA1-61A2-4FD8-9C17-86F7AC245081} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\YTSingleInstance.dll (Yahoo! Inc)
O3 - HKLM\..\Toolbar: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKLM\..\Toolbar: (Google Toolbar) - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKLM\..\Toolbar: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKLM\..\Toolbar: (Yahoo! 工具列) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (no name) - {00000000-0002-0002-0000-000000000000} - No CLSID value found.
O3 - HKCU\..\Toolbar\WebBrowser: (&Windows Live Toolbar) - {21FA44EF-376D-4D53-9B0F-8A89D3229068} - C:\Program Files\Windows Live\Toolbar\wltcore.dll (Microsoft Corporation)
O3 - HKCU\..\Toolbar\WebBrowser: (Google Toolbar) - {2318C2B1-4965-11D4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll (Google Inc.)
O3 - HKCU\..\Toolbar\WebBrowser: (Megaupload Toolbar) - {4E7BD74F-2B8D-469E-CCB0-B130EEDBE97C} - C:\Program Files\MegauploadToolbar\megauploadtoolbar.dll (MEGAUPLOAD )
O3 - HKCU\..\Toolbar\WebBrowser: (Yahoo! 工具列) - {EF99BD32-C1FB-11D2-892F-0090271D4F88} - C:\Program Files\Yahoo!\Companion\Installs\cpn1\yt.dll (Yahoo! Inc.)
O4 - HKLM..\Run: [Adobe Reader Speed Launcher] C:\Program Files\Adobe\Reader 9.0\Reader\Reader_sl.exe (Adobe Systems Incorporated)
O4 - HKLM..\Run: [avast!] C:\Program Files\Alwil Software\Avast4\ashDisp.exe (ALWIL Software)
O4 - HKLM..\Run: [avgnt] C:\Program Files\Avira\AntiVir Desktop\avgnt.exe (Avira GmbH)
O4 - HKLM..\Run: [ClubBox] File not found
O4 - HKLM..\Run: [IMJPMIG8.1] C:\WINDOWS\IME\imjp8_1\IMJPMIG.EXE (Microsoft Corporation)
O4 - HKLM..\Run: [ISTray] C:\Program Files\Spyware Doctor\pctsTray.exe (PC Tools)
O4 - HKLM..\Run: [Malwarebytes Anti-Malware (reboot)] C:\Program Files\Malwarebytes' Anti-Malware\mbam.exe (Malwarebytes Corporation)
O4 - HKLM..\Run: [nwiz] C:\WINDOWS\System32\nwiz.exe ()
O4 - HKLM..\Run: [QuickTime Task] C:\Program Files\QuickTime\QTTask.exe (Apple Inc.)
O4 - HKLM..\Run: [SoundMan] C:\WINDOWS\SOUNDMAN.EXE (Realtek Semiconductor Corp.)
O4 - HKLM..\Run: [SunJavaUpdateSched] C:\Program Files\Java\jre6\bin\jusched.exe (Sun Microsystems, Inc.)
O4 - HKLM..\Run: [TkBellExe] C:\Program Files\Common Files\Real\Update_OB\realsched.exe (RealNetworks, Inc.)
O4 - HKLM..\Run: [UVS12 Preload] C:\Program Files\Corel\Corel VideoStudio 12\uvPL.exe (Corel TW Corp.)
O4 - HKCU..\Run: [BgMonitor_{79662E04-7C6C-4d9f-84C7-88D8A56B10AA}] C:\Program Files\Common Files\Ahead\Lib\NMBgMonitor.exe (Nero AG)
O4 - HKCU..\Run: [MSMSGS] C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O4 - HKCU..\Run: [msnmsgr] C:\Program Files\Windows Live\Messenger\msnmsgr.exe (Microsoft Corporation)
O4 - HKCU..\Run: [PPS Accelerator] c:\Program Files\PPStream\ppsap.exe (PPStream Inc)
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: HonorAutoRunSetting = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: dontdisplaylastusername = 0
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticecaption =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: legalnoticetext =
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: shutdownwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: undockwithoutlogon = 1
O6 - HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\System: DisableRegistryTools = 0
O7 - HKCU\Software\Policies\Microsoft\Internet Explorer\Control Panel present
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveTypeAutoRun = 323
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoStartBanner = 01 [binary data]
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDriveAutoRun = 67108863
O7 - HKCU\SOFTWARE\Microsoft\Windows\CurrentVersion\policies\Explorer: NoDrives = 0
O8 - Extra context menu item: &U妏蚚馨譙儂狟婥甜彶紲 - C:\Program Files\NamiRobot\Data\du.html ()
O8 - Extra context menu item: &U使用纳米机器人下载并收藏 - C:\Program Files\NamiRobot\Data\du.html ()
O8 - Extra context menu item: &全部使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_all.htm ()
O8 - Extra context menu item: &使用 FlashGet 下載 - C:\Program Files\FlashGet\jc_link.htm ()
O8 - Extra context menu item: 妏蚚iTudou狟婥誹醴 - C:\Program Files\Tudou\iTudou\iTudou_Link.HTM ()
O8 - Extra context menu item: 妏蚚Web捃濘狟婥 - C:\Program Files\Thunder Network\WebThunder\GetUrl.htm ()
O8 - Extra context menu item: 妏蚚Web捃濘狟婥窒蟈諉 - C:\Program Files\Thunder Network\WebThunder\GetAllUrl.htm ()
O8 - Extra context menu item: 使用電驢下載 - C:\Program Files\easyMule\IE2EM.htm ()
O8 - Extra context menu item: 設為 Messenger Live 頭像 - C:\Program Files\MSNShell\Bin\SetMSNDP.htm ()
O8 - Extra context menu item: 匯出至 Microsoft Excel(&X) - C:\Program Files\Microsoft Office\Office12\EXCEL.EXE (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Gears 設定(&G) - {09C04DA7-5B76-4EBC-BBEE-B25EAC5965F5} - C:\Program Files\Google\Google Gears\Internet Explorer\0.5.32.0\gears.dll (Google Inc.)
O9 - Extra Button: 發佈至部落格 - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : 使用 Windows Live Writer 發佈至部落格(&B) - {219C3416-8CB2-491a-A3C7-D9FCDDC9D600} - C:\Program Files\Windows Live\Writer\WriterBrowserExtension.dll (Microsoft Corporation)
O9 - Extra Button: ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (ICQ Inc.)
O9 - Extra 'Tools' menuitem : ICQ - {6224f700-cba3-4071-b251-47cb894244cd} - C:\Program Files\ICQ\ICQ.exe (ICQ Inc.)
O9 - Extra Button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\Program Files\Microsoft Office\Office12\REFIEBAR.DLL (Microsoft Corporation)
O9 - Extra Button: 雄WEB捃濘 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - File not found
O9 - Extra 'Tools' menuitem : 雄WEB捃濘 - {962EFB8E-2683-42d4-AC74-AAA4C759B9C6} - File not found
O9 - Extra Button: QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE File not found
O9 - Extra 'Tools' menuitem : 騰訊QQ - {c95fe080-8f5d-11d2-a20b-00aa003c157b} - C:\Program Files\Tencent\QQ\QQ.EXE File not found
O9 - Extra Button: BitComet - {D18A0B52-D63C-4ed0-AFC6-C1E3DC1AF43A} - C:\Program Files\BitComet\tools\BitCometBHO_1.3.7.16.dll (BitComet)
O9 - Extra Button: FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : FlashGet - {D6E814A0-E0C5-11d4-8D29-0050BA6940E3} - C:\Program Files\FlashGet\FlashGet.exe (FlashGet.com)
O9 - Extra 'Tools' menuitem : QQ嚃粗馱撿沭扢离 - {DEDEB80D-FA35-45d9-9460-4983E5A8AFE6} - Reg Error: Key error. File not found
O9 - Extra 'Tools' menuitem : @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe (Microsoft Corporation)
O9 - Extra Button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O9 - Extra 'Tools' menuitem : Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe (Microsoft Corporation)
O10 - NameSpace_Catalog5\Catalog_Entries\000000000004 [] - C:\Program Files\Bonjour\mdnsNSP.dll (Apple Inc.)
O15 - HKLM\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O15 - HKCU\..Trusted Domains: 1 domain(s) and sub-domain(s) not assigned to a zone.
O16 - DPF: {0349EF81-B9C1-4B97-86F7-7B931D0E2532}
http://sticube.clubb...NowStarter2.cab (NowStarter2 Control)
O16 - DPF: {0AE0F5F9-8233-49A4-A3C8-004CE190787B}
http://www.pdbox.co....MSpeedCheck.cab (BMSpeedCheck Control)
O16 - DPF: {0CCA191D-13A6-4E29-B746-314DEE697D83}
http://upload.facebo...toUploader5.cab (Facebook Photo Uploader 5 Control)
O16 - DPF: {15EDD727-C89B-4639-8157-A731271E2EA6}
http://update2.pczig...box/PCZiggy.cab (PZLaunch Control)
O16 - DPF: {17492023-C23A-453E-A040-C7C580BBF700}
http://go.microsoft....k/?linkid=39204 (Windows Genuine Advantage Validation Tool)
O16 - DPF: {30528230-99f7-4bb4-88d8-fa1d4f56a2ab} C:\Program Files\Yahoo!\Common\Yinsthelper.dll (Installation Support)
O16 - DPF: {70EE0AA4-5A3A-4052-8FFA-2EEDA43F7942}
http://211.233.36.13...cibrowser12.cab (Innotive Cibrowser Control 1.2)
O16 - DPF: {8AD9C840-044E-11D1-B3E9-00805F499D93}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {9331EBA1-CE35-4608-8604-39399E4826ED}
http://fs1.tw.cyworl...CyImgTaiwan.cab (CyImgTaiwanCtl Class)
O16 - DPF: {A22B8FD2-4CAA-4EFB-82F7-680CD656D9B0}
http://www.gogobox.c...GNowStarter.cab (NowStarter Control)
O16 - DPF: {BD6F8792-B90E-4431-B0AB-08CF414E9D35}
http://bgm.iple.com/...usicPlayerX.cab (DamoimBGMPlayerX Control)
O16 - DPF: {CAFEEFAC-0016-0000-0016-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CAFEEFAC-FFFF-FFFF-FFFF-ABCDEFFEDCBA}
http://java.sun.com/...indows-i586.cab (Java Plug-in 1.6.0_16)
O16 - DPF: {CEE326E8-7571-4086-B347-3C0ACA9A9DE8}
http://tw.cyworld.co...ex/P3Instal.cab (PcubeSet Class)
O16 - DPF: {D27CDB6E-AE6D-11CF-96B8-444553540000}
http://fpdownload2.m...ash/swflash.cab (Shockwave Flash Object)
O16 - DPF: {EDEDED2E-A0A6-4085-BC52-A95255A96DBD}
http://fs17u.cyworld.../CyImgChina.cab (CyImgChinaCtl Class)
O18 - Protocol\Handler\http\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\http\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\https\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ipp - No CLSID value found
O18 - Protocol\Handler\ipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\livecall {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp - No CLSID value found
O18 - Protocol\Handler\msdaipp\0x00000001 {E1D2BF42-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\msdaipp\oledb {E1D2BF40-A96B-11d1-9C6B-0000F875AC61} - C:\Program Files\Common Files\System\Ole DB\MSDAIPP.DLL (Microsoft Corporation)
O18 - Protocol\Handler\ms-help {314111c7-a502-11d2-bbca-00c04f8ec294} - C:\Program Files\Common Files\Microsoft Shared\Help\hxds.dll (Microsoft Corporation)
O18 - Protocol\Handler\msnim {828030A1-22C1-4009-854F-8E305202313F} - C:\Program Files\Windows Live\Messenger\msgrapp.14.0.8089.0726.dll (Microsoft Corporation)
O18 - Protocol\Handler\wlmailhtml {03C514A3-1EFB-4856-9F99-10D7BE1653C0} - C:\Program Files\Windows Live\Mail\mailcomm.dll (Microsoft Corporation)
O18 - Protocol\Filter: - text/xml - C:\Program Files\Common Files\Microsoft Shared\OFFICE12\MSOXMLMF.DLL (Microsoft Corporation)
O20 - HKLM Winlogon: Shell - (Explorer.exe) - C:\WINDOWS\Explorer.exe (Microsoft Corporation)
O24 - Desktop Components:0 (目前的首頁) - About:Home
O28 - HKLM ShellExecuteHooks: {88485281-8b4b-4f8d-9ede-82e29a064277} - C:\Program Files\MarkAny\ContentSafer\MACSMANAGER.dll (MarkAny Cooperation.)
O31 - SafeBoot: AlternateShell - cmd.exe
O32 - HKLM CDRom: AutoRun - 1
O32 - AutoRun File - [2007/03/03 21:49:50 | 00,000,000 | ---- | M] () - C:\AUTOEXEC.BAT -- [ NTFS ]
O34 - HKLM BootExecute: (autocheck) - File not found
O34 - HKLM BootExecute: (autochk) - C:\WINDOWS\System32\autochk.exe (Microsoft Corporation)
O34 - HKLM BootExecute: (*) - File not found
O34 - HKLM BootExecute: (lsdelete) - C:\WINDOWS\System32\lsdelete.exe ()
O35 - comfile [open] -- "%1" %* File not found
O35 - exefile [open] -- "%1" %* File not found
========== Files/Folders - Created Within 14 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
[2009/10/14 17:47:08 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2009/10/19 23:22:20 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\Malwarebytes
[2009/10/20 22:22:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\All Users\Application Data\PC Tools
[2009/10/14 17:46:49 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\Application Data\ArcSoft
[2009/10/19 23:07:50 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\Application Data\AVG8
[2009/10/16 00:56:05 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\Application Data\FireShot
[2009/10/19 23:22:29 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\Application Data\Malwarebytes
[2009/10/20 22:22:53 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\Application Data\PC Tools
[2009/10/20 22:22:59 | 00,000,000 | ---D | C] -- C:\Program Files\Common Files\PC Tools
[2009/10/14 17:46:23 | 00,000,000 | ---D | C] -- C:\Program Files\ArcSoft
[2009/10/18 21:32:14 | 00,000,000 | ---D | C] -- C:\Program Files\arswp3
[2009/10/19 22:23:50 | 00,000,000 | ---D | C] -- C:\Program Files\Enigma Software Group
[2009/10/12 00:50:49 | 00,000,000 | ---D | C] -- C:\Program Files\eREAD
[2009/10/20 22:16:06 | 00,000,000 | ---D | C] -- C:\Program Files\Malwarebytes' Anti-Malware
[2009/10/14 20:45:57 | 00,000,000 | ---D | C] -- C:\Program Files\Poladroid
[2009/10/20 22:22:53 | 00,000,000 | ---D | C] -- C:\Program Files\Spyware Doctor
[2009/10/18 14:52:30 | 00,000,000 | ---D | C] -- C:\Program Files\Trend Micro
File not found -- C:\Documents and Settings\Christine Chow\桌面\CAVAKFVX.
File not found -- C:\Documents and Settings\Christine Chow\桌面\CASDMJGT.
[2009/10/23 00:34:39 | 00,000,000 | -HSD | C] -- C:\Config.Msi
[2009/10/22 23:47:21 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ar-sa
[2009/10/22 23:47:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-br
[2009/10/22 23:47:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\bg-bg
[2009/10/22 23:47:13 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\zh-cn
[2009/10/22 23:47:06 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\cs-cz
[2009/10/22 23:47:02 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\da-dk
[2009/10/22 23:46:58 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\el-gr
[2009/10/22 23:46:54 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\es-es
[2009/10/22 23:46:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fi-fi
[2009/10/22 23:46:51 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\et-ee
[2009/10/22 23:46:47 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\fr-fr
[2009/10/22 23:46:44 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\de-de
[2009/10/22 23:46:41 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\he-il
[2009/10/22 23:46:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\hu-hu
[2009/10/22 23:46:38 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\hr-hr
[2009/10/22 23:46:34 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\it-it
[2009/10/22 23:46:31 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ja-jp
[2009/10/22 23:46:29 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ko-kr
[2009/10/22 23:46:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nl-nl
[2009/10/22 23:46:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\lv-lv
[2009/10/22 23:46:25 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\lt-lt
[2009/10/22 23:46:22 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\nb-no
[2009/10/22 23:46:20 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pl-pl
[2009/10/22 23:46:17 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\pt-pt
[2009/10/22 23:46:15 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ro-ro
[2009/10/22 23:46:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\ru-ru
[2009/10/22 23:46:12 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sk-sk
[2009/10/22 23:46:11 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sl-si
[2009/10/22 23:46:10 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\sv-se
[2009/10/22 23:46:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\tr-tr
[2009/10/22 23:46:07 | 00,000,000 | ---D | C] -- C:\WINDOWS\System32\th-th
[2009/10/21 23:17:37 | 00,791,393 | ---- | C] (Lars Hederer ) -- C:\Documents and Settings\Christine Chow\桌面\erunt_setup.exe
[2009/10/20 22:23:15 | 00,159,600 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctgntdi.sys
[2009/10/20 22:23:06 | 00,130,936 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTCore.sys
[2009/10/20 22:23:06 | 00,073,840 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\PCTAppEvent.sys
[2009/10/20 22:22:58 | 00,064,392 | ---- | C] (PC Tools) -- C:\WINDOWS\System32\drivers\pctplsg.sys
[2009/10/20 22:16:10 | 00,038,224 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbamswissarmy.sys
[2009/10/20 22:16:06 | 00,019,160 | ---- | C] (Malwarebytes Corporation) -- C:\WINDOWS\System32\drivers\mbam.sys
[2009/10/19 23:52:52 | 00,000,000 | ---D | C] -- C:\_OTM
[2009/10/18 21:00:29 | 00,000,000 | RHSD | C] -- C:\cmdcons
[2009/10/18 20:58:31 | 00,161,792 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWREG.exe
[2009/10/18 20:58:31 | 00,031,232 | ---- | C] (NirSoft) -- C:\WINDOWS\NIRCMD.exe
[2009/10/18 20:58:30 | 00,212,480 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWXCACLS.exe
[2009/10/18 20:58:30 | 00,136,704 | ---- | C] (SteelWerX) -- C:\WINDOWS\SWSC.exe
[2009/10/18 20:58:14 | 00,000,000 | ---D | C] -- C:\WINDOWS\ERDNT
[2009/10/14 20:44:57 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\桌面\Font
[2009/10/14 19:49:19 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\桌面\新資料夾 (3)
[2009/10/14 19:11:47 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\My Documents\FotoBook
[2009/10/14 17:47:42 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\My Documents\My Albums
[2009/10/14 16:41:10 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\My Documents\光影魔術手
[2009/10/12 23:44:58 | 00,002,560 | ---- | C] (BitComet) -- C:\WINDOWS\System32\bitcometres.dll
[2009/10/12 00:44:23 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\桌面\nEOiMAGING_311_tw_ZARD
[2009/10/11 20:51:32 | 00,000,000 | ---D | C] -- C:\Documents and Settings\Christine Chow\桌面\新資料夾 (2)
========== Files - Modified Within 14 Days ========== [1 C:\WINDOWS\System32\*.tmp files]
File not found -- C:\Documents and Settings\Christine Chow\桌面\CAVAKFVX.
File not found -- C:\Documents and Settings\Christine Chow\桌面\CASDMJGT.
[2009/10/23 00:39:59 | 00,248,320 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2009/10/23 00:25:11 | 00,013,646 | ---- | M] () -- C:\WINDOWS\System32\wpa.dbl
[2009/10/23 00:17:02 | 00,002,208 | ---- | M] () -- C:\WINDOWS\psnetwork.ini
[2009/10/23 00:16:37 | 00,000,045 | ---- | M] () -- C:\WINDOWS\PCDNSetting.ini
[2009/10/23 00:14:18 | 00,000,540 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
[2009/10/23 00:14:13 | 01,865,680 | ---- | M] () -- C:\WINDOWS\System32\FNTCACHE.DAT
[2009/10/23 00:13:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\tasks\SA.DAT
[2009/10/23 00:12:33 | 00,002,048 | --S- | M] () -- C:\WINDOWS\bootstat.dat
[2009/10/23 00:12:23 | 16,098,79552 | -HS- | M] () -- C:\hiberfil.sys
[2009/10/22 23:54:54 | 00,000,079 | ---- | M] () -- C:\WINDOWS\System32\fscagent.ini
[2009/10/22 23:54:21 | 00,000,000 | ---- | M] () -- C:\WINDOWS\System32\PDBOXGame.html
[2009/10/22 23:54:15 | 00,000,544 | ---- | M] () -- C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
[2009/10/22 23:43:19 | 00,000,412 | ---- | M] () -- C:\WINDOWS\tasks\Ad-Aware Update (Weekly).job
[2009/10/22 23:30:07 | 00,100,928 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2009/10/22 23:18:02 | 00,000,227 | ---- | M] () -- C:\WINDOWS\system.ini
[2009/10/22 01:32:01 | 21,053,452 | ---- | M] () -- C:\WINDOWS\System32\agentfile.che
[2009/10/21 23:17:42 | 00,791,393 | ---- | M] (Lars Hederer ) -- C:\Documents and Settings\Christine Chow\桌面\erunt_setup.exe
[2009/10/20 23:23:03 | 07,280,672 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\SUPERAntiSpyware.exe
[2009/10/20 00:51:34 | 05,161,984 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\WindowsDefender.msi
[2009/10/20 00:37:06 | 00,052,571 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\3ace9665652ae3ddf73654d3.jpg
[2009/10/18 23:47:53 | 00,005,262 | ---- | M] () -- C:\WINDOWS\PowerPlayer.ini
[2009/10/18 23:47:53 | 00,000,113 | ---- | M] () -- C:\WINDOWS\PPSMediaList.ini
[2009/10/18 23:47:47 | 00,000,030 | ---- | M] () -- C:\WINDOWS\msgtn.ini
[2009/10/18 22:00:40 | 00,000,083 | ---- | M] () -- C:\WINDOWS\powerlist.ini
[2009/10/18 21:32:29 | 00,001,512 | ---- | M] () -- C:\Documents and Settings\All Users\桌面\ArSwp3.lnk
[2009/10/18 21:00:41 | 00,000,281 | RHS- | M] () -- C:\boot.ini
[2009/10/16 00:56:39 | 00,086,646 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\091015 CY.jpg
[2009/10/15 00:45:27 | 00,341,967 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\IMG_1382拷貝.jpg
[2009/10/14 23:56:33 | 00,061,288 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\未命名 -2.jpg
[2009/10/14 23:35:36 | 00,416,461 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\IMG_1382.jpg
[2009/10/14 23:30:51 | 00,000,586 | ---- | M] () -- C:\WINDOWS\System32\cid_store.dat
[2009/10/14 23:03:53 | 00,066,048 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\label x 12(bag).doc
[2009/10/14 22:44:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\tasks\AppleSoftwareUpdate.job
[2009/10/14 20:46:53 | 00,000,503 | ---- | M] () -- C:\Documents and Settings\Christine Chow\Application Data\Poladroid prefs.plist
[2009/10/14 20:46:07 | 00,000,788 | ---- | M] () -- C:\Documents and Settings\All Users\桌面\Poladroid 0.9.6r0.lnk
[2009/10/14 19:16:58 | 00,000,826 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\nEOiMAGING.lnk
[2009/10/14 15:38:16 | 02,062,902 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\cici.hk.bmp
[2009/10/14 12:13:48 | 00,000,069 | ---- | M] () -- C:\WINDOWS\NeroDigital.ini
[2009/10/14 03:17:52 | 01,021,512 | ---- | M] () -- C:\WINDOWS\System32\PerfStringBackup.INI
[2009/10/14 03:17:52 | 00,432,356 | ---- | M] () -- C:\WINDOWS\System32\perfh009.dat
[2009/10/14 03:17:52 | 00,383,860 | ---- | M] () -- C:\WINDOWS\System32\prfh0404.dat
[2009/10/14 03:17:52 | 00,150,070 | ---- | M] () -- C:\WINDOWS\System32\prfc0404.dat
[2009/10/14 03:17:52 | 00,067,312 | ---- | M] () -- C:\WINDOWS\System32\perfc009.dat
[2009/10/14 03:13:27 | 00,001,393 | ---- | M] () -- C:\WINDOWS\imsins.BAK
[2009/10/12 23:44:58 | 00,002,560 | ---- | M] (BitComet) -- C:\WINDOWS\System32\bitcometres.dll
[2009/10/11 20:11:40 | 00,000,416 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 SM Town.lnk
[2009/10/11 20:11:40 | 00,000,411 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 ENERGY.lnk
[2009/10/11 20:11:40 | 00,000,399 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 EXAM.lnk
[2009/10/11 20:11:40 | 00,000,399 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 [FC].lnk
[2009/10/11 20:11:40 | 00,000,395 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 情書.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 SJ.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 JP.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 HP.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 CF.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | M] () -- C:\Documents and Settings\Christine Chow\桌面\0 BL.lnk
[2009/10/11 08:10:09 | 00,236,544 | ---- | M] () -- C:\WINDOWS\PEV.exe
========== Files - No Company Name ==========[2009/10/23 00:10:01 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_864.nls
[2009/10/23 00:10:01 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_864.nls
[2009/10/23 00:10:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_28596.nls
[2009/10/23 00:10:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10004.nls
[2009/10/23 00:10:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\C_28596.NLS
[2009/10/23 00:10:01 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10004.nls
[2009/10/23 00:10:00 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_720.nls
[2009/10/23 00:10:00 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_720.nls
[2009/10/23 00:10:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_708.nls
[2009/10/23 00:10:00 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_708.nls
[2009/10/23 00:09:53 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_862.nls
[2009/10/23 00:09:53 | 00,066,594 | ---- | C] () -- C:\WINDOWS\System32\c_862.nls
[2009/10/23 00:09:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10005.nls
[2009/10/23 00:09:53 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10005.nls
[2009/10/23 00:09:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\dllcache\c_10021.nls
[2009/10/23 00:09:36 | 00,066,082 | ---- | C] () -- C:\WINDOWS\System32\c_10021.nls
[2009/10/20 23:22:38 | 07,280,672 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\SUPERAntiSpyware.exe
[2009/10/20 00:51:27 | 05,161,984 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\WindowsDefender.msi
[2009/10/20 00:36:59 | 00,052,571 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\3ace9665652ae3ddf73654d3.jpg
[2009/10/18 21:32:29 | 00,001,512 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\ArSwp3.lnk
[2009/10/18 21:00:41 | 00,000,211 | ---- | C] () -- C:\Boot.bak
[2009/10/18 21:00:36 | 00,260,272 | ---- | C] () -- C:\cmldr
[2009/10/18 20:58:31 | 00,236,544 | ---- | C] () -- C:\WINDOWS\PEV.exe
[2009/10/18 20:58:30 | 00,098,816 | ---- | C] () -- C:\WINDOWS\sed.exe
[2009/10/18 20:58:30 | 00,080,412 | ---- | C] () -- C:\WINDOWS\grep.exe
[2009/10/18 20:58:30 | 00,068,096 | ---- | C] () -- C:\WINDOWS\zip.exe
[2009/10/18 14:30:34 | 16,098,79552 | -HS- | C] () -- C:\hiberfil.sys
[2009/10/16 00:56:39 | 00,086,646 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\091015 CY.jpg
[2009/10/14 23:56:31 | 00,061,288 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\未命名 -2.jpg
[2009/10/14 23:44:07 | 00,341,967 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\IMG_1382拷貝.jpg
[2009/10/14 23:35:11 | 00,416,461 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\IMG_1382.jpg
[2009/10/14 22:45:21 | 00,066,048 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\label x 12(bag).doc
[2009/10/14 20:46:53 | 00,000,503 | ---- | C] () -- C:\Documents and Settings\Christine Chow\Application Data\Poladroid prefs.plist
[2009/10/14 20:46:07 | 00,000,788 | ---- | C] () -- C:\Documents and Settings\All Users\桌面\Poladroid 0.9.6r0.lnk
[2009/10/14 19:16:58 | 00,000,826 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\nEOiMAGING.lnk
[2009/10/14 19:11:47 | 00,001,011 | ---- | C] () -- C:\Documents and Settings\Christine Chow\Application Data\momento.log
[2009/10/14 15:35:17 | 02,062,902 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\cici.hk.bmp
[2009/10/11 20:11:40 | 00,000,416 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 SM Town.lnk
[2009/10/11 20:11:40 | 00,000,411 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 ENERGY.lnk
[2009/10/11 20:11:40 | 00,000,399 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 EXAM.lnk
[2009/10/11 20:11:40 | 00,000,399 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 [FC].lnk
[2009/10/11 20:11:40 | 00,000,395 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 情書.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 SJ.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 JP.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 HP.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 CF.lnk
[2009/10/11 20:11:40 | 00,000,387 | ---- | C] () -- C:\Documents and Settings\Christine Chow\桌面\0 BL.lnk
[2009/09/27 04:25:18 | 00,000,022 | ---- | C] () -- C:\WINDOWS\Kruptos.INI
[2009/07/14 02:25:55 | 00,024,576 | R--- | C] () -- C:\WINDOWS\System32\AsIO.dll
[2009/07/14 02:25:55 | 00,004,962 | R--- | C] () -- C:\WINDOWS\System32\drivers\AsIO.sys
[2009/07/14 02:25:53 | 00,005,120 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp64.sys
[2009/07/14 02:25:53 | 00,003,328 | ---- | C] () -- C:\WINDOWS\System32\drivers\AsInsHelp32.sys
[2009/02/14 15:39:33 | 00,129,024 | ---- | C] () -- C:\WINDOWS\System32\AVERM.dll
[2009/02/14 15:39:33 | 00,028,672 | ---- | C] () -- C:\WINDOWS\System32\AVEQT.dll
[2009/01/21 03:32:04 | 00,005,632 | ---- | C] () -- C:\WINDOWS\System32\drivers\StarOpen.sys
[2009/01/07 01:29:15 | 00,000,113 | ---- | C] () -- C:\WINDOWS\PPSMediaList.ini
[2009/01/06 02:07:05 | 00,168,448 | ---- | C] () -- C:\WINDOWS\System32\unrar.dll
[2009/01/06 02:07:02 | 02,330,643 | ---- | C] () -- C:\WINDOWS\System32\x264vfw.dll
[2009/01/06 02:07:02 | 00,795,648 | ---- | C] () -- C:\WINDOWS\System32\xvidcore.dll
[2009/01/06 02:07:01 | 03,596,288 | ---- | C] () -- C:\WINDOWS\System32\qt-dx331.dll
[2009/01/06 02:07:01 | 00,130,048 | ---- | C] () -- C:\WINDOWS\System32\xvidvfw.dll
[2009/01/06 02:07:00 | 00,057,344 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll
[2009/01/06 02:07:00 | 00,000,547 | ---- | C] () -- C:\WINDOWS\System32\ff_vfw.dll.manifest
[2008/09/17 00:01:00 | 00,921,600 | ---- | C] () -- C:\WINDOWS\System32\vorbisenc.dll
[2008/09/17 00:01:00 | 00,188,416 | ---- | C] () -- C:\WINDOWS\System32\vorbis.dll
[2008/09/17 00:00:59 | 00,237,568 | ---- | C] () -- C:\WINDOWS\System32\OggDS.dll
[2008/09/17 00:00:59 | 00,045,056 | ---- | C] () -- C:\WINDOWS\System32\Ogg.dll
[2008/08/16 11:35:30 | 00,000,065 | ---- | C] () -- C:\WINDOWS\FISHUI.INI
[2008/03/14 09:27:06 | 00,000,000 | ---- | C] () -- C:\Documents and Settings\All Users\Application Data\LauncherAccess.dt
[2008/02/25 15:25:57 | 00,000,027 | ---- | C] () -- C:\WINDOWS\ppssg.ini
[2008/02/25 14:54:37 | 00,000,045 | ---- | C] () -- C:\WINDOWS\PCDNSetting.ini
[2008/02/25 02:11:49 | 00,000,083 | ---- | C] () -- C:\WINDOWS\powerlist.ini
[2008/02/11 02:11:47 | 00,000,030 | ---- | C] () -- C:\WINDOWS\msgtn.ini
[2008/02/11 02:06:08 | 00,005,262 | ---- | C] () -- C:\WINDOWS\PowerPlayer.ini
[2008/02/11 02:01:36 | 00,002,208 | ---- | C] () -- C:\WINDOWS\psnetwork.ini
[2008/01/05 05:57:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dtu100.dll.manifest
[2008/01/05 05:57:22 | 00,000,416 | ---- | C] () -- C:\WINDOWS\System32\dpl100.dll.manifest
[2008/01/05 05:56:24 | 00,012,288 | ---- | C] () -- C:\WINDOWS\System32\DivXWMPExtType.dll
[2007/11/29 23:04:24 | 02,067,140 | R--- | C] () -- C:\WINDOWS\System32\avcodec.dll
[2007/09/01 14:28:48 | 00,299,008 | ---- | C] () -- C:\WINDOWS\System32\LAME_MP3.dll
[2007/06/11 19:41:38 | 00,166,216 | ---- | C] () -- C:\WINDOWS\System32\contmenu.dll.del
[2007/06/11 19:41:38 | 00,166,216 | ---- | C] () -- C:\WINDOWS\System32\contmenu.dll
[2007/04/25 10:12:00 | 01,079,032 | ---- | C] () -- C:\WINDOWS\System32\vorbis_vx.dll
[2007/04/25 10:11:56 | 00,067,320 | ---- | C] () -- C:\WINDOWS\System32\ogg_vx.dll
[2007/04/21 14:34:41 | 00,471,552 | ---- | C] () -- C:\WINDOWS\System32\Smab.dll
[2007/04/21 14:34:41 | 00,027,648 | ---- | C] () -- C:\WINDOWS\System32\AVSredirect.dll
[2007/04/05 22:47:20 | 00,209,040 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeW7.dll
[2007/04/05 22:47:19 | 00,204,944 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeA6.dll
[2007/04/05 22:47:19 | 00,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeP6.dll
[2007/04/05 22:47:19 | 00,196,752 | ---- | C] () -- C:\WINDOWS\System32\IVIresizeM6.dll
[2007/04/05 22:47:19 | 00,192,656 | ---- | C] () -- C:\WINDOWS\System32\IVIresizePX.dll
[2007/04/05 22:47:19 | 00,024,720 | ---- | C] () -- C:\WINDOWS\System32\IVIresize.dll
[2007/03/25 22:30:14 | 00,000,069 | ---- | C] () -- C:\WINDOWS\NeroDigital.ini
[2007/03/25 14:51:04 | 00,000,579 | ---- | C] () -- C:\WINDOWS\cdplayer.ini
[2007/03/20 20:37:04 | 00,014,848 | ---- | C] () -- C:\WINDOWS\System32\BASSMOD.dll
[2007/03/16 01:02:27 | 00,000,527 | ---- | C] () -- C:\WINDOWS\ULEAD32.INI
[2007/03/14 20:42:32 | 00,013,304 | ---- | C] () -- C:\WINDOWS\System32\drivers\BTNetFilter.sys
[2007/03/14 20:42:32 | 00,011,860 | ---- | C] () -- C:\WINDOWS\System32\drivers\vbtenum.sys
[2007/03/12 22:18:54 | 00,000,067 | ---- | C] () -- C:\WINDOWS\#1 Video Converter.INI
[2007/03/08 23:48:29 | 00,001,125 | ---- | C] () -- C:\WINDOWS\winamp.ini
[2007/03/08 23:41:28 | 00,077,824 | ---- | C] () -- C:\WINDOWS\System32\nod.dll
[2007/03/08 23:40:58 | 00,000,079 | ---- | C] () -- C:\WINDOWS\System32\fscagent.ini
[2007/03/08 23:40:58 | 00,000,000 | ---- | C] () -- C:\WINDOWS\System32\fscflist.ini
[2007/03/04 21:04:30 | 00,248,320 | ---- | C] () -- C:\Documents and Settings\Christine Chow\Local Settings\Application Data\DCBC2A71-70D8-4DAN-EHR8-E0D61DEA3FDF.ini
[2007/03/03 23:20:02 | 00,157,184 | R--- | C] () -- C:\WINDOWS\System32\RTLCPAPI.dll
[2007/03/03 23:11:08 | 00,013,906 | ---- | C] () -- C:\WINDOWS\Ascd_tmp.ini
[2007/03/03 23:11:08 | 00,005,810 | R--- | C] () -- C:\WINDOWS\System32\drivers\ASACPI.sys
[2007/03/03 23:11:04 | 00,005,824 | ---- | C] () -- C:\WINDOWS\System32\drivers\ASUSHWIO.SYS
[2007/03/03 23:08:40 | 00,507,976 | R--- | C] () -- C:\WINDOWS\System32\nview.dll
[2007/03/03 23:08:40 | 00,352,330 | R--- | C] () -- C:\WINDOWS\System32\nvshell.dll
[2007/03/03 23:08:35 | 00,037,684 | R--- | C] () -- C:\WINDOWS\System32\drivers\vgauti.sys
[2007/03/03 23:08:35 | 00,037,684 | R--- | C] () -- C:\WINDOWS\System32\drivers\msicpl.sys
[2007/03/03 22:13:31 | 00,100,928 | ---- | C] () -- C:\Documents and Settings\Christine Chow\Local Settings\Application Data\GDIPFONTCACHEV1.DAT
[2007/03/03 21:54:04 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\Christine Chow\Application Data\desktop.ini
[2007/03/03 21:37:40 | 00,000,062 | -HS- | C] () -- C:\Documents and Settings\All Users\Application Data\desktop.ini
[2006/03/09 16:01:24 | 00,053,248 | ---- | C] () -- C:\WINDOWS\System32\ahook.dll
[2005/01/12 11:08:50 | 00,032,768 | ---- | C] () -- C:\WINDOWS\System32\SafeIE.dll
[2004/11/25 15:30:44 | 00,184,320 | ---- | C] () -- C:\WINDOWS\System32\dmvm.dll
[2004/08/12 20:00:00 | 00,000,984 | ---- | C] () -- C:\WINDOWS\win.ini
[2004/08/12 20:00:00 | 00,000,227 | ---- | C] () -- C:\WINDOWS\system.ini
[2004/02/28 02:58:24 | 00,006,144 | ---- | C] () -- C:\WINDOWS\System32\msjmfas.dll
========== LOP Check ========== [2009/10/20 22:22:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\All Users\Application Data
[2009/06/03 22:50:28 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\{8CD7F5AF-ECFA-4793-BF40-D8F42DBFF906}
[2009/07/23 23:42:58 | 00,000,000 | -H-D | M] -- C:\Documents and Settings\All Users\Application Data\{EF63305C-BAD7-4144-9208-D65528260864}
[2009/10/14 17:47:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\ArcSoft
[2007/08/30 21:20:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\FLEXnet
[2007/12/27 19:26:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\GRETECH
[2007/12/12 21:05:27 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Grid
[2008/07/09 03:02:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\InterVideo
[2007/03/20 01:57:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Locktime
[2007/12/08 01:58:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\mvcache
[2007/03/14 21:24:20 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\PC Suite
[2009/09/13 21:20:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\SmartSound Software Inc
[2009/09/12 13:06:44 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\System Restore
[2009/10/23 00:40:07 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\TEMP
[2007/03/22 01:19:56 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Tencent
[2007/08/30 19:39:45 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Thunder Network
[2008/01/11 21:13:26 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\thunder_dctemp
[2007/08/12 16:22:10 | 00,000,000 | -HSD | M] -- C:\Documents and Settings\All Users\Application Data\thunder_vod_cache
[2009/09/13 21:10:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\Ulead Systems
[2009/01/10 01:39:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\vucache
[2007/03/03 23:48:57 | 00,000,000 | ---D | M] -- C:\Documents and Settings\All Users\Application Data\WinZip
[2009/10/20 22:22:53 | 00,000,000 | RH-D | M] -- C:\Documents and Settings\Christine Chow\Application Data
[2008/08/17 02:19:15 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Ahead
[2009/10/14 17:46:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\ArcSoft
[2007/09/01 14:18:48 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\DataCast
[2007/04/26 14:35:24 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\DataLayer
[2009/02/12 02:31:02 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\DNA
[2009/09/06 03:57:14 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\FileZilla
[2009/10/16 00:56:05 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\FireShot
[2007/05/08 00:39:06 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\FlashGet
[2009/10/02 00:14:36 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Geniesoft
[2008/08/06 01:38:32 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\GlarySoft
[2007/03/17 17:28:53 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\GlobalSCAPE
[2007/12/27 19:26:29 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\GRETECH
[2007/06/12 23:44:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\iebook
[2007/04/22 21:49:40 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\LEAPS
[2007/03/20 02:00:08 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Locktime
[2008/01/19 22:20:01 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\MegauploadToolbar
[2009/08/25 22:51:35 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\miroko
[2009/10/03 00:32:51 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\MSNShell
[2007/04/26 15:14:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Nokia
[2007/04/26 15:14:21 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Nokia 多媒體播放器
[2007/03/14 21:24:23 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\PC Suite
[2007/03/25 18:38:49 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Pegasys Inc
[2009/10/13 02:09:13 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\ppStream
[2007/11/29 23:07:34 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Samsung
[2007/05/10 22:15:47 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Screenshot Sender
[2009/02/07 03:24:18 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Tencent
[2009/09/14 13:23:16 | 00,000,000 | ---D | M] -- C:\Documents and Settings\Christine Chow\Application Data\Ulead Systems
[2009/10/22 23:43:19 | 00,000,412 | ---- | M] () -- C:\WINDOWS\Tasks\Ad-Aware Update (Weekly).job
[2009/10/14 22:44:10 | 00,000,284 | ---- | M] () -- C:\WINDOWS\Tasks\AppleSoftwareUpdate.job
[2004/08/12 20:00:00 | 00,000,065 | RH-- | M] () -- C:\WINDOWS\Tasks\desktop.ini
[2009/10/23 00:14:18 | 00,000,540 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineCore.job
[2009/10/22 23:54:15 | 00,000,544 | ---- | M] () -- C:\WINDOWS\Tasks\GoogleUpdateTaskMachineUA.job
[2009/10/23 00:13:16 | 00,000,006 | -H-- | M] () -- C:\WINDOWS\Tasks\SA.DAT
========== Purity Check ========== ========== Custom Scans ========== < etsvcs > < %SYSTEMDRIVE%\*.exe > < %systemroot%\system32\eventlog.dll >[2008/04/15 18:54:31 | 00,056,320 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\eventlog.dll
[1 C:\WINDOWS\system32\*.tmp files]
< %systemroot%\system32\scecli.dll >[2008/04/15 18:54:37 | 00,172,544 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\scecli.dll
[1 C:\WINDOWS\system32\*.tmp files]
< %systemroot%\netlogon.dll > < %systemroot%\system32\cngaudit.dll > < %systemroot%\system32\sceclt.dll > < %systemroot%\ntelogon.dll > < %systemroot%\system32\logevent.dll > < %systemroot%\system32\drivers\iaStor.sys > < %systemroot%\System32\drivers\nvstor.sys > < %systemroot%\system32\drivers\atapi.sys >[2008/04/14 02:40:30 | 00,096,512 | ---- | M] (Microsoft Corporation) -- C:\WINDOWS\system32\drivers\atapi.sys
< %systemroot%\system32\drivers\IdeChnDr.sys > ========== Alternate Data Streams ========== @Alternate Data Stream - 133 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:DFC5A2B2
@Alternate Data Stream - 121 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:3CD562B4
@Alternate Data Stream - 112 bytes -> C:\Documents and Settings\All Users\Application Data\TEMP:1940DBE8
========== Files - Unicode (All) ==========[2009/10/12 02:01:27 | 00,043,183 | ---- | M] ()(C:\Documents and Settings\Christine Chow\桌面\?.txt) -- C:\Documents and Settings\Christine Chow\桌面\殇.txt
[2009/10/12 02:01:26 | 00,043,183 | ---- | C] ()(C:\Documents and Settings\Christine Chow\桌面\?.txt) -- C:\Documents and Settings\Christine Chow\桌面\殇.txt
[2007/06/02 18:46:05 | 00,012,934 | ---- | M] ()(C:\Documents and Settings\Christine Chow\My Documents\??前加入??日期 For D5.5.docx) -- C:\Documents and Settings\Christine Chow\My Documents\标题前加入发贴日期 For D5.5.docx
[2007/06/02 18:46:05 | 00,012,934 | ---- | C] ()(C:\Documents and Settings\Christine Chow\My Documents\??前加入??日期 For D5.5.docx) -- C:\Documents and Settings\Christine Chow\My Documents\标题前加入发贴日期 For D5.5.docx
< End of report >
---------------------------------
Extras.Txt from OTL-----------
OTL Extras logfile created on: 22/10/2009 PM 11:11:39 - Run 1
OTL by OldTimer - Version 3.0.21.0 Folder = C:\Documents and Settings\Christine Chow\桌面\*制造器\防毒
Windows XP Home Edition Service Pack 3 (Version = 5.1.2600) - Type = NTWorkstation
Internet Explorer (Version = 8.0.6001.18702)
Locale: 00000C04 | Country: 香港特別行政區 | Language: ZHH | Date Format: d/M/yyyy
1.50 Gb Total Physical Memory | 0.85 Gb Available Physical Memory | 56.72% Memory free
2.11 Gb Paging File | 1.31 Gb Available in Paging File | 62.09% Paging File free
Paging file location(s): C:\pagefile.sys 768 1536 [binary data]
%SystemDrive% = C: | %SystemRoot% = C:\WINDOWS | %ProgramFiles% = C:\Program Files
Drive C: | 153.38 Gb Total Space | 16.28 Gb Free Space | 10.61% Space Free | Partition Type: NTFS
D: Drive not present or media not loaded
E: Drive not present or media not loaded
F: Drive not present or media not loaded
G: Drive not present or media not loaded
H: Drive not present or media not loaded
I: Drive not present or media not loaded
Drive T: | 931.51 Gb Total Space | 638.59 Gb Free Space | 68.55% Space Free | Partition Type: NTFS
Computer Name: CHRISTINE
Current User Name: Christine Chow
Logged in as Administrator.
Current Boot Mode: Normal
Scan Mode: Current user
Company Name Whitelist: On
Skip Microsoft Files: On
File Age = 14 Days
Output = Standard
Quick Scan
========== Extra Registry (SafeList) ========== ========== File Associations ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<extension>]
.chm [@ = chm.file] -- C:\WINDOWS\hh.exe (Microsoft Corporation)
.html [@ = htmlfile] -- C:\Program Files\Internet Explorer\IEXPLORE.EXE (Microsoft Corporation)
.txt [@ = txtfile] -- C:\WINDOWS\notepad.exe (Microsoft Corporation)
[HKEY_CURRENT_USER\SOFTWARE\Classes\<extension>]
.html [@ = FirefoxHTML] -- C:\Program Files\Mozilla Firefox\firefox.exe (Mozilla Corporation)
========== Shell Spawning ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Classes\<key>\shell\[command]\command]
batfile [open] -- "%1" %* File not found
chm.file [open] -- "%SYSTEMROOT%\hh.exe" %1 (Microsoft Corporation)
cmdfile [open] -- "%1" %* File not found
comfile [open] -- "%1" %* File not found
exefile [open] -- "%1" %* File not found
htmlfile [edit] -- "C:\Program Files\Microsoft Office\Office12\msohtmed.exe" %1 (Microsoft Corporation)
htmlfile [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
htmlfile [opennew] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
http [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
https [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" -nohome (Microsoft Corporation)
piffile [open] -- "%1" %* File not found
regfile [merge] -- Reg Error: Key error.
scrfile [config] -- "%1" File not found
scrfile [install] -- rundll32.exe desk.cpl,InstallScreenSaver %l (Microsoft Corporation)
scrfile [open] -- "%1" /S File not found
txtfile [edit] -- Reg Error: Key error.
txtfile [open] -- C:\WINDOWS\notepad.exe %1 (Microsoft Corporation)
Directory [AAW2007] -- C:\Program Files\Lavasoft\Ad-Aware\Ad-Aware.exe /scanfolder "%1" (Lavasoft)
Directory [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Directory [Playback] -- "C:\Program Files\TTPlayer\TTPlayer.exe" "%1" (Alen Soft)
Directory [PlayList] -- "C:\Program Files\TTPlayer\TTPlayer.exe" /a "%1" (Alen Soft)
Folder [open] -- %SystemRoot%\Explorer.exe /idlist,%I,%L (Microsoft Corporation)
Folder [explore] -- %SystemRoot%\Explorer.exe /e,/idlist,%I,%L (Microsoft Corporation)
Drive [find] -- %SystemRoot%\Explorer.exe (Microsoft Corporation)
Applications\iexplore.exe [open] -- "C:\Program Files\Internet Explorer\IEXPLORE.EXE" %1 (Microsoft Corporation)
CLSID\{871C5380-42A0-1069-A2EA-08002B30309D} [OpenHomePage] -- "%programfiles%\internet explorer\iexplore.exe" (Microsoft Corporation)
========== Security Center Settings ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center]
"FirstRunDisabled" = 1
"AntiVirusDisableNotify" = 0
"FirewallDisableNotify" = 0
"UpdatesDisableNotify" = 0
"AntiVirusOverride" = 0
"FirewallOverride" = 0
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\AhnlabAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ComputerAssociatesAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\KasperskyAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\McAfeeFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\PandaFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SophosAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\SymantecFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TinyFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendAntiVirus]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\TrendFirewall]
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Security Center\Monitoring\ZoneLabsFirewall]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile]
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\GloballyOpenPorts\List]
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile]
"EnableFirewall" = 1
"DoNotAllowExceptions" = 0
"DisableNotifications" = 0
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\GloballyOpenPorts\List]
"13794:TCP" = 13794:TCP:*:Enabled:BitComet 13794 TCP
"13794:UDP" = 13794:UDP:*:Enabled:BitComet 13794 UDP
"2895:TCP" = 2895:TCP:*:Enabled:Foxy (202.80.133.26:2895) 2895 TCP
"2895:UDP" = 2895:UDP:*:Enabled:Foxy (202.80.133.26:2895) 2895 UDP
"1900:UDP" = 1900:UDP:LocalSubNet:Enabled:@xpsp2res.dll,-22007
"2869:TCP" = 2869:TCP:LocalSubNet:Enabled:@xpsp2res.dll,-22008
"8921:TCP" = 8921:TCP:*:Enabled:BitComet 8921 TCP
"8921:UDP" = 8921:UDP:*:Enabled:BitComet 8921 UDP
"18112:TCP" = 18112:TCP:*:Enabled:BitComet 18112 TCP
"18112:UDP" = 18112:UDP:*:Enabled:BitComet 18112 UDP
"26755:TCP" = 26755:TCP:*:Enabled:BitComet 26755 TCP
"26755:UDP" = 26755:UDP:*:Enabled:BitComet 26755 UDP
"139:TCP" = 139:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22004
"445:TCP" = 445:TCP:LocalSubNet:Disabled:@xpsp2res.dll,-22005
"137:UDP" = 137:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22001
"138:UDP" = 138:UDP:LocalSubNet:Disabled:@xpsp2res.dll,-22002
"10007:TCP" = 10007:TCP:*:Enabled:BitComet 10007 TCP
"10007:UDP" = 10007:UDP:*:Enabled:BitComet 10007 UDP
========== Authorized Applications List ========== [HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\DomainProfile\AuthorizedApplications\List]
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
[HKEY_LOCAL_MACHINE\SYSTEM\CurrentControlSet\Services\SharedAccess\Parameters\FirewallPolicy\StandardProfile\AuthorizedApplications\List]
"C:\Program Files\ICQ\Icq.exe" = C:\Program Files\ICQ\Icq.exe:*:Enabled:ICQ -- (ICQ Inc.)
"C:\WINDOWS\system32\fscagent.exe" = C:\WINDOWS\system32\fscagent.exe:*:Enabled:???? ???? ?? -- (Nowcom Co., Ltd.)
"C:\WINDOWS\system32\clubbox.exe" = C:\WINDOWS\system32\clubbox.exe:*:Enabled:贗毀夢蝶 橾瞪歎 婦葬濠 -- (Nowcom, Co. LTD.)
"C:\WINDOWS\system32\grdmgr.exe" = C:\WINDOWS\system32\grdmgr.exe:*:Enabled:CDN ???? ?? -- (???)
"C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe" = C:\Program Files\GlobalSCAPE\CuteFTP 8 Professional\ftpte.exe:*:Enabled:FTP Transfer Engine -- (GlobalSCAPE Texas, LP.)
"C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe" = C:\Program Files\Common Files\Ahead\Nero Web\SetupX.exe:*:Enabled:Nero ProductSetup -- (Nero AG)
"C:\Program Files\TVAnts\Tvants.exe" = C:\Program Files\TVAnts\Tvants.exe:*:Enabled:TVAnts -- (Zhejiang University)
"C:\Program Files\Tencent\QQGame\QQGame.exe" = C:\Program Files\Tencent\QQGame\QQGame.exe:*:Enabled:QQGame -- (深圳市騰訊計算机系統有限公司)
"C:\Program Files\GuildFTPd\GuildFTPd.exe" = C:\Program Files\GuildFTPd\GuildFTPd.exe:*:Enabled:GuildFTPd FTP Server Deamon -- ()
"C:\Program Files\NextLink\GOGOBOX\GFSCAgent.exe" = C:\Program Files\NextLink\GOGOBOX\GFSCAgent.exe:*:Enabled:GOGOBOX檔案傳送Daemon -- (NextLink Co., Ltd.)
"C:\Program Files\NextLink\GOGOBOX\gogobox.exe" = C:\Program Files\NextLink\GOGOBOX\gogobox.exe:*:Enabled:gogobox檔案傳送管理者 -- (NextLink, Co. LTD.)
"%windir%\Network Diagnostic\xpnetdiag.exe" = %windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000 -- (Microsoft Corporation)
"C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe" = C:\Program Files\K-Lite Codec Pack\Media Player Classic\mplayerc.exe:*:Disabled:Media Player Classic -- (mpc-hc@Sourceforge)
"C:\WINDOWS\system32\cytwsvr.exe" = C:\WINDOWS\system32\cytwsvr.exe:*:Enabled:Cyworld Taiwan BGM Player -- (Cyworld Taiwan)
"C:\Program Files\GridService\peer.exe" = C:\Program Files\GridService\peer.exe:*:Enabled:muse peer -- (FS2YOU)
"C:\Program Files\BitComet\BitComet.exe" = C:\Program Files\BitComet\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\Tudou\Tudou\TudouVa.exe" = C:\Program Files\Tudou\Tudou\TudouVa.exe:*:Enabled:?速Tudou -- (土豆网(www.tudou.com))
"C:\Program Files\FlashGet\FlashGet.exe" = C:\Program Files\FlashGet\FlashGet.exe:*:Enabled:Flashget -- (FlashGet.com)
"C:\Program Files\PPStream\PPStream.exe" = C:\Program Files\PPStream\PPStream.exe:*:Enabled:PPS厙釐萇弝 -- (PPStream Inc.)
"C:\Program Files\PPStream\PPSAP.exe" = C:\Program Files\PPStream\PPSAP.exe:*:Enabled:PPS 厙釐樓厒 -- (PPStream Inc)
"C:\Program Files\DNA\btdna.exe" = C:\Program Files\DNA\btdna.exe:*:Enabled:DNA -- (BitTorrent, Inc.)
"C:\Installed\BitComet魂 0.98\BitComet-NDA\BitComet.exe" = C:\Installed\BitComet魂 0.98\BitComet-NDA\BitComet.exe:*:Enabled:BitComet - a BitTorrent Client -- (www.BitComet.com)
"C:\Program Files\Tudou\iTudou\iTudou.exe" = C:\Program Files\Tudou\iTudou\iTudou.exe:*:Enabled:iTudou -- (土豆网)
"C:\Documents and Settings\Christine Chow\桌面\NDSL\ezbuilder_fullpackage_20070427\setup\lighttpd\lighttpd.exe" = C:\Documents and Settings\Christine Chow\桌面\NDSL\ezbuilder_fullpackage_20070427\setup\lighttpd\lighttpd.exe:*:Enabled:lighttpd -- ()
"C:\Program Files\easyMule\emule.exe" = C:\Program Files\easyMule\emule.exe:*:Enabled:easyMule -- (
http://www.verycd.com)
"C:\Program Files\Thunder Network\WebThunder\WebThunder.exe" = C:\Program Files\Thunder Network\WebThunder\WebThunder.exe:*:Enabled:WebThunder -- (深圳市迅雷网?技?有限公司)
"C:\Program Files\Windows Live\Messenger\wlcsdk.exe" = C:\Program Files\Windows Live\Messenger\wlcsdk.exe:*:Enabled:Windows Live Call -- (Microsoft Corporation)
"C:\Program Files\Bonjour\mDNSResponder.exe" = C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour -- (Apple Inc.)
"C:\Program Files\NATEON\BIN\NateOnMain.exe" = C:\Program Files\NATEON\BIN\NateOnMain.exe:*:Enabled:NATE ON -- (SK Communications)
"C:\Program Files\PPStream\update\ppstreamsetup-update090811.exe" = C:\Program Files\PPStream\update\ppstreamsetup-update090811.exe:*:Enabled:PPStream Installer -- (PPStream Inc.)
"C:\Program Files\Windows Live\Messenger\msnmsgr.exe" = C:\Program Files\Windows Live\Messenger\msnmsgr.exe:*:Enabled:Windows Live Messenger -- (Microsoft Corporation)
"C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe" = C:\Program Files\Windows Live\Sync\WindowsLiveSync.exe:*:Enabled:Windows Live Sync -- (Microsoft Corporation)
"C:\Documents and Settings\Christine Chow\桌面\nEOiMAGING_311_tw_ZARD\nEO iMAGING\nEOiMAGING.exe" = C:\Documents and Settings\Christine Chow\桌面\nEOiMAGING_311_tw_ZARD\nEO iMAGING\nEOiMAGING.exe:*:Enabled:光影魔術手 -- (nEO Software)
========== HKEY_LOCAL_MACHINE Uninstall List ========== [HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"{002D9D5E-29BA-3E6D-9BC4-3D7D6DBC735C}" = Microsoft Visual C++ 2008 ATL Update kb973924 - x86 9.0.30729.4148
"{0046FA01-C5B9-4985-BACB-398DC480FC05}" = Adobe Photoshop CS3
"{04AF207D-9A77-465A-8B76-991F6AB66245}" = Adobe Help Viewer CS3
"{08B32819-6EEF-4057-AEDA-5AB681A36A23}" = Adobe Bridge Start Meeting
"{0967A7D8-FD69-4FB3-BC98-D5B85F9A6F45}" = Windows Live Toolbar
"{0C34B801-6AEC-4667-B053-03A67E2D0415}" = Apple Application Support
"{0FF1922C-B6C4-40BB-AF30-BEF75A482444}" = Nokia Connectivity Cable Driver
"{18455581-E099-4BA8-BC6B-F34B2F06600C}" = Google Toolbar for Internet Explorer
"{184CE391-7E0E-4C63-9935-D7A10EDFD3C6}" = Adobe WinSoft Linguistics Plugin
"{205C6BDD-7B73-42DE-8505-9A093F35A238}" = Windows Live 上載工具
"{226DED00-5B8B-4877-AEF6-C41E00B57E36}" = Windows Live Mail
"{22B775E7-6C42-4FC5-8E10-9A5E3257BD94}" = MSVCRT
"{2318C2B1-4965-11d4-9B18-009027A5CD4F}" = Google Toolbar for Internet Explorer
"{26A24AE4-039D-4CA4-87B4-2F83216016FF}" = Java 6 Update 16
"{29E5EA97-5F74-4A57-B8B2-D4F169117183}" = Adobe Stock Photos CS3
"{32A3A4F4-B792-11D6-A78A-00B0D0160130}" = Java SE Development Kit 6 Update 13
"{350C97B6-3D7C-4EE8-BAA9-00BCB3D54227}" = WebFldrs XP
"{3B4E636E-9D65-4D67-BA61-189800823F52}" = Windows Live Communications Platform
"{43FFE159-3199-4188-A1CD-629166AD1028}" = Nero 7 Ultra Edition
"{459DDD17-D825-4FBF-B437-693E7D44F5B3}" = Windows Live Writer
"{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"{4CBA3D4C-8F51-4D60-B27E-F6B641C571E7}" = Microsoft Search Enhancement Pack
"{4E4F8EE0-43EC-4AB9-9A04-702F2AE7E229}" = Windows Live 登入小幫手
"{51846830-E7B2-4218-8968-B77F0FF475B8}" = Adobe Color EU Extra Settings
"{521AAD14-5030-44BB-8B0E-5CE65FCE57E0}" = InterVideo DeviceService
"{54793AA1-5001-42F4-ABB6-C364617C6078}" = Adobe Linguistics CS3
"{56C049BE-79E9-4502-BEA7-9754A3E60F9B}" = neroxml
"{57F0ED40-8F11-41AA-B926-4A66D0D1A9CC}" = Microsoft Office Live Add-in 1.3
"{5832EEB8-7E3F-4608-B51F-8015B76EC7A4}_is1" = Extra.YouTube Picker 1.6.6
"{587178E7-B1DF-494E-9838-FA4DD36E873C}" = AsusUpdate
"{6956856F-B6B3-4BE0-BA0B-8F495BE32033}" = Apple Software Update
"{697E41EA-AEBE-4B5F-884E-87B5CD6C70AC}" = 네이트온
"{6ABE0BEE-D572-4FE8-B434-9E72A289431B}" = Adobe Fonts All
"{6FF5DD7A-FE28-4439-B8CF-1E9AF4EA0A61}" = Adobe Asset Services CS3
"{7299052b-02a4-4627-81f2-1818da5d550d}" = Microsoft Visual C++ 2005 Redistributable
"{7396F7C8-EDD8-4473-BF6A-2CE4996716E1}" = JavaFX 1.1 SDK
"{770657D0-A123-3C07-8E44-1C83EC895118}" = Microsoft Visual C++ 2005 ATL Update kb973923 - x86 8.0.50727.4053
"{7AC15160-A49B-4A89-B181-D4619C025FFF}" = Samsung Samples Installer
"{7B63B2922B174135AFC0E1377DD81EC2}" = DivX Codec
"{802771A9-A856-4A41-ACF7-1450E523C923}" = Adobe XMP Panels CS3
"{8A74E887-8F0F-4017-AF53-CBA42211AAA5}" = Microsoft Sync Framework Runtime Native v1.0 (x86)
"{8ADFC4160D694100B5B8A22DE9DCABD9}" = DivX Player
"{8AF3E926-ED59-11D4-A44B-0000E86D2305}" = Ulead GIF Animator 5 ESD
"{8D2BA474-F406-4710-9AE4-D4F22D21F0DD}" = Adobe Device Central CS3
"{8D4942F1-D5EB-40A7-9D7B-07F8ED1B71E9}" = TMPGEnc DVD Author 3 with DivX Authoring
"{8E6808E2-613D-4FCD-81A2-6C8FA8E03312}" = Adobe Type Support
"{8F6E4272-B797-4523-8A4E-9FF01E1E0B16}" = Ulead DVD MovieFactory 5
"{90120000-0010-0404-0000-0000000FF1CE}" = Microsoft Software Update for Web Folders (Chinese (Traditional)) 12
"{90120000-0011-0000-0000-0000000FF1CE}" = Microsoft Office Professional Plus 2007
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{3D019598-7B59-447A-80AE-815B703B84FF}" = Security Update for Microsoft Office system 2007 (972581)
"{90120000-0011-0000-0000-0000000FF1CE}_PROPLUS_{BEE75E01-DD3F-4D5F-B96C-609E6538D419}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0015-0404-0000-0000000FF1CE}" = Microsoft Office Access MUI (Chinese (Traditional)) 2007
"{90120000-0015-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0016-0404-0000-0000000FF1CE}" = Microsoft Office Excel MUI (Chinese (Traditional)) 2007
"{90120000-0016-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0018-0404-0000-0000000FF1CE}" = Microsoft Office PowerPoint MUI (Chinese (Traditional)) 2007
"{90120000-0018-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0019-0404-0000-0000000FF1CE}" = Microsoft Office Publisher MUI (Chinese (Traditional)) 2007
"{90120000-0019-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001A-0404-0000-0000000FF1CE}" = Microsoft Office Outlook MUI (Chinese (Traditional)) 2007
"{90120000-001A-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001B-0404-0000-0000000FF1CE}" = Microsoft Office Word MUI (Chinese (Traditional)) 2007
"{90120000-001B-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0404-0000-0000000FF1CE}" = Microsoft Office Proof (Chinese (Traditional)) 2007
"{90120000-001F-0404-0000-0000000FF1CE}_PROPLUS_{6197A9A1-87C4-4899-80A7-C555C31F95E4}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-001F-0409-0000-0000000FF1CE}" = Microsoft Office Proof (English) 2007
"{90120000-001F-0409-0000-0000000FF1CE}_PROPLUS_{3EC77D26-799B-4CD8-914F-C1565E796173}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-0028-0404-0000-0000000FF1CE}" = Microsoft Office IME (Chinese (Traditional)) 2007
"{90120000-0028-0404-0000-0000000FF1CE}_PROPLUS_{5CE74E24-2E09-4547-A1E0-354688209BBA}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-002C-0404-0000-0000000FF1CE}" = Microsoft Office Proofing (Chinese (Traditional)) 2007
"{90120000-0044-0404-0000-0000000FF1CE}" = Microsoft Office InfoPath MUI (Chinese (Traditional)) 2007
"{90120000-0044-0404-0000-0000000FF1CE}_PROPLUS_{85AA1E0E-550A-4C3B-80CE-27CD8E172608}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90120000-006E-0404-0000-0000000FF1CE}" = Microsoft Office Shared MUI (Chinese (Traditional)) 2007
"{90120000-006E-0404-0000-0000000FF1CE}_PROPLUS_{327A849D-1627-4C07-8B62-C5364804968F}" = 2007 Microsoft Office Suite Service Pack 1 (SP1)
"{90176341-0A8B-4CCC-A78D-F862228A6B95}" = Adobe Anchor Service CS3
"{91F34319-08DE-457a-99C0-0BCDFAC145B9}" = CuteFTP 8 Professional
"{9465CD4C-1CE3-47EB-896C-C17C02BEA48C}" = Windows Live Call
"{95120000-00B9-0409-0000-0000000FF1CE}" = Microsoft Application Error Reporting
"{95655ED4-7CA5-46DF-907F-7144877A32E5}" = Adobe Color NA Recommended Settings
"{961D35E8-D426-3E2E-8222-F4FFD9E104FD}" = Google Gears
"{998D6972-F58E-479D-9248-8F179E55AE38}" = Java DB 10.4.1.3
"{9A25302D-30C0-39D9-BD6F-21E6EC160475}" = Microsoft Visual C++ 2008 Redistributable - x86 9.0.30729.17
"{9BE49A86-2A62-4B0B-A763-EACBCD84E82F}" = Samsung PC Studio
"{9C9824D9-9000-4373-A6A5-D0E5D4831394}" = Adobe Bridge CS3
"{A1F66FC9-11EE-4F2F-98C9-16F8D1E69FB7}" = Segoe UI
"{A2B242BD-FF8D-4840-9DAA-9170EABEC59C}" = Adobe CMaps
"{A2D81E70-2A98-4A08-A628-94388B063C5E}" = Adobe Color - Photoshop Specific
"{A3051CD0-2F64-3813-A88D-B8DCCDE8F8C7}" = Microsoft .NET Framework 3.0 Service Pack 2
"{A429C2AE-EBF1-4F81-A221-1C115CAADDAD}" = QuickTime
"{A92DAB39-4E2C-4304-9AB6-BC44E68B55E2}" = Google Update Helper
"{AC5B0C19-D851-42F4-BDA0-410ECF7F70A5}" = PDF Settings
"{AC76BA86-7AD7-1028-7B44-A91000000001}" = Adobe Reader 9.1.3 - Chinese Traditional
"{AE156750-B9B5-4063-84F7-22FF638AF350}" = Windows Live Messenger
"{B13A7C41581B411290FBC0395694E2A9}" = DivX Converter
"{B3BF6689-A81D-40D8-9A86-4AC4ACD9FC1C}" = Adobe Camera Raw 4.0
"{B5FDA445-CAC4-4BA6-A8FB-A7212BD439DE}" = Microsoft XML Parser
"{B7050CBDB2504B34BC2A9CA0A692CC29}" = DivX Web Player
"{B9B35331-B7E4-4E5C-BF4C-7BC87856124D}" = Adobe Default Language CS3
"{BD64AF4A-8C80-4152-AD77-FCDDF05208AB}" = Microsoft Sync Framework Services Native v1.0 (x86)
"{C09FB3CD-3D0C-3F2D-899A-6A1D67F2073F}" = Microsoft .NET Framework 2.0 Service Pack 2
"{C19BE821-89B1-4A96-AC7C-873810C0CB5F}" = ContentSAFER for Wizmax
"{C20CE592-B0F8-4D20-BF31-0151CA6331A6}" = Samsung Media Studio 5
"{C2D69781-F392-4118-A5A7-C7E9C38DBFC2}" = Adobe ExtendScript Toolkit 2
"{C4A4722E-79F9-417C-BD72-8D359A090C97}" = Samsung PC Studio
"{CA567AD5-33A4-403D-86D1-EE2D38251951}_is1" = VDownloader 0.77
"{CE2CDD62-0124-36CA-84D3-9F4DCF5C5BD9}" = Microsoft .NET Framework 3.5 SP1
"{D050D7362D214723AD585B541FFB6C11}" = DivX Content Uploader
"{D05C84EC-3A0F-4EA2-8404-2179259FFDAB}" = Windows Live 影像中心
"{D0DFF92A-492E-4C40-B862-A74A173C25C5}" = Adobe Version Cue CS3 Client
"{D1BB4446-AE9C-4256-9A7F-4D46604D2462}" = Adobe Setup
"{D2559B88-CC9D-4B48-81BB-F492BAA9C48C}" = Adobe PDF Library Files
"{DADD7B8A-BCB0-44F5-967A-ECB6B4F2ECD9}" = Adobe Color Common Settings
"{DD7DB3C5-6FA3-4FA3-8A71-C2F2940EB029}" = Adobe Color JA Extra Settings
"{DE789653-D04E-47C7-8717-9EC340922B34}" = Windows Live Sync
"{DE7ED7D4-B603-4678-8CFD-09BD55C2A736}" = Windows Live 程式集
"{DED53B0B-B67C-4244-AE6A-D6FD3C28D1EF}" = Ad-Aware
"{E2DFE069-083E-4631-9B6C-43C48E991DE5}" = Junk Mail filter update
"{E38C00D0-A68B-4318-A8A6-F7D4B5B1DF0E}" = Windows Media 編碼器 9 系列
"{E69AE897-9E0B-485C-8552-7841F48D42D8}" = Adobe Update Manager CS3
"{E8F8652B-D212-437E-9917-0ACCA9B092CE}" = Office Multimedia Keyboard Driver
"{E8FF78D0-4D1C-4B2D-AC80-670F135F5461}" = Poladroid
"{EBA29752-DDD2-4B62-B2E3-9841F92A3E3A}" = Samsung PC Studio 3 USB Driver Installer
"{EEED2879-F4AB-430A-998C-801D0E5B9C1E}" = KBS Kong v3
"{F0B430D1-B6AA-473D-9B06-AA3DD01FD0B8}" = Microsoft SQL Server 2005 Compact Edition [ENU]
"{F0E12BBA-AD66-4022-A453-A1C8A0C4D570}" = Microsoft Choice Guard
"{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = VideoStudio
"{F5F5ABB8-87EA-47A7-8CC6-E68AFC2D3BC0}" = TMPGEnc Sound Player
"{F7338FA3-DAB5-49B2-900D-0AFB5760C166}" = PC Probe II
"{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = VideoStudio
"{FF059F2A-62A7-4E6A-B305-559591D2769E}" = Nokia 電腦端套件
"2220-8135-6210-5880" = miroko 1.0.2(16000)
"7-Zip" = 7-Zip 4.42
"Ad-Aware" = Ad-Aware
"Adobe Flash Player ActiveX" = Adobe Flash Player ActiveX
"Adobe Flash Player Plugin" = Adobe Flash Player 10 Plugin
"Adobe_2ac78060bc5856b0c1cf873bb919b58" = Adobe Photoshop CS3
"Allok 3GP PSP MP4 iPod Video Converter_is1" = Allok 3GP PSP MP4 iPod Video Converter 5.2.0202
"Allok RM RMVB to AVI MPEG DVD Converter_is1" = Allok RM RMVB to AVI MPEG DVD Converter 1.5.0
"Allok Video to DVD Burner_is1" = Allok Video to DVD Burner 1.0.4
"arswp3" = ArSwp3
"avast!" = avast! Antivirus
"AVI MPEG RM WMV Splitter_is1" = AVI/MPEG/RM/WMV Splitter 4.28
"Avira AntiVir Desktop" = Avira AntiVir Personal - Free Antivirus
"AviSynth" = AviSynth 2.5
"BandwidthSimulator" = RealPlayer Bandwidth Simulator
"BitComet" = BitComet(比特彗星) 1.15
"Boilsoft Video Splitter_is1" = Boilsoft Video Splitter 5.16
"Clubbox 橾瞪歎婦葬濠" = Clubbox 橾瞪歎婦葬濠
"easyMule" = easyMule
"FileZilla Client" = FileZilla Client 3.2.7.1
"FlashGet" = FlashGet 1.9.4.1063
"GOGOBOX檔案傳送管理者" = GOGOBOX檔案傳送管理者
"GOM Player" = GOM Player
"goot" = goot
"GuildFTPd" = GuildFTPd FTP Deamon
"HijackThis" = HijackThis 2.0.2
"ICQ" = ICQ
"IDNMitigationAPIs" = Microsoft Internationalized Domain Names Mitigation APIs
"ie7" = Windows Internet Explorer 7
"ie8" = Windows Internet Explorer 8
"InstallShield_{4A7FDA4D-F4D7-4A49-934A-066D59A43C7E}" = SmartSound Quicktracks Plugin
"InstallShield_{E8F8652B-D212-437E-9917-0ACCA9B092CE}" = Office Multimedia Keyboard Driver
"InstallShield_{F0FDF9C9-1DDC-401F-B638-36F1CAE8A875}" = Corel VideoStudio 12
"InstallShield_{F99F9E24-EE2F-47FD-AEB0-FDB82859B5C9}" = Ulead VideoStudio 11
"KLiteCodecPack_is1" = K-Lite Codec Pack 4.4.5 (Full)
"Lame MP3 Codec (for the ACM)" = Lame ACM MP3 Codec
"Malwarebytes' Anti-Malware_is1" = Malwarebytes' Anti-Malware
"megauploadtoolbar" = Megaupload Toolbar
"Microsoft .NET Framework 3.5 SP1" = Microsoft .NET Framework 3.5 SP1
"Mozilla Firefox (3.5.3)" = Mozilla Firefox (3.5.3)
"MSCompPackV1" = Microsoft Compression Client Pack 1.0 for Windows XP
"MSN Font Color Editor_is1" = MSN Font Color Editor 4.2
"MSNShell" = MSNShell 5
"NLSDownlevelMapping" = Microsoft National Language Support Downlevel APIs
"No-IP.com DUC" = No-IP.com DUC (remove only)
"NVIDIA" = NVIDIA Windows 2000/XP Display Drivers
"PPStream" = PPS網路電視 V2.6.86.8898 Final
"PPStream賜醱痺 AquaOS_is1" = AquaOS
"PPStream賜醱痺 Noire_is1" = Noire
"PPStream賜醱痺 vladstudio_is1" = vladstudio
"PPS網路電視" = PPS網路電視
"PROPLUS" = Microsoft Office Professional Plus 2007
"RaySource" = RaySource 2.1.10.8242
"RealPlayer 12.0" = RealPlayer
"Riva FLV Encoder 2.0_is1" = Riva FLV Encoder 2.0
"RM Converter_is1" = RM Converter 4.12
"SAMSUNG CDMA Modem" = SAMSUNG CDMA Modem Driver Set
"SAMSUNG Mobile USB Modem" = SAMSUNG Mobile USB Modem Software
"SAMSUNG Mobile USB Modem 1.0" = SAMSUNG Mobile USB Modem 1.0 Software
"Spyware Doctor" = Spyware Doctor 6.0
"TencentMediaPlayer" = Tencent Media Player by Viewpoint
"TTPlayer" = 千千靜聽 5.5Beta
"TVAnts 1.0" = TVAnts 1.0
"TVAnts ActiveX Control 1.0" = TVAnts ActiveX Control 1.0
"Video-AVI to GIF Converter_is1" = Video-AVI to GIF Converter v2.0.10a9 - Free Version
"Vodafone 804SS USB driver" = SAMSUNG Mobile USB Modem ^^
"WebThunder" = WEB捃濘
"Win AVI HelixSDK_is1" = Win AVI HelixSDK
"WinAVIVideoConverter_is1" = WinAVIVideoConverter
"Windows Live OneCare safety scanner" = Windows Live OneCare safety scanner
"Windows Media Encoder 9" = Windows Media 編碼器 9 系列
"Windows Media Format Runtime" = Windows Media Format 11 runtime
"Windows Media Player" = Windows Media Player 11
"Windows XP Service Pack" = Windows XP Service Pack 3
"WinLiveSuite_Wave3" = Windows Live 程式集
"WinRAR archiver" = WinRAR 壓縮工具
"WMFDist11" = Windows Media Format 11 runtime
"wmp11" = Windows Media Player 11
"Wudf01000" = Microsoft User-Mode Driver Framework Feature Pack 1.0
"XviD_is1" = XviD MPEG-4 Video Codec
"Yahoo! Anti-Spy" = Yahoo! 反間諜軟件
"Yahoo! Companion" = Yahoo! 工具列
"Yahoo! 聰明筆" = Yahoo! 聰明筆
"YInstHelper" = Yahoo! Install Manager
"贗毀夢蝶 橾瞪歎婦葬濠" = 贗毀夢蝶 橾瞪歎婦葬濠
========== HKEY_CURRENT_USER Uninstall List ========== [HKEY_CURRENT_USER\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall]
"BitTorrent DNA" = DNA
"MilitaryGame App" = MilitaryGame App
========== Last 10 Event Log Errors ========== [ Antivirus Events ]
Error - 18/1/2009 PM 3:53:49 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Christine Chow\Local Settings\Temporary Internet Files\Content.IE5\E3AEXXZN\common[1].js
failed, 00000005.
Error - 18/1/2009 PM 3:57:22 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Christine Chow\Local Settings\Temporary Internet Files\Content.IE5\E3AEXXZN\common[1].js
failed, 00000005.
Error - 18/1/2009 PM 4:13:40 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\Documents and Settings\Christine Chow\Local Settings\Temporary Internet Files\Content.IE5\01SSOC11\common[2].js
failed, 00000005.
Error - 11/6/2009 AM 1:07:09 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\SoftwareDistribution\Download\6a13a9dee10b4cdf557a94b2d5993b7e\BIT3.tmp
failed, 00000026.
Error - 15/7/2009 PM 1:33:18 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
C:\WINDOWS\SoftwareDistribution\Download\742b42e5c6232e70f6661deb46cd972e\BIT68.tmp
failed, 00000026.
Error - 24/8/2009 PM 12:10:42 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://big5.pconline...01/1209620.html failed, 00000084.
Error - 9/10/2009 PM 11:37:39 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://www.youtube.com/ failed, 00000070.
Error - 13/10/2009 AM 11:02:43 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://apps.facebook.../buddy_list.php failed, 00000070.
Error - 13/10/2009 AM 11:10:26 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - scanning error: x_AavmCheckFileDirectEx: avfilesScanReal of
http://apps.facebook.../buddy_list.php failed, 00000070.
Error - 18/10/2009 AM 9:03:55 | Computer Name = CHRISTINE | Source = avast! | ID = 33554522
Description = AAVM - initialization error: Unhandled exception in AavmProviderStop
[Inner], MAIL.
[ Application Events ]
Error - 18/10/2009 AM 9:02:42 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <
http://www.download....uthrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。
Error - 18/10/2009 AM 9:02:42 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131080
Description = 從 <
http://www.download....uthrootseq.txt> 自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。
Error - 18/10/2009 AM 9:02:43 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <
http://www.download....uthrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。
Error - 18/10/2009 AM 9:02:43 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131080
Description = 從 <
http://www.download....uthrootseq.txt> 自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。
Error - 18/10/2009 AM 9:02:43 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <
http://www.download....uthrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。
Error - 18/10/2009 AM 9:02:43 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131080
Description = 從 <
http://www.download....uthrootseq.txt> 自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。
Error - 18/10/2009 AM 9:02:43 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <
http://www.download....uthrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。
Error - 18/10/2009 AM 9:02:43 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131080
Description = 從 <
http://www.download....uthrootseq.txt> 自動更新廠商根清單順序數字發生失敗,錯誤: 這個網路連線不存在。
Error - 19/10/2009 AM 10:55:39 | Computer Name = CHRISTINE | Source = crypt32 | ID = 131083
Description = 無法從自動更新 CAB 檔案中(在: <
http://www.download....uthrootstl.cab>)將廠商根清單解壓縮,錯誤:
與目前的系統時鐘或簽署檔案的時間戳記核對時,所需的憑證不在有效日期內。
Error - 19/10/2009 PM 1:08:00 | Computer Name = CHRISTINE | Source = ESENT | ID = 490
Description = svchost (1124) 嘗試開啟檔案 "C:\WINDOWS\system32\CatRoot2\{127D0A1D-4EF2-11D1-8608-00C04FC295EE}\catdb"
供讀 / 寫存取失敗並出現系統錯誤 32 (0x00000020): "程序無法存取檔案,因為檔案正由另一個程序使用。 "。 開啟檔案作業將會失敗並出現錯誤
-1032 (0xfffffbf8)。
[ NetLimiter Events ]
Error - 7/5/2007 AM 5:54:06 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 8/5/2007 AM 2:11:15 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 8/5/2007 AM 3:57:18 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 8/5/2007 AM 5:11:30 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 9/5/2007 AM 12:53:25 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 9/5/2007 AM 1:02:22 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 9/5/2007 PM 1:39:11 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 10/5/2007 AM 1:37:11 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 10/5/2007 AM 7:03:38 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
Error - 10/5/2007 PM 12:54:30 | Computer Name = CHRISTINE | Source = NetLimiter 2 | ID = 1000
Description =
[ ODiag Events ]
Error - 2/6/2007 PM 3:53:43 | Computer Name = CHRISTINE | Source = Microsoft Office 12 Diagnostics | ID = 320
Description = An unexpected error occurred. Tag: 2kcz. Error code: N/A
[ OSession Events ]
Error - 14/6/2007 AM 10:56:54 | Computer Name = CHRISTINE | Source = Microsoft Office 12 Sessions | ID = 7001
Description = ID: 0, Application Name: Microsoft Office Word, Application Version:
12.0.4518.1014, Microsoft Office Version: 12.0.4518.1014. This session lasted 2945
seconds with 0 seconds of active time. This session ended with a crash.
[ System Events ]
Error - 19/10/2009 AM 11:52:52 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = Capture Device Service 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:52 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = B's Recorder GOLD Library General Service 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:52 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = Java Quick Starter 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:52 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = NoIPDUCService 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:52 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = NVIDIA Driver Helper Service 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:53 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = SeaPort 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:53 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = Ulead Burning Helper 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:59 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7034
Description = NMIndexingService 服務意外地終止。已經發生 1 次。
Error - 19/10/2009 AM 11:52:59 | Computer Name = CHRISTINE | Source = Service Control Manager | ID = 7031
Description = Lavasoft Ad-Aware Service 服務意外終止,服務曾完成這項動作 1 次。以下的修正操作將在 5000 毫秒內執行:
重新啟動服務。
Error - 20/10/2009 PM 2:35:23 | Computer Name = CHRISTINE | Source = PlugPlayManager | ID = 11
Description = 裝置 Root\LEGACY_CATCHME\0000 沒有先作移除的準備,就已經從系統中消失了。
< End of report >
----------------------
ROOTREPEAL © AD, 2007-2009
==================================================
Scan Start Time: 2009/10/23 00:54
Program Version: Version 1.3.5.0
Windows Version: Windows XP SP3
==================================================
Drivers
-------------------
Name: dump_atapi.sys
Image Path: C:\WINDOWS\System32\Drivers\dump_atapi.sys
Address: 0xB8AC0000 Size: 98304 File Visible: No Signed: -
Status: -
Name: dump_WMILIB.SYS
Image Path: C:\WINDOWS\System32\Drivers\dump_WMILIB.SYS
Address: 0xF79C7000 Size: 8192 File Visible: No Signed: -
Status: -
Name: mchInjDrv.sys
Image Path: C:\WINDOWS\system32\Drivers\mchInjDrv.sys
Address: 0xB5B59000 Size: 2560 File Visible: No Signed: -
Status: -
Name: rootrepeal.sys
Image Path: C:\WINDOWS\system32\drivers\rootrepeal.sys
Address: 0xB51F1000 Size: 49152 File Visible: No Signed: -
Status: -
SSDT
-------------------
#: 025 Function Name: NtClose
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb8b086b8
#: 041 Function Name: NtCreateKey
Status: Hooked by "<unknown>" at address 0xb8df41b6
#: 047 Function Name: NtCreateProcess
Status: Hooked by "PCTCore.sys" at address 0xf743a282
#: 048 Function Name: NtCreateProcessEx
Status: Hooked by "PCTCore.sys" at address 0xf743a474
#: 053 Function Name: NtCreateThread
Status: Hooked by "<unknown>" at address 0xb8df41ac
#: 063 Function Name: NtDeleteKey
Status: Hooked by "<unknown>" at address 0xb8df41bb
#: 065 Function Name: NtDeleteValueKey
Status: Hooked by "<unknown>" at address 0xb8df41c5
#: 068 Function Name: NtDuplicateObject
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb8b0814c
#: 098 Function Name: NtLoadKey
Status: Hooked by "<unknown>" at address 0xb8df41ca
#: 119 Function Name: NtOpenKey
Status: Hooked by "PCTCore.sys" at address 0xf744a3fa
#: 122 Function Name: NtOpenProcess
Status: Hooked by "<unknown>" at address 0xb8df4198
#: 128 Function Name: NtOpenThread
Status: Hooked by "<unknown>" at address 0xb8df419d
#: 177 Function Name: NtQueryValueKey
Status: Hooked by "C:\WINDOWS\System32\Drivers\aswSP.SYS" at address 0xb8b0876e
#: 192 Function Name: NtRenameKey
Status: Hooked by "PCTCore.sys" at address 0xf744c422
#: 193 Function Name: NtReplaceKey
Status: Hooked by "<unknown>" at address 0xb8df41d4
#: 204 Function Name: NtRestoreKey
Status: Hooked by "<unknown>" at address 0xb8df41cf
#: 247 Function Name: NtSetValueKey
Status: Hooked by "<unknown>" at address 0xb8df41c0
#: 257 Function Name: NtTerminateProcess
Status: Hooked by "<unknown>" at address 0xb8df41a7
==EOF====EOF==
------------------------------
About my computer ...
for sure ...it slow down too much, start up, opening new windows ...etc
stuck on the web pages...esp. facebook..
that's all ...thanks